{"vulnerability": "CVE-2025-2674", "sightings": [{"uuid": "3dea7f70-8c49-42d7-9e7f-a4b2bf44ad08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26743", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmu3tc5mms2g", "content": "", "creation_timestamp": "2025-04-15T12:38:36.655701Z"}, {"uuid": "606f456d-c32c-469b-a6e7-42bdc4a51ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26745", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmu3tcrekf2h", "content": "", "creation_timestamp": "2025-04-15T12:38:39.344388Z"}, {"uuid": "00c00f99-6bc1-4cd4-a561-a812aea1217c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26741", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114342528058978819", "content": "", "creation_timestamp": "2025-04-15T14:48:37.522242Z"}, {"uuid": "02d2d169-6e74-430d-82c1-9c2fba8d6744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26741", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3lmuduoifk22u", "content": "", "creation_timestamp": "2025-04-15T15:02:34.651593Z"}, {"uuid": "15c97bd7-9590-454a-af0d-5e87d16df642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26743", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3lmuduoifk22u", "content": "", "creation_timestamp": "2025-04-15T15:02:35.023158Z"}, {"uuid": "eb20c024-d488-4a2b-8db9-fce176675363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26743", "type": "seen", "source": "https://t.me/cvedetector/22950", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26743 - \"TC.K Advance WP Query Search Filter Cross-site Scripting\"\", \n  \"Content\": \"CVE ID : CVE-2025-26743 \nPublished : April 15, 2025, 12:15 p.m. | 52\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TC.K Advance WP Query Search Filter allows Reflected XSS. This issue affects Advance WP Query Search Filter: from n/a through 1.0.10. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T15:46:27.000000Z"}, {"uuid": "c78d2b6a-5106-44f9-bc9f-ca2ded70cb9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26741", "type": "seen", "source": "https://t.me/cvedetector/22949", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26741 - AWEOS GmbH Email Notifications for Updates Missing Authorization Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26741 \nPublished : April 15, 2025, 12:15 p.m. | 52\u00a0minutes ago \nDescription : Missing Authorization vulnerability in AWEOS GmbH Email Notifications for Updates allows Privilege Escalation. This issue affects Email Notifications for Updates: from n/a through 1.1.6. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T15:46:26.000000Z"}, {"uuid": "818d5850-4e2b-4d4f-9ebe-a3a043cb5dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2674", "type": "seen", "source": "https://t.me/cvedetector/20924", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2674 - PHPGurukul Bank Locker Management System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-2674 \nPublished : March 24, 2025, 12:15 a.m. | 23\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in PHPGurukul Bank Locker Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T01:40:53.000000Z"}, {"uuid": "d74259ef-229d-4081-9ec4-6478902a07ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26748", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmvd7afuni2z", "content": "", "creation_timestamp": "2025-04-16T00:23:18.508825Z"}, {"uuid": "886c3c95-c361-43ce-91e3-baf03e814213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26748", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114344887989987818", "content": "", "creation_timestamp": "2025-04-16T00:48:46.842110Z"}, {"uuid": "9cff7634-eb3a-4765-9eb5-28e87017f79d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26745", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11800", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26745\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RSTheme RS Elements Elementor Addon allows Stored XSS. This issue affects RS Elements Elementor Addon: from n/a through 1.1.5.\n\ud83d\udccf Published: 2025-04-15T11:59:05.387Z\n\ud83d\udccf Modified: 2025-04-15T11:59:05.387Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/rselements-lite/vulnerability/wordpress-rs-elements-elementor-addon-plugin-1-1-5-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-15T12:54:47.000000Z"}, {"uuid": "4970c8f3-ac2c-4617-a6eb-feee055ea186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26743", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11802", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26743\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TC.K Advance WP Query Search Filter allows Reflected XSS. This issue affects Advance WP Query Search Filter: from n/a through 1.0.10.\n\ud83d\udccf Published: 2025-04-15T11:59:05.071Z\n\ud83d\udccf Modified: 2025-04-15T11:59:05.071Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/advance-wp-query-search-filter/vulnerability/wordpress-advance-wp-query-search-filter-plugin-1-0-10-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-15T12:54:49.000000Z"}, {"uuid": "3e057af9-20a5-4f2f-ac16-27592017e8db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26744", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11801", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26744\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetBlog allows DOM-Based XSS. This issue affects JetBlog: from n/a through 2.4.3.\n\ud83d\udccf Published: 2025-04-15T11:59:05.240Z\n\ud83d\udccf Modified: 2025-04-15T11:59:05.240Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/jet-blog/vulnerability/wordpress-jetblog-plugin-2-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-15T12:54:48.000000Z"}, {"uuid": "6d81c775-3699-4635-90ea-db19455dc392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2674", "type": "published-proof-of-concept", "source": "Telegram/G1o50behDtIjeAiuKRfvAzVv9TeDvGfIWAtJEbL6DX-ef0s", "content": "", "creation_timestamp": "2025-03-24T01:30:30.000000Z"}, {"uuid": "c7c059c9-a87d-4ca2-a961-40933c4a93e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2674", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll3vwkt6gb2n", "content": "", "creation_timestamp": "2025-03-24T04:23:59.944070Z"}, {"uuid": "8223b6fa-863e-4625-8caa-17a11aabdb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26745", "type": "seen", "source": "https://t.me/cvedetector/22952", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26745 - Elementor Addon Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-26745 \nPublished : April 15, 2025, 12:15 p.m. | 52\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RSTheme RS Elements Elementor Addon allows Stored XSS. This issue affects RS Elements Elementor Addon: from n/a through 1.1.5. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T15:46:28.000000Z"}, {"uuid": "5e461984-52ca-4320-8992-35d590f765a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26744", "type": "seen", "source": "https://t.me/cvedetector/22951", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26744 - JetBlog Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-26744 \nPublished : April 15, 2025, 12:15 p.m. | 52\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetBlog allows DOM-Based XSS. This issue affects JetBlog: from n/a through 2.4.3. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T15:46:27.000000Z"}, {"uuid": "2a2895d5-1138-4ec0-ae31-adb0f1a3fdbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26742", "type": "seen", "source": "https://t.me/cvedetector/21105", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26742 - GhozyLab Gallery for Social Photo Stored Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26742 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery for Social Photo allows Stored XSS.This issue affects Gallery for Social Photo: from n/a through 1.0.0.35. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:14.000000Z"}]}