{"vulnerability": "CVE-2025-5282", "sightings": [{"uuid": "7419e063-a5d1-4bba-b77b-bb311c16077f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52825", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls2jwwgwvn2m", "content": "", "creation_timestamp": "2025-06-20T17:13:08.023058Z"}, {"uuid": "d9584811-37c1-4397-8a6c-5e325ec69b4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52821", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls2krs2vwh2r", "content": "", "creation_timestamp": "2025-06-20T17:28:08.916695Z"}, {"uuid": "6c008a55-3e76-47e6-9558-cb7a40afc2a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52822", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls2ldoxg4q2o", "content": "", "creation_timestamp": "2025-06-20T17:38:09.871947Z"}, {"uuid": "54634a21-209f-40b1-a930-a8c75822a432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52824", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsluedzwgo23", "content": "", "creation_timestamp": "2025-06-27T14:34:51.097500Z"}, {"uuid": "d29f7ae1-25ee-4ad8-9909-e19a36b3c039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52826", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lslvhhjbht2r", "content": "", "creation_timestamp": "2025-06-27T14:54:29.054933Z"}, {"uuid": "e43f54bf-91db-4048-a659-fee163493a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52827", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lslvqfwjxq25", "content": "", "creation_timestamp": "2025-06-27T14:59:29.338142Z"}, {"uuid": "64fe8921-b11d-4352-9353-ea66ca2f9449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52829", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lslwlb7cg223", "content": "", "creation_timestamp": "2025-06-27T15:14:30.522908Z"}, {"uuid": "324d0490-71d4-4ac4-8e25-3d0461c9e599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52828", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lt5cflcd5w2a", "content": "", "creation_timestamp": "2025-07-04T13:01:20.114022Z"}, {"uuid": "ddea08ec-9c64-4f35-8ce4-190ca7642d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5282", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrhp5tpg2a2k", "content": "", "creation_timestamp": "2025-06-13T05:25:53.209063Z"}, {"uuid": "caf269e5-c121-40d8-88ab-b696a0f55581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52828", "type": "seen", "source": "MISP/1413a78e-c0b3-4092-97e7-909fb9773448", "content": "", "creation_timestamp": "2025-08-06T13:54:19.000000Z"}, {"uuid": "046ed69a-dc8e-4d27-90e6-7372bb12ca0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52828", "type": "seen", "source": "MISP/1413a78e-c0b3-4092-97e7-909fb9773448", "content": "", "creation_timestamp": "2025-08-14T11:44:21.000000Z"}, {"uuid": "8d16b5a0-22b8-49f3-9c53-af69ed8f8b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5282", "type": "seen", "source": "Telegram/HBqiitmPFPjCzeybdb4cPLxpUKa0lObpbFXMgDMnK3LlfUI", "content": "", "creation_timestamp": "2025-06-13T09:23:06.000000Z"}, {"uuid": "69d5fc01-e54a-4450-90f3-fff37c1c97a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52825", "type": "seen", "source": "Telegram/jX3P-npZhepmJEJEvfrnYKXIW1DnkYbd7t33-vEA6eR_gmU", "content": "", "creation_timestamp": "2025-06-20T16:17:11.000000Z"}, {"uuid": "b705cc64-0810-4a8f-ba6e-72117533f327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52822", "type": "seen", "source": "Telegram/jX3P-npZhepmJEJEvfrnYKXIW1DnkYbd7t33-vEA6eR_gmU", "content": "", "creation_timestamp": "2025-06-20T16:17:11.000000Z"}, {"uuid": "c017dbd6-8d44-4d4a-a198-e4d2bd5b7d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52821", "type": "seen", "source": "Telegram/jX3P-npZhepmJEJEvfrnYKXIW1DnkYbd7t33-vEA6eR_gmU", "content": "", "creation_timestamp": "2025-06-20T16:17:11.000000Z"}, {"uuid": "191917f9-64c6-4133-815f-f9335365bd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52825", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19223", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52825\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager allows Privilege Escalation. This issue affects Real Estate Manager: from n/a through 7.3.\n\ud83d\udccf Published: 2025-06-20T15:03:38.280Z\n\ud83d\udccf Modified: 2025-06-23T16:22:43.945Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-plugin-7-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-23T16:47:12.000000Z"}, {"uuid": "de57de2c-6960-4f7e-b9f1-db98ced2f112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52829", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19705", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52829\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DirectIQ DirectIQ Email Marketing allows SQL Injection. This issue affects DirectIQ Email Marketing: from n/a through 2.0.\n\ud83d\udccf Published: 2025-06-27T11:52:13.952Z\n\ud83d\udccf Modified: 2025-06-27T13:42:54.971Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/directiq-wp/vulnerability/wordpress-directiq-email-marketing-2-0-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-27T13:50:39.000000Z"}, {"uuid": "183891d3-1a2c-4067-a185-1263beae28a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5282", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5282\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: The WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_package() function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to delete arbitrary posts.\n\ud83d\udccf Published: 2025-06-13T03:41:45.148Z\n\ud83d\udccf Modified: 2025-06-13T03:41:45.148Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/ebc8d724-3936-42d8-8850-bc330c5221dc?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3305447/wp-travel-engine/tags/6.5.2/includes/classes/Core/Controllers/RestAPI/V2/Trip.php", "creation_timestamp": "2025-06-13T04:34:37.000000Z"}, {"uuid": "6dea3518-92a3-4123-87fb-3ea0ea740361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52822", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19224", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52822\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WP Roadmap allows SQL Injection. This issue affects WP Roadmap: from n/a through 2.1.3.\n\ud83d\udccf Published: 2025-06-20T15:03:38.743Z\n\ud83d\udccf Modified: 2025-06-23T16:22:38.071Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-roadmap/vulnerability/wordpress-wp-roadmap-plugin-2-1-3-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-23T16:47:16.000000Z"}, {"uuid": "89d926e4-0f3e-4f2e-928a-48fdab14170e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52821", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19225", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52821\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager allows SQL Injection. This issue affects Video List Manager: from n/a through 1.7.\n\ud83d\udccf Published: 2025-06-20T15:03:39.230Z\n\ud83d\udccf Modified: 2025-06-23T16:22:32.396Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/video-list-manager/vulnerability/wordpress-video-list-manager-plugin-1-7-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-23T16:47:18.000000Z"}]}