{"vulnerability": "cve-2015-1012", "sightings": [{"uuid": "88ff2f24-8a38-4c6a-8d9d-f4bd68f439cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10126", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18475", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2015-10126\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The patch is identified as 503d9ee2482d27c065f78d9546f076a406189908. It is recommended to upgrade the affected component. VDB-241318 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2023-10-06T08:00:04.475Z\n\ud83d\udccf Modified: 2025-06-16T17:09:17.565Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.241318\n2. https://vuldb.com/?ctiid.241318\n3. https://github.com/wp-plugins/easy2map-photos/commit/503d9ee2482d27c065f78d9546f076a406189908", "creation_timestamp": "2025-06-16T17:37:47.000000Z"}, {"uuid": "b18793be-8e9c-408c-93f9-1dbcdc7e47fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10123", "type": "seen", "source": "https://t.me/ctinow/206534", "content": "https://ift.tt/wCUQquP\nCVE-2015-10123", "creation_timestamp": "2024-03-13T10:31:17.000000Z"}, {"uuid": "f189c3cf-96a3-4d5c-befa-f3a3093417cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10127", "type": "seen", "source": "https://t.me/arpsyndicate/2166", "content": "#ExploitObserverAlert\n\nCVE-2015-10127\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2015-10127. A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability.", "creation_timestamp": "2023-12-28T00:29:43.000000Z"}, {"uuid": "1c904537-61e3-4568-95b2-329cd3aa6615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10128", "type": "seen", "source": "https://t.me/cibsecurity/74181", "content": "\u203c\ufe0fCVE-2015-10128\u203c\ufe0f\n\nA vulnerability was found in rtprettyphoto Plugin up to 1.2 on WordPress and classified as problematic. Affected by this issue is the function royalprettyphotopluginlinks of the file rtprettyphoto.php. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.3 is able to address this issue. The patch is identified as 0d3d38cfa487481b66869e4212df1cefc281ecb7. It is recommended to upgrade the affected component. VDB249422 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:35:39.000000Z"}, {"uuid": "86647ace-2901-495c-a0dc-db477afc7ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10124", "type": "seen", "source": "https://t.me/cibsecurity/71415", "content": "\u203c CVE-2015-10124 \u203c\n\nA vulnerability was found in Most Popular Posts Widget Plugin up to 0.8 on WordPress. It has been classified as critical. Affected is the function add_views/show_views of the file functions.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 0.9 is able to address this issue. The patch is identified as a99667d11ac8d320006909387b100e9a8b5c12e1. It is recommended to upgrade the affected component. VDB-241026 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-02T18:45:26.000000Z"}, {"uuid": "2a0cf92a-8b32-49db-97dd-6cd618793d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10123", "type": "seen", "source": "https://t.me/ctinow/206532", "content": "https://ift.tt/wCUQquP\nCVE-2015-10123", "creation_timestamp": "2024-03-13T10:31:15.000000Z"}, {"uuid": "73dcfa3d-1a27-427c-aebc-8fe655884530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10128", "type": "seen", "source": "https://t.me/ctinow/171090", "content": "https://ift.tt/OvxZUNT\nCVE-2015-10128 | rt-prettyphoto Plugin up to 1.2 on WordPress rt-prettyphoto.php royal_prettyphoto_plugin_links cross site scripting", "creation_timestamp": "2024-01-22T11:12:06.000000Z"}, {"uuid": "b414a886-ab26-4109-b20b-1c37139678d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10129", "type": "seen", "source": "https://t.me/ctinow/192797", "content": "https://ift.tt/HBXfA23\nCVE-2015-10129 | planet-freo up to 20150116 admin/inc/auth.inc.php auth comparison", "creation_timestamp": "2024-02-25T09:41:49.000000Z"}, {"uuid": "8cc90826-3eea-4925-a6cc-4a18b6797791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10129", "type": "seen", "source": "https://t.me/ctinow/178693", "content": "https://ift.tt/fadZ6eY\nCVE-2015-10129", "creation_timestamp": "2024-02-04T06:21:52.000000Z"}, {"uuid": "81de9ed3-ada7-4523-bbd0-add04e5e0e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10128", "type": "seen", "source": "https://t.me/ctinow/161828", "content": "https://ift.tt/vFOUL76\nCVE-2015-10128", "creation_timestamp": "2024-01-02T15:26:46.000000Z"}, {"uuid": "a7c8b37b-6120-420d-88bf-105abd798e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10127", "type": "seen", "source": "https://t.me/ctinow/169890", "content": "https://ift.tt/YmQoZaC\nCVE-2015-10127 | PlusCaptcha Plugin up to 2.0.6 on WordPress cross site scripting", "creation_timestamp": "2024-01-18T19:26:50.000000Z"}, {"uuid": "e7d9b3fe-bf4b-432c-a18e-184b19c24402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10127", "type": "seen", "source": "https://t.me/ctinow/159382", "content": "https://ift.tt/sMjCtnb\nCVE-2015-10127", "creation_timestamp": "2023-12-26T18:26:38.000000Z"}, {"uuid": "6ef922cb-a488-476d-ac3c-8942851e549f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-1012", "type": "seen", "source": "https://t.me/cibsecurity/3335", "content": "ATENTION\u203c New - CVE-2015-1012\n\nWireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless capacity in a clinical setting. Hospira has developed a new version of the PCS Infusion System, version 7.0 that addresses the identified vulnerabilities. Version 7.0 has Port 20/FTP and Port 23/TELNET closed by default to prevent unauthorized access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-25T21:27:32.000000Z"}, {"uuid": "e8e5dc0a-71db-494a-9ad0-808e3fc8b5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10121", "type": "seen", "source": "https://t.me/cibsecurity/66254", "content": "\u203c CVE-2015-10121 \u203c\n\nA vulnerability has been found in Beeliked Microsite Plugin up to 1.0.1 on WordPress and classified as problematic. Affected by this vulnerability is the function embed_handler of the file beelikedmicrosite.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.0.2 is able to address this issue. The identifier of the patch is d23bafb5d05fb2636a2b78331f9d3fca152903dc. It is recommended to upgrade the affected component. The identifier VDB-233365 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-10T20:23:57.000000Z"}]}