{"vulnerability": "CVE-2025-2228", "sightings": [{"uuid": "088636af-ed67-42d1-96a6-2bd98c89e93f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "3b8d804a-10d3-4d75-8517-1200568cf79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "ab3d47e1-70db-4d34-b415-5e1ee0e70de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "790a5658-8cbe-4aad-b047-3cabea9129c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4721", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22286\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes \u2013 Worldwide Express Edition allows Reflected XSS. This issue affects LTL Freight Quotes \u2013 Worldwide Express Edition: from n/a through 5.0.21.\n\ud83d\udccf Published: 2025-02-16T22:17:16.594Z\n\ud83d\udccf Modified: 2025-02-16T22:17:16.594Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ltl-freight-quotes-worldwide-express-edition/vulnerability/wordpress-ltl-freight-quotes-worldwide-express-edition-plugin-5-0-21-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-17T00:43:00.000000Z"}, {"uuid": "1e596057-30e3-40be-bce0-29d6645bcf6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22285", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10462", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22285\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Eniture Technology Pallet Packaging for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through 1.1.15.\n\ud83d\udccf Published: 2025-04-04T13:53:34.223Z\n\ud83d\udccf Modified: 2025-04-04T13:53:34.223Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/pallet-packaging-for-woocommerce/vulnerability/wordpress-pallet-packaging-for-woocommerce-plugin-1-1-15-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T14:36:10.000000Z"}, {"uuid": "18bd813e-6ecb-4c1a-bbd6-e1457280a7d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "https://t.me/cvedetector/18212", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22289 - Unishippers LTL Freight Quotes Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22289 \nPublished : Feb. 16, 2025, 11:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : Missing Authorization vulnerability in NotFound LTL Freight Quotes \u2013 Unishippers Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LTL Freight Quotes \u2013 Unishippers Edition: from n/a through 2.5.8. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T01:29:36.000000Z"}, {"uuid": "e7bba16b-9a49-4c21-b8c4-10a7e55e70d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "seen", "source": "Telegram/KFWX-zaB7i7pqsPxPeC91fBEHdIe5Os44X82pdHVogY71KFF", "content": "", "creation_timestamp": "2025-02-17T03:38:40.000000Z"}, {"uuid": "6722ac20-aee4-42fd-8c22-6e76faeb8b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22280", "type": "seen", "source": "https://t.me/cvedetector/19038", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22280 - DefendWP Firewall Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22280 \nPublished : Feb. 27, 2025, 2:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Missing Authorization vulnerability in revmakx DefendWP Firewall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DefendWP Firewall: from n/a through 1.1.0. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T16:45:03.000000Z"}, {"uuid": "3b1e7a4d-7be6-41af-97e8-51c819f5be0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4722", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22284\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes \u2013 Unishippers Edition allows Reflected XSS. This issue affects LTL Freight Quotes \u2013 Unishippers Edition: from n/a through 2.5.8.\n\ud83d\udccf Published: 2025-02-16T22:17:16.275Z\n\ud83d\udccf Modified: 2025-02-16T22:17:16.275Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ltl-freight-quotes-unishippers-edition/vulnerability/wordpress-ltl-freight-quotes-unishippers-edition-plugin-2-5-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-17T00:43:01.000000Z"}, {"uuid": "def3beca-53ad-4fba-adfc-19bcf37966e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22281", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10459", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22281\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joshix Simplish allows Stored XSS.This issue affects Simplish: from n/a through 2.6.4.\n\ud83d\udccf Published: 2025-04-04T13:52:32.086Z\n\ud83d\udccf Modified: 2025-04-04T14:01:11.797Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/simplish/vulnerability/wordpress-simplish-theme-2-6-4-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T14:36:08.000000Z"}, {"uuid": "eac74312-5b12-4a79-950e-f58fdf2b4b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22287", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16972", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22287\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Eniture Technology LTL Freight Quotes \u2013 FreightQuote Edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes \u2013 FreightQuote Edition: from n/a through 2.3.11.\n\ud83d\udccf Published: 2025-05-19T17:56:54.085Z\n\ud83d\udccf Modified: 2025-05-20T13:10:32.166Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ltl-freight-quotes-freightquote-edition/vulnerability/wordpress-ltl-freight-quotes-freightquote-edition-plugin-2-3-11-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-20T13:40:27.000000Z"}, {"uuid": "84165116-45e0-4f70-bcaa-b7f7f9fe3891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "Telegram/fYQT-1SyQPJEqhRolnmLPhoJgok-vdCw-jcM1ORxpTcN6HKU", "content": "", "creation_timestamp": "2025-02-17T03:38:40.000000Z"}, {"uuid": "de4c4b76-0034-4eab-b513-f0785cfc5ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "seen", "source": "Telegram/CSzOLRn3h2BR1CPJkX6hreWoQ4Bv8wuQDvQSXu-B_PPC60Z3", "content": "", "creation_timestamp": "2025-02-17T03:38:40.000000Z"}, {"uuid": "70e6636b-61b4-4161-890e-77dd57bf036b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22280", "type": "seen", "source": "Telegram/Q4m6WicYS5s06ALTXPYDMWbAcFzri0R_s28Y48SxA_wT9Ns", "content": "", "creation_timestamp": "2025-02-27T16:30:20.000000Z"}, {"uuid": "69083299-48f8-4411-adf7-08ddbe026963", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114015907488834842", "content": "", "creation_timestamp": "2025-02-16T22:24:45.421332Z"}, {"uuid": "2ed8606a-5f1d-41b4-a778-cf21c5e91de7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114015907503391978", "content": "", "creation_timestamp": "2025-02-16T22:24:45.582023Z"}, {"uuid": "54b004ac-1ad0-40e9-b099-aa828192909b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114015907518176745", "content": "", "creation_timestamp": "2025-02-16T22:24:45.797084Z"}, {"uuid": "68389add-5594-4072-8be5-041c32d330d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114015925039646704", "content": "", "creation_timestamp": "2025-02-16T22:29:10.570361Z"}, {"uuid": "7b6cdea0-0fff-4918-ae09-c25859953e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114015925054450158", "content": "", "creation_timestamp": "2025-02-16T22:29:10.650227Z"}, {"uuid": "92740f64-ce5c-4485-af69-0bd2447a78aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114015925068999455", "content": "", "creation_timestamp": "2025-02-16T22:29:11.079581Z"}, {"uuid": "e90602b4-6802-4d4b-80fc-2ea376f216a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lidef6xed62t", "content": "", "creation_timestamp": "2025-02-16T23:15:45.149603Z"}, {"uuid": "541414c7-5d93-4377-9e0a-adcdeaf8aedd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lidefbgvgb2y", "content": "", "creation_timestamp": "2025-02-16T23:15:47.817263Z"}, {"uuid": "f8d0b6cb-684f-4a2e-ab4b-c9c963e785f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lidefds7pq2o", "content": "", "creation_timestamp": "2025-02-16T23:15:50.141665Z"}, {"uuid": "74f1b218-9441-484d-853f-34ee18f8814c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22289", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4720", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22289\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in NotFound LTL Freight Quotes \u2013 Unishippers Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LTL Freight Quotes \u2013 Unishippers Edition: from n/a through 2.5.8.\n\ud83d\udccf Published: 2025-02-16T22:17:16.765Z\n\ud83d\udccf Modified: 2025-02-16T22:17:16.765Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ltl-freight-quotes-unishippers-edition/vulnerability/wordpress-ltl-freight-quotes-unishippers-edition-plugin-2-5-8-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-17T00:43:00.000000Z"}, {"uuid": "5d82fbd4-e743-4e14-99eb-d15150acf72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2228", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8837", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2228\n\ud83d\udd25 CVSS Score: 5.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: The Responsive Addons for Elementor \u2013 Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.8 the 'register_user' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including usernames and passwords of any users who register via the Edit Login | Registration Form widget, as long as that user opens the email notification for successful registration.\n\ud83d\udccf Published: 2025-03-26T12:41:17.240Z\n\ud83d\udccf Modified: 2025-03-26T13:11:34.848Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/659ef2e8-589c-4901-88ce-1d674c056ece?source=cve\n2. https://plugins.trac.wordpress.org/browser/responsive-addons-for-elementor/trunk/includes/modules-manager/login-register/class-login-register.php#L369\n3. https://plugins.trac.wordpress.org/changeset/3261241/", "creation_timestamp": "2025-03-26T13:25:06.000000Z"}, {"uuid": "bb9ed101-5c02-49a2-b184-c878c839ae56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22282", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10433", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22282\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EPC ez Form Calculator - WordPress plugin allows Reflected XSS.This issue affects ez Form Calculator - WordPress plugin: from n/a through 2.14.1.2.\n\ud83d\udccf Published: 2025-04-04T10:43:12.176Z\n\ud83d\udccf Modified: 2025-04-04T10:43:12.176Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ez-form-calculator-premium/vulnerability/wordpress-ez-form-calculator-wordpress-plugin-plugin-2-14-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T11:39:09.000000Z"}, {"uuid": "fb374dc6-f9ef-486c-96c1-0c6958e562c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22286", "type": "seen", "source": "https://t.me/cvedetector/18210", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22286 - Enituretechnology LTL Freight Quotes - Worldwide Express Edition Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22286 \nPublished : Feb. 16, 2025, 11:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes \u2013 Worldwide Express Edition allows Reflected XSS. This issue affects LTL Freight Quotes \u2013 Worldwide Express Edition: from n/a through 5.0.21. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T01:29:32.000000Z"}, {"uuid": "71339677-37d9-41a4-823c-8ed460dbf4c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22284", "type": "seen", "source": "https://t.me/cvedetector/18209", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22284 - Enituretechnology Unishippers Edition Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22284 \nPublished : Feb. 16, 2025, 11:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes \u2013 Unishippers Edition allows Reflected XSS. This issue affects LTL Freight Quotes \u2013 Unishippers Edition: from n/a through 2.5.8. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T01:29:31.000000Z"}, {"uuid": "51419ff5-8323-4e22-b23d-7bf133b46598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22285", "type": "seen", "source": "https://t.me/cvedetector/22144", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22285 - Eniture Technology Pallet Packaging for WooCommerce Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22285 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Eniture Technology Pallet Packaging for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through 1.1.15. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:33.000000Z"}, {"uuid": "478338aa-1e3a-465c-81b9-b4e10871e6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22281", "type": "seen", "source": "https://t.me/cvedetector/22143", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22281 - Simplish Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22281 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joshix Simplish allows Stored XSS.This issue affects Simplish: from n/a through 2.6.4. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:33.000000Z"}, {"uuid": "df6c1db6-1c92-4fae-8037-94757fc05587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2228", "type": "seen", "source": "https://t.me/cvedetector/21181", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2228 - Elementor Responsive Addons WordPress Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-2228 \nPublished : March 26, 2025, 1:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : The Responsive Addons for Elementor \u2013 Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.8 the 'register_user' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including usernames and passwords of any users who register via the Edit Login | Registration Form widget, as long as that user opens the email notification for successful registration. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T16:23:56.000000Z"}, {"uuid": "af744d88-87de-4cd8-ba56-e3c4845e995e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22282", "type": "seen", "source": "https://t.me/cvedetector/22112", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22282 - EPC ez Form Calculator WordPress Plugin Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22282 \nPublished : April 4, 2025, 11:15 a.m. | 40\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EPC ez Form Calculator - WordPress plugin allows Reflected XSS.This issue affects ez Form Calculator - WordPress plugin: from n/a through 2.14.1.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T14:40:17.000000Z"}, {"uuid": "4172d53f-d8e2-47c0-b284-c62173449bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22282", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llyici5yrh2b", "content": "", "creation_timestamp": "2025-04-04T13:07:22.101525Z"}]}