https://db.gcve.eu/sightings/feed 2026-05-01T01:08:56.244661+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/0b39f2ab-759d-4ead-91ea-010f69722f3a/export 2026-05-01T01:08:56.463762+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "0b39f2ab-759d-4ead-91ea-010f69722f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22794", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzlxpqn2b", "content": "", "creation_timestamp": "2025-02-04T15:16:44.238563Z"} 2025-02-04T15:16:44.238563+00:00 https://db.gcve.eu/sighting/c79d9697-8c92-48f1-8c1e-e5f362669659/export 2026-05-01T01:08:56.463708+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "c79d9697-8c92-48f1-8c1e-e5f362669659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22794", "type": "seen", "source": "https://t.me/cvedetector/17209", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22794 - Landoweb Programador World Cup Predictor Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22794 \nPublished : Feb. 4, 2025, 3:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Landoweb Programador World Cup Predictor allows Reflected XSS. This issue affects World Cup Predictor: from n/a through 1.9.6. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T18:54:26.000000Z"} 2025-02-04T18:54:26+00:00 https://db.gcve.eu/sighting/dffc3be4-3e40-496f-8eb1-c190585a25aa/export 2026-05-01T01:08:56.463653+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "dffc3be4-3e40-496f-8eb1-c190585a25aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2279", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10409", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2279\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.\n\ud83d\udccf Published: 2025-04-04T06:00:04.641Z\n\ud83d\udccf Modified: 2025-04-04T06:00:04.641Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/cd87d7ba-86e9-45b6-a3cd-11f6486f0bd0/", "creation_timestamp": "2025-04-04T06:35:24.000000Z"} 2025-04-04T06:35:24+00:00 https://db.gcve.eu/sighting/ccbaec0f-9a33-4129-9016-ee4c7d97c8f7/export 2026-05-01T01:08:56.463595+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ccbaec0f-9a33-4129-9016-ee4c7d97c8f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2279", "type": "seen", "source": "https://t.me/cvedetector/22097", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2279 - Maps WordPress Plugin Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2279 \nPublished : April 4, 2025, 6:15 a.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T10:29:33.000000Z"} 2025-04-04T10:29:33+00:00 https://db.gcve.eu/sighting/2f96d54d-0096-4aa8-8308-7766cebc13a3/export 2026-05-01T01:08:56.463538+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2f96d54d-0096-4aa8-8308-7766cebc13a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22796", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12267", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22796\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in platcom WP-Asambleas allows Reflected XSS. This issue affects WP-Asambleas: from n/a through 2.85.0.\n\ud83d\udccf Published: 2025-04-17T15:17:15.649Z\n\ud83d\udccf Modified: 2025-04-17T15:48:47.224Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-asambleas/vulnerability/wordpress-wp-asambleas-plugin-2-85-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-17T15:57:53.000000Z"} 2025-04-17T15:57:53+00:00 https://db.gcve.eu/sighting/574e5717-0a33-4279-b1c3-141df5e7e496/export 2026-05-01T01:08:56.463476+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "574e5717-0a33-4279-b1c3-141df5e7e496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22792", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16878", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22792\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jinwen Js O3 Lite allows Reflected XSS.This issue affects Js O3 Lite: from n/a through 1.5.8.2.\n\ud83d\udccf Published: 2025-05-19T16:00:51.886Z\n\ud83d\udccf Modified: 2025-05-19T16:00:51.886Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/js-o3-lite/vulnerability/wordpress-js-o3-lite-theme-1-5-8-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-19T16:39:09.000000Z"} 2025-05-19T16:39:09+00:00 https://db.gcve.eu/sighting/91d98dfb-ef7f-40bb-b03e-27f134f7319a/export 2026-05-01T01:08:56.463406+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "91d98dfb-ef7f-40bb-b03e-27f134f7319a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22791", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16879", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22791\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twh offset writing allows Reflected XSS.This issue affects offset writing: from n/a through 1.2.\n\ud83d\udccf Published: 2025-05-19T16:00:27.992Z\n\ud83d\udccf Modified: 2025-05-19T16:00:27.992Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/offset-writing/vulnerability/wordpress-offset-writing-theme-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-19T16:39:10.000000Z"} 2025-05-19T16:39:10+00:00 https://db.gcve.eu/sighting/86dc9508-436c-425b-98a5-c3a77f07e8c7/export 2026-05-01T01:08:56.463348+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "86dc9508-436c-425b-98a5-c3a77f07e8c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22792", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2z7zlig2s", "content": "", "creation_timestamp": "2025-05-19T17:12:59.746953Z"} 2025-05-19T17:12:59.746953+00:00 https://db.gcve.eu/sighting/2f95bbff-1389-4102-be30-cecfe391f78a/export 2026-05-01T01:08:56.463268+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2f95bbff-1389-4102-be30-cecfe391f78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22790", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zb5w5r2h", "content": "", "creation_timestamp": "2025-05-19T17:13:05.541918Z"} 2025-05-19T17:13:05.541918+00:00 https://db.gcve.eu/sighting/8e58623e-d1d7-4739-9bef-eed8a4826ab4/export 2026-05-01T01:08:56.462090+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "8e58623e-d1d7-4739-9bef-eed8a4826ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22791", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zbbdve2w", "content": "", "creation_timestamp": "2025-05-19T17:13:06.183283Z"} 2025-05-19T17:13:06.183283+00:00