https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 09 Jun 2026 23:06:19 +0000 https://vulnerability.circl.lu/sighting/a5dfa749-44f4-4695-9707-060e9fd3baf1/export {"uuid": "a5dfa749-44f4-4695-9707-060e9fd3baf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23806", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo7b52br2x", "content": "", "creation_timestamp": "2025-01-22T15:21:00.575728Z"} {"uuid": "a5dfa749-44f4-4695-9707-060e9fd3baf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23806", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo7b52br2x", "content": "", "creation_timestamp": "2025-01-22T15:21:00.575728Z"} https://vulnerability.circl.lu/sighting/a5dfa749-44f4-4695-9707-060e9fd3baf1/export Wed, 22 Jan 2025 15:21:00 +0000 https://vulnerability.circl.lu/sighting/2f1f8dba-2797-4c77-9775-36ac57d224f5/export {"uuid": "2f1f8dba-2797-4c77-9775-36ac57d224f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2558", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23809\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Blue Wrench Video Widget allows Reflected XSS. This issue affects Blue Wrench Video Widget: from n/a through 2.1.0.\n\ud83d\udccf Published: 2025-01-22T15:42:33.469Z\n\ud83d\udccf Modified: 2025-01-22T15:42:33.469Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/blue-wrench-videos-widget/vulnerability/wordpress-blue-wrench-video-widget-plugin-2-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:46.000000Z"} {"uuid": "2f1f8dba-2797-4c77-9775-36ac57d224f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2558", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23809\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Blue Wrench Video Widget allows Reflected XSS. This issue affects Blue Wrench Video Widget: from n/a through 2.1.0.\n\ud83d\udccf Published: 2025-01-22T15:42:33.469Z\n\ud83d\udccf Modified: 2025-01-22T15:42:33.469Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/blue-wrench-videos-widget/vulnerability/wordpress-blue-wrench-video-widget-plugin-2-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:46.000000Z"} https://vulnerability.circl.lu/sighting/2f1f8dba-2797-4c77-9775-36ac57d224f5/export Wed, 22 Jan 2025 16:01:46 +0000 https://vulnerability.circl.lu/sighting/b6c6e413-0b11-4fcf-b9e0-2008674702e7/export {"uuid": "b6c6e413-0b11-4fcf-b9e0-2008674702e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdrc7hgsg2x", "content": "", "creation_timestamp": "2025-01-22T16:16:20.803135Z"} {"uuid": "b6c6e413-0b11-4fcf-b9e0-2008674702e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdrc7hgsg2x", "content": "", "creation_timestamp": "2025-01-22T16:16:20.803135Z"} https://vulnerability.circl.lu/sighting/b6c6e413-0b11-4fcf-b9e0-2008674702e7/export Wed, 22 Jan 2025 16:16:20 +0000 https://vulnerability.circl.lu/sighting/9b84e43d-8848-47f6-a17a-5e49b3335190/export {"uuid": "9b84e43d-8848-47f6-a17a-5e49b3335190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgdsv5mnu42r", "content": "", "creation_timestamp": "2025-01-22T16:44:53.166967Z"} {"uuid": "9b84e43d-8848-47f6-a17a-5e49b3335190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgdsv5mnu42r", "content": "", "creation_timestamp": "2025-01-22T16:44:53.166967Z"} https://vulnerability.circl.lu/sighting/9b84e43d-8848-47f6-a17a-5e49b3335190/export Wed, 22 Jan 2025 16:44:53 +0000 https://vulnerability.circl.lu/sighting/43abef39-4974-4337-8621-100bf6debf5b/export {"uuid": "43abef39-4974-4337-8621-100bf6debf5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23803", "type": "seen", "source": "https://t.me/cvedetector/16107", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23803 - PQINA Snippy CSRF Reflected XSS\", \n \"Content\": \"CVE ID : CVE-2025-23803 \nPublished : Jan. 22, 2025, 3:15 p.m. | 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue affects Snippy: from n/a through 1.4.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T17:13:48.000000Z"} {"uuid": "43abef39-4974-4337-8621-100bf6debf5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23803", "type": "seen", "source": "https://t.me/cvedetector/16107", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23803 - PQINA Snippy CSRF Reflected XSS\", \n \"Content\": \"CVE ID : CVE-2025-23803 \nPublished : Jan. 22, 2025, 3:15 p.m. | 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue affects Snippy: from n/a through 1.4.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T17:13:48.000000Z"} https://vulnerability.circl.lu/sighting/43abef39-4974-4337-8621-100bf6debf5b/export Wed, 22 Jan 2025 17:13:48 +0000 https://vulnerability.circl.lu/sighting/57fb76d2-70e9-4a5c-8a9d-d0ac6e16fae6/export {"uuid": "57fb76d2-70e9-4a5c-8a9d-d0ac6e16fae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23806", "type": "seen", "source": "https://t.me/cvedetector/16109", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23806 - ThemeFarmer Ultimate Subscribe CSRF Reflected XSS\", \n \"Content\": \"CVE ID : CVE-2025-23806 \nPublished : Jan. 22, 2025, 3:15 p.m. | 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows Reflected XSS. This issue affects Ultimate Subscribe: from n/a through 1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T17:13:50.000000Z"} {"uuid": "57fb76d2-70e9-4a5c-8a9d-d0ac6e16fae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23806", "type": "seen", "source": "https://t.me/cvedetector/16109", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23806 - ThemeFarmer Ultimate Subscribe CSRF Reflected XSS\", \n \"Content\": \"CVE ID : CVE-2025-23806 \nPublished : Jan. 22, 2025, 3:15 p.m. | 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows Reflected XSS. This issue affects Ultimate Subscribe: from n/a through 1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T17:13:50.000000Z"} https://vulnerability.circl.lu/sighting/57fb76d2-70e9-4a5c-8a9d-d0ac6e16fae6/export Wed, 22 Jan 2025 17:13:50 +0000 https://vulnerability.circl.lu/sighting/cca8d461-975d-4eb8-a576-3076b5fd6163/export {"uuid": "cca8d461-975d-4eb8-a576-3076b5fd6163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "seen", "source": "https://t.me/cvedetector/16114", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23809 - Blue Wrench Video Widget Cross-site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2025-23809 \nPublished : Jan. 22, 2025, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Blue Wrench Video Widget allows Reflected XSS. This issue affects Blue Wrench Video Widget: from n/a through 2.1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:04:03.000000Z"} {"uuid": "cca8d461-975d-4eb8-a576-3076b5fd6163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23809", "type": "seen", "source": "https://t.me/cvedetector/16114", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23809 - Blue Wrench Video Widget Cross-site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2025-23809 \nPublished : Jan. 22, 2025, 4:15 p.m. | 44\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Blue Wrench Video Widget allows Reflected XSS. This issue affects Blue Wrench Video Widget: from n/a through 2.1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:04:03.000000Z"} https://vulnerability.circl.lu/sighting/cca8d461-975d-4eb8-a576-3076b5fd6163/export Wed, 22 Jan 2025 18:04:03 +0000 https://vulnerability.circl.lu/sighting/979e6661-99dc-4336-bfec-17e301d5b254/export {"uuid": "979e6661-99dc-4336-bfec-17e301d5b254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2380", "type": "published-proof-of-concept", "source": "Telegram/k2hWLXjvKh8ojTF1EeSN0Mqc987DrfNzj7Aa-hb_f1HoriQ", "content": "", "creation_timestamp": "2025-03-17T16:33:06.000000Z"} {"uuid": "979e6661-99dc-4336-bfec-17e301d5b254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2380", "type": "published-proof-of-concept", "source": "Telegram/k2hWLXjvKh8ojTF1EeSN0Mqc987DrfNzj7Aa-hb_f1HoriQ", "content": "", "creation_timestamp": "2025-03-17T16:33:06.000000Z"} https://vulnerability.circl.lu/sighting/979e6661-99dc-4336-bfec-17e301d5b254/export Mon, 17 Mar 2025 16:33:06 +0000 https://vulnerability.circl.lu/sighting/66514261-8f03-4f14-af1d-4d5ee94b9ee6/export {"uuid": "66514261-8f03-4f14-af1d-4d5ee94b9ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2380", "type": "seen", "source": "https://t.me/cvedetector/20478", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2380 - PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2380 \nPublished : March 17, 2025, 2:15 p.m. | 1\u00a0hour, 34\u00a0minutes ago \nDescription : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T17:28:11.000000Z"} {"uuid": "66514261-8f03-4f14-af1d-4d5ee94b9ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2380", "type": "seen", "source": "https://t.me/cvedetector/20478", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2380 - PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2380 \nPublished : March 17, 2025, 2:15 p.m. | 1\u00a0hour, 34\u00a0minutes ago \nDescription : A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T17:28:11.000000Z"} https://vulnerability.circl.lu/sighting/66514261-8f03-4f14-af1d-4d5ee94b9ee6/export Mon, 17 Mar 2025 17:28:11 +0000 https://vulnerability.circl.lu/sighting/0c2e12dd-b3ee-477e-a300-76eb57430f4e/export {"uuid": "0c2e12dd-b3ee-477e-a300-76eb57430f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2380", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklphu3x5w2k", "content": "", "creation_timestamp": "2025-03-17T17:45:50.593829Z"} {"uuid": "0c2e12dd-b3ee-477e-a300-76eb57430f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2380", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklphu3x5w2k", "content": "", "creation_timestamp": "2025-03-17T17:45:50.593829Z"} https://vulnerability.circl.lu/sighting/0c2e12dd-b3ee-477e-a300-76eb57430f4e/export Mon, 17 Mar 2025 17:45:50 +0000