{"vulnerability": "CVE-2025-2369", "sightings": [{"uuid": "b753c273-96db-4a2a-80c5-424c4078fc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23697", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2570", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23697\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebDeal s.r.o. Pod\u010dl\u00e1nkov\u00e1 inzerce allows Reflected XSS. This issue affects Pod\u010dl\u00e1nkov\u00e1 inzerce: from n/a through 2.4.0.\n\ud83d\udccf Published: 2025-01-22T14:29:19.982Z\n\ud83d\udccf Modified: 2025-01-22T15:15:38.244Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/podclankova-inzerce/vulnerability/wordpress-podclankova-inzerce-plugin-2-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:59.000000Z"}, {"uuid": "d671b776-5e8b-4331-bef9-0bdf75b0a1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2369", "type": "published-proof-of-concept", "source": "Telegram/k7Kg0Fyynw9AKxEWFZkxiubMrImY9Z1md51Ry-eSmZoqHAo", "content": "", "creation_timestamp": "2025-03-17T11:00:36.000000Z"}, {"uuid": "db573a1f-6ff5-4939-be4a-7b4afb0c755a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23692", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840842467863048", "content": "", "creation_timestamp": "2025-01-17T00:23:22.566889Z"}, {"uuid": "d334b541-8684-48a3-bcb2-f9eca9eae0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23693", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840901470689653", "content": "", "creation_timestamp": "2025-01-17T00:38:22.871888Z"}, {"uuid": "b3bc615e-3b54-4c04-b376-ce92c494a6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23698", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840901500299046", "content": "", "creation_timestamp": "2025-01-17T00:38:23.356493Z"}, {"uuid": "ee70da5f-7eb7-4d39-8306-c5fdb8f669dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23696", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2569", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23696\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Staging CDN allows Reflected XSS. This issue affects Staging CDN: from n/a through 1.0.0.\n\ud83d\udccf Published: 2025-01-22T14:29:19.831Z\n\ud83d\udccf Modified: 2025-01-22T15:17:26.494Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/staging-cdn/vulnerability/wordpress-staging-cdn-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:58.000000Z"}, {"uuid": "cff48d25-b4bf-488e-b4ab-f2cce2267c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23695", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2568", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23695\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound CtyGrid Hyp3rL0cal Search allows Reflected XSS. This issue affects CtyGrid Hyp3rL0cal Search: from n/a through 0.1.1.1.\n\ud83d\udccf Published: 2025-01-22T14:29:19.683Z\n\ud83d\udccf Modified: 2025-01-22T15:19:44.029Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/hyp3rl0cal-city-search/vulnerability/wordpress-ctygrid-hyp3rl0cal-search-plugin-0-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:58.000000Z"}, {"uuid": "2e4195d1-d2ce-479f-8c40-54bb35c93a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23690", "type": "seen", "source": "https://t.me/cvedetector/15631", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23690 - ArtkanMedia Book a Place CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23690 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in ArtkanMedia Book a Place allows Stored XSS.This issue affects Book a Place: from n/a through 0.7.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:49.000000Z"}, {"uuid": "44ca5a4a-5720-4697-810e-23cc2de17270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23699", "type": "seen", "source": "https://t.me/cvedetector/15629", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23699 - TechMix Event Countdown Timer Plugin Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-23699 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TechMix Event Countdown Timer Plugin by TechMix allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through 1.4. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:45.000000Z"}, {"uuid": "2c26d359-65bd-4f25-8b98-301e0a37d693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23693", "type": "seen", "source": "https://t.me/cvedetector/15635", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23693 - Stanis\u0142aw Skonieczny Secure CAPTCHA CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23693 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Stanis\u0142aw Skonieczny Secure CAPTCHA allows Stored XSS.This issue affects Secure CAPTCHA: from n/a through 1.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:53.000000Z"}, {"uuid": "52f46e2b-7006-4356-adbb-97dec8d2b563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23692", "type": "seen", "source": "https://t.me/cvedetector/15634", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23692 - Artem Anikeev Slider for Writers CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23692 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Artem Anikeev Slider for Writers allows Stored XSS.This issue affects Slider for Writers: from n/a through 1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:52.000000Z"}, {"uuid": "5d8b60cd-d908-49b9-abcf-2fa9e52ace30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23691", "type": "seen", "source": "https://t.me/cvedetector/15633", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23691 - Braulio Aquino Garc\u00eda Send to Twitter CSRF-Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-23691 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Braulio Aquino Garc\u00eda Send to Twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through 1.7.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:52.000000Z"}, {"uuid": "fbd1f9f7-00c6-40c4-8f57-4b4c220daad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23690", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv433jcy72e", "content": "", "creation_timestamp": "2025-01-16T20:19:16.437545Z"}, {"uuid": "dd592164-bfef-43f1-996c-55f380c39c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23699", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43kldrx2e", "content": "", "creation_timestamp": "2025-01-16T20:19:32.334238Z"}, {"uuid": "f4c03e3d-0cf3-424e-a394-e32c6ef3d638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23690", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840842439282891", "content": "", "creation_timestamp": "2025-01-17T00:23:22.118675Z"}, {"uuid": "17387e46-450a-44b9-b2fa-c07d02513f50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23691", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840842453023149", "content": "", "creation_timestamp": "2025-01-17T00:23:22.213235Z"}, {"uuid": "17fc69fb-825d-43a9-85f1-02b91854abf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23695", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5ukovv2n", "content": "", "creation_timestamp": "2025-01-22T15:20:13.527502Z"}, {"uuid": "90396520-6c6a-4580-8905-99e49f617224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23696", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5xkckm2f", "content": "", "creation_timestamp": "2025-01-22T15:20:16.642127Z"}, {"uuid": "66b6d988-5e19-40ac-bd2c-a5bbf4350199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23697", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo625alr2x", "content": "", "creation_timestamp": "2025-01-22T15:20:19.656243Z"}, {"uuid": "06ece3e6-b977-469f-8331-16e993d95be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2369", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2369\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T08:31:07.147Z\n\ud83d\udccf Modified: 2025-03-17T08:31:07.147Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299868\n2. https://vuldb.com/?ctiid.299868\n3. https://vuldb.com/?submit.515328\n4. https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2002%20setPasswordCfg-_admpass.md\n5. https://www.totolink.net/", "creation_timestamp": "2025-03-17T08:46:46.000000Z"}, {"uuid": "c058fb31-dd2d-4a07-9a5e-7eb557a47f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://t.me/cvedetector/20444", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2369 - TOTOLINK EX1800T Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2369 \nPublished : March 17, 2025, 9:15 a.m. | 22\u00a0minutes ago \nDescription : A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T10:46:31.000000Z"}, {"uuid": "7ad3fbca-f19c-4c76-882f-738634c08b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23694", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840901485874283", "content": "", "creation_timestamp": "2025-01-17T00:38:23.411824Z"}, {"uuid": "190f0e6a-e767-4132-9a60-c7026f0abd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23692", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43agb5q2t", "content": "", "creation_timestamp": "2025-01-16T20:19:21.567835Z"}, {"uuid": "34d8944a-6b56-4311-a565-92633e251d32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23698", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43ia6v72n", "content": "", "creation_timestamp": "2025-01-16T20:19:29.852007Z"}, {"uuid": "a3458847-5efa-43fb-aced-1cfba7b3836e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23691", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv4367g7v2j", "content": "", "creation_timestamp": "2025-01-16T20:19:19.246325Z"}, {"uuid": "be47c774-6e12-458f-9f64-2f6771b0a860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23699", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840901514511473", "content": "", "creation_timestamp": "2025-01-17T00:38:23.796746Z"}, {"uuid": "c64f191f-043f-4d6d-8661-5a34d4922d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23693", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43db4in2n", "content": "", "creation_timestamp": "2025-01-16T20:19:24.645260Z"}, {"uuid": "7eb70a91-3b24-4658-b7b1-2d1527c2d6fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23694", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43g4sme2f", "content": "", "creation_timestamp": "2025-01-16T20:19:27.635719Z"}, {"uuid": "4c3d8c1f-cf1f-4c87-a6dd-5cf00996ac64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkkuolnn6s2j", "content": "", "creation_timestamp": "2025-03-17T09:46:22.518965Z"}, {"uuid": "a51bc296-cf31-4897-9812-135e4afb306a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114177140451809805", "content": "", "creation_timestamp": "2025-03-17T09:48:22.642502Z"}]}