Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 13 May 2026 08:56:38 +0000 5b7f33ed-21af-4847-8c24-47bf92aac3e1 https://db.gcve.eu/sighting/5b7f33ed-21af-4847-8c24-47bf92aac3e1/export {"uuid": "5b7f33ed-21af-4847-8c24-47bf92aac3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3607\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating a password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.\n\ud83d\udccf Published: 2025-04-24T08:23:49.815Z\n\ud83d\udccf Modified: 2025-04-24T08:23:49.815Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/b06ce1e4-5cfb-415d-ad09-db194d6b4354?source=cve\n2. https://plugins.trac.wordpress.org/browser/frontend-login-and-registration-blocks/trunk/inc/class-flr-blocks-lost-password.php#L115", "creation_timestamp": "2025-04-24T09:12:18.000000Z"} {"uuid": "5b7f33ed-21af-4847-8c24-47bf92aac3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3607\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating a password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.\n\ud83d\udccf Published: 2025-04-24T08:23:49.815Z\n\ud83d\udccf Modified: 2025-04-24T08:23:49.815Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/b06ce1e4-5cfb-415d-ad09-db194d6b4354?source=cve\n2. https://plugins.trac.wordpress.org/browser/frontend-login-and-registration-blocks/trunk/inc/class-flr-blocks-lost-password.php#L115", "creation_timestamp": "2025-04-24T09:12:18.000000Z"} https://db.gcve.eu/sighting/5b7f33ed-21af-4847-8c24-47bf92aac3e1/export Thu, 24 Apr 2025 09:12:18 +0000 aa4437f2-6078-4e53-aa5d-2e37097354be https://db.gcve.eu/sighting/aa4437f2-6078-4e53-aa5d-2e37097354be/export {"uuid": "aa4437f2-6078-4e53-aa5d-2e37097354be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnkhz7moqe2h", "content": "", "creation_timestamp": "2025-04-24T10:15:14.941489Z"} {"uuid": "aa4437f2-6078-4e53-aa5d-2e37097354be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnkhz7moqe2h", "content": "", "creation_timestamp": "2025-04-24T10:15:14.941489Z"} https://db.gcve.eu/sighting/aa4437f2-6078-4e53-aa5d-2e37097354be/export Thu, 24 Apr 2025 10:15:14 +0000 e6ce33ac-0959-48e9-8009-5afd2c5649e0 https://db.gcve.eu/sighting/e6ce33ac-0959-48e9-8009-5afd2c5649e0/export {"uuid": "e6ce33ac-0959-48e9-8009-5afd2c5649e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114392779969102740", "content": "", "creation_timestamp": "2025-04-24T11:48:23.557627Z"} {"uuid": "e6ce33ac-0959-48e9-8009-5afd2c5649e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114392779969102740", "content": "", "creation_timestamp": "2025-04-24T11:48:23.557627Z"} https://db.gcve.eu/sighting/e6ce33ac-0959-48e9-8009-5afd2c5649e0/export Thu, 24 Apr 2025 11:48:23 +0000 21ade291-7fe6-440d-b801-f0420d7be587 https://db.gcve.eu/sighting/21ade291-7fe6-440d-b801-f0420d7be587/export {"uuid": "21ade291-7fe6-440d-b801-f0420d7be587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://t.me/cvedetector/23661", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3607 - WordPress Frontend Login and Registration Blocks Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-3607 \nPublished : April 24, 2025, 9:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating a password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T13:03:48.000000Z"} {"uuid": "21ade291-7fe6-440d-b801-f0420d7be587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "https://t.me/cvedetector/23661", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3607 - WordPress Frontend Login and Registration Blocks Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-3607 \nPublished : April 24, 2025, 9:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating a password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T13:03:48.000000Z"} https://db.gcve.eu/sighting/21ade291-7fe6-440d-b801-f0420d7be587/export Thu, 24 Apr 2025 13:03:48 +0000 9f8de588-3029-4dad-95e1-b84fa33840b1 https://db.gcve.eu/sighting/9f8de588-3029-4dad-95e1-b84fa33840b1/export {"uuid": "9f8de588-3029-4dad-95e1-b84fa33840b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36072", "type": "seen", "source": "https://gist.github.com/alon710/f39a833c23bdff96bcb050e0cd1225a4", "content": "", "creation_timestamp": "2026-01-24T22:44:28.000000Z"} {"uuid": "9f8de588-3029-4dad-95e1-b84fa33840b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36072", "type": "seen", "source": "https://gist.github.com/alon710/f39a833c23bdff96bcb050e0cd1225a4", "content": "", "creation_timestamp": "2026-01-24T22:44:28.000000Z"} https://db.gcve.eu/sighting/9f8de588-3029-4dad-95e1-b84fa33840b1/export Sat, 24 Jan 2026 22:44:28 +0000 753ec69d-4dc4-4238-823c-8487a773efb2 https://db.gcve.eu/sighting/753ec69d-4dc4-4238-823c-8487a773efb2/export {"uuid": "753ec69d-4dc4-4238-823c-8487a773efb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36070", "type": "seen", "source": "https://gist.github.com/alon710/3cd23cebef7257f32a75f9f6feb76b89", "content": "", "creation_timestamp": "2026-01-31T14:40:51.000000Z"} {"uuid": "753ec69d-4dc4-4238-823c-8487a773efb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36070", "type": "seen", "source": "https://gist.github.com/alon710/3cd23cebef7257f32a75f9f6feb76b89", "content": "", "creation_timestamp": "2026-01-31T14:40:51.000000Z"} https://db.gcve.eu/sighting/753ec69d-4dc4-4238-823c-8487a773efb2/export Sat, 31 Jan 2026 14:40:51 +0000 186f977a-3c48-4333-83ee-abe90bdc2ebf https://db.gcve.eu/sighting/186f977a-3c48-4333-83ee-abe90bdc2ebf/export {"uuid": "186f977a-3c48-4333-83ee-abe90bdc2ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36070", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "186f977a-3c48-4333-83ee-abe90bdc2ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36070", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://db.gcve.eu/sighting/186f977a-3c48-4333-83ee-abe90bdc2ebf/export Thu, 19 Mar 2026 00:00:00 +0000 20258940-49c4-4ecf-aabb-ba651b653326 https://db.gcve.eu/sighting/20258940-49c4-4ecf-aabb-ba651b653326/export {"uuid": "20258940-49c4-4ecf-aabb-ba651b653326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "Telegram/zzVaCcI8H13L6EppQM7gDC4JwhMbW_aJOyorRR1ADu6mf38", "content": "", "creation_timestamp": "2026-04-08T23:30:12.000000Z"} {"uuid": "20258940-49c4-4ecf-aabb-ba651b653326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3607", "type": "seen", "source": "Telegram/zzVaCcI8H13L6EppQM7gDC4JwhMbW_aJOyorRR1ADu6mf38", "content": "", "creation_timestamp": "2026-04-08T23:30:12.000000Z"} https://db.gcve.eu/sighting/20258940-49c4-4ecf-aabb-ba651b653326/export Wed, 08 Apr 2026 23:30:12 +0000