{"vulnerability": "CVE-2025-1525", "sightings": [{"uuid": "7d941631-7491-44ee-baea-ec9525dc5aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15254", "type": "published-proof-of-concept", "source": "Telegram/ZEJnYsZHqX5Eut_9g5J7wPdkoLK-csUqu0--sJzTbCnqPfg", "content": "", "creation_timestamp": "2026-01-03T01:31:54.000000Z"}, {"uuid": "5b651314-db27-4490-b0a4-0508d6cca382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1525", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmyj7hgssu2b", "content": "", "creation_timestamp": "2025-04-17T06:48:44.588592Z"}, {"uuid": "85e2f811-bf7c-4c04-901b-cb0685d8457a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15253", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115802407522418953", "content": "", "creation_timestamp": "2025-12-29T10:35:09.833388Z"}, {"uuid": "e214acbf-bac6-4c97-9f80-0cbb34290a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15255", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115802458596348796", "content": "", "creation_timestamp": "2025-12-29T10:48:09.124582Z"}, {"uuid": "3f7d7887-cfcb-4c83-b9da-2898f0acc092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15252", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb7vd56svo2y", "content": "", "creation_timestamp": "2025-12-30T17:38:01.610145Z"}, {"uuid": "77ea5a08-6d2c-40b0-b04f-1712fef2a72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15255", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb7vuzyy4x2q", "content": "", "creation_timestamp": "2025-12-30T17:48:13.361583Z"}, {"uuid": "b1ef292d-13ae-4b44-8208-4ebd20f281e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15253", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb7wgzszo62e", "content": "", "creation_timestamp": "2025-12-30T17:58:06.808672Z"}, {"uuid": "c9806b6b-f247-42c5-9395-e95cf59f718b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15255", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115859213033231080", "content": "", "creation_timestamp": "2026-01-08T11:21:33.026044Z"}, {"uuid": "91ba2632-2990-4442-8f37-016ba829f505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15254", "type": "published-proof-of-concept", "source": "Telegram/AJ_5frUWfVMgXsz6ov5LmCyDH5v32A_NpXQ0790WwYLSVDI", "content": "", "creation_timestamp": "2026-01-03T01:40:29.000000Z"}, {"uuid": "ceff89b7-57f8-4423-9143-4c17e6b5e253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15254", "type": "published-proof-of-concept", "source": "Telegram/eiRLPBKEhNaAGhdRD-ExRPInzL64wPUwrv_EV9K02huUSpQ", "content": "", "creation_timestamp": "2026-01-03T01:32:48.000000Z"}, {"uuid": "f1e9aaa1-3e46-496e-8e15-8b0fdb8fc946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15254", "type": "published-proof-of-concept", "source": "Telegram/B1MFw-gbuXHFXJEE5p09Z8OUAU90o2OVoNNY8IQb2WPApm8", "content": "", "creation_timestamp": "2026-01-03T01:47:34.000000Z"}, {"uuid": "3359c00e-7001-4b22-bdae-66b709183c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1525", "type": "seen", "source": "https://t.me/cvedetector/23220", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1525 - The Ultimate Dashboard WordPress Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-1525 \nPublished : April 17, 2025, 6:15 a.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : The Ultimate Dashboard  WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T10:28:16.000000Z"}, {"uuid": "5ef2fda2-cc75-4282-b1dc-39e87280a171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15254", "type": "published-proof-of-concept", "source": "Telegram/jQnD0pmYJq3LUMGWflxbssF7IsWLL3alnJjwNHzgRntJ-1Q", "content": "", "creation_timestamp": "2026-01-03T01:44:45.000000Z"}, {"uuid": "d8099883-9242-4ac3-bb90-e327e932956a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1525", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12194", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1525\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Ultimate Dashboard  WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-04-17T06:00:10.575Z\n\ud83d\udccf Modified: 2025-04-17T06:00:10.575Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/d457733f-72e9-45e2-ac07-4e1b94e46102/", "creation_timestamp": "2025-04-17T06:57:14.000000Z"}]}