{"vulnerability": "CVE-2025-2700", "sightings": [{"uuid": "41da8c18-77e9-407b-b257-a6352c5962ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2700", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll4rdguvsh2m", "content": "", "creation_timestamp": "2025-03-24T12:34:22.684852Z"}, {"uuid": "f677f4e0-5384-4dfc-8283-498fe5ec10b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27000", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lizdqxsmnx2k", "content": "", "creation_timestamp": "2025-02-25T17:03:02.308249Z"}, {"uuid": "52287117-67b8-4a71-9c9f-fee28560f5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmrl34dhmr24", "content": "", "creation_timestamp": "2025-04-14T12:33:30.023709Z"}, {"uuid": "a297cce7-7ee8-47e4-8b54-daa6cac7fa37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lojrrae6mc26", "content": "", "creation_timestamp": "2025-05-06T21:02:19.352041Z"}, {"uuid": "5c9d0ced-5855-4dc5-ac35-0b876fe05187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lonm5bifdr2j", "content": "", "creation_timestamp": "2025-05-08T09:32:17.094865Z"}, {"uuid": "eee283bb-3331-4a86-8a75-2991cbe17308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114478983375670362", "content": "", "creation_timestamp": "2025-05-09T17:11:04.843835Z"}, {"uuid": "99e53d61-2841-4310-accc-7a00d13d13ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lpnmpgkukc2t", "content": "", "creation_timestamp": "2025-05-21T03:07:37.446789Z"}, {"uuid": "820b339f-13bc-49e2-9ddb-8f8f910f5a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27000", "type": "seen", "source": "MISP/8e1b6542-ae86-4729-a7a6-4e9f670b8bb7", "content": "", "creation_timestamp": "2025-08-22T17:25:06.000000Z"}, {"uuid": "0ac4656c-954e-4f4d-8927-1615071787d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27002", "type": "seen", "source": "https://gist.github.com/Darkcrai86/3138a900c4bfa360837cebbf4466b279", "content": "", "creation_timestamp": "2026-01-08T11:04:03.000000Z"}, {"uuid": "a69a4bd9-773f-4245-b8b9-48d9c1f0004b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27004", "type": "seen", "source": "https://gist.github.com/Darkcrai86/13ff44ddf211ecc6efa23488c8661138", "content": "", "creation_timestamp": "2026-01-08T11:03:30.000000Z"}, {"uuid": "ccb78ef1-6c22-4754-a0c4-9220f6afed10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27002", "type": "seen", "source": "Telegram/jXqh7iGd3nKmZccxZRIgdWFEyhTj1-aVjALGGvD6hr5r9pg", "content": "", "creation_timestamp": "2026-01-08T17:13:43.000000Z"}, {"uuid": "a47cbbb1-e9c0-4e4c-b4a3-f01b471c96b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14257", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27007\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82.\n\ud83d\udccf Published: 2025-05-01T10:54:56.209Z\n\ud83d\udccf Modified: 2025-05-01T10:54:56.209Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/suretriggers/vulnerability/wordpress-suretriggers-1-0-82-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-01T11:14:47.000000Z"}, {"uuid": "f06c9f0c-3911-4426-8c6c-f9407913711b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27009", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11598", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27009\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS.This issue affects My auctions allegro: from n/a through 3.6.20.\n\ud83d\udccf Published: 2025-04-14T11:05:34.699Z\n\ud83d\udccf Modified: 2025-04-14T11:05:34.699Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/my-auctions-allegro-free-edition/vulnerability/wordpress-my-auctions-allegro-plugin-3-6-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-14T11:53:34.000000Z"}, {"uuid": "f54d62f0-4f26-475c-a5fd-f8bd33943a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://t.me/cvedetector/24205", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27007 - Brainstorm Force SureTriggers Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27007 \nPublished : May 1, 2025, 11:15 a.m. | 1\u00a0hour ago \nDescription : Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T14:49:50.000000Z"}, {"uuid": "17f1cdd8-8311-4b5a-b4a3-90081e73b035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "exploited", "source": "Telegram/O5Zvd0-ca5HrJAxxnw-Wgx96yQdbDg19VT0Mm7IwVclSRw", "content": "", "creation_timestamp": "2025-05-07T16:17:43.000000Z"}, {"uuid": "428ed309-2d03-4cd1-8ea8-d22394e51d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lollj2iuyj2r", "content": "", "creation_timestamp": "2025-05-07T14:15:39.277212Z"}, {"uuid": "cc014d90-1cda-459d-b16a-432d5f71fc62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://thehackernews.com/2025/05/ottokit-wordpress-plugin-with-100k.html", "content": "", "creation_timestamp": "2025-05-07T11:44:00.000000Z"}, {"uuid": "5c25a901-1af8-4bb6-a1ee-214ee56e9ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lom5hfmr4l23", "content": "", "creation_timestamp": "2025-05-07T19:36:50.648860Z"}, {"uuid": "f313bd3f-5865-4908-b0c0-848a05eee673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27007.yaml", "content": "", "creation_timestamp": "2025-05-13T10:08:41.000000Z"}, {"uuid": "27f973b2-a56d-4840-b3c9-b17be36e21bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "e3763286-fea6-4931-b0a1-201f4e373d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27000", "type": "seen", "source": "https://t.me/cvedetector/18873", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27000 - George Pattichis Simple Photo Feed Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27000 \nPublished : Feb. 25, 2025, 3:15 p.m. | 33\u00a0minutes ago \nDescription : Missing Authorization vulnerability in George Pattichis Simple Photo Feed allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Photo Feed: from n/a through 1.4.0. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T17:22:46.000000Z"}, {"uuid": "5af85c48-4711-436e-9bfd-6a847eb621ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27001", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9313", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27001\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Insertion of Sensitive Information Into Sent Data vulnerability in Shipmondo Shipmondo \u2013 A complete shipping solution for WooCommerce allows Retrieve Embedded Sensitive Data.This issue affects Shipmondo \u2013 A complete shipping solution for WooCommerce: from n/a through 5.0.3.\n\ud83d\udccf Published: 2025-03-28T09:38:45.897Z\n\ud83d\udccf Modified: 2025-03-28T09:38:45.897Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/pakkelabels-for-woocommerce/vulnerability/wordpress-shipmondo-a-complete-shipping-solution-for-woocommerce-plugin-5-0-3-authenticated-arbitrary-wordpress-option-disclosure-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T10:28:29.000000Z"}, {"uuid": "325f2232-3ced-46b3-b832-65254889c34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27001", "type": "seen", "source": "https://t.me/cvedetector/21411", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27001 - Shipmondo WooCommerce Sensitive Data Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27001 \nPublished : March 28, 2025, 10:15 a.m. | 2\u00a0hours, 4\u00a0minutes ago \nDescription : Insertion of Sensitive Information Into Sent Data vulnerability in Shipmondo Shipmondo \u2013 A complete shipping solution for WooCommerce allows Retrieve Embedded Sensitive Data.This issue affects Shipmondo \u2013 A complete shipping solution for WooCommerce: from n/a through 5.0.3. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T13:34:11.000000Z"}, {"uuid": "d31fbba0-72a7-4ce1-b181-9d7979ca83a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "published-proof-of-concept", "source": "Telegram/WavE4TZalmMZH7ia3WHjEDQ1oei-w86-O_mAcu597Ww1-5E", "content": "", "creation_timestamp": "2025-05-01T14:00:35.000000Z"}, {"uuid": "fa7fb774-2790-40aa-ad5a-a031ebfe21d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lqvwk4lfcu2j", "content": "", "creation_timestamp": "2025-06-06T03:50:06.418474Z"}, {"uuid": "9deb2718-f24f-4e03-9c64-f4e409bb4bc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo4qb4ltxu2j", "content": "", "creation_timestamp": "2025-05-01T16:30:45.050680Z"}, {"uuid": "11420e0a-7dca-4fbf-a1e6-c0cae8c0ce89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lonxbkqr6c2t", "content": "", "creation_timestamp": "2025-05-08T12:51:32.418420Z"}, {"uuid": "be4982d7-8499-40c6-93b3-132da5135fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3losnmspjjf2y", "content": "", "creation_timestamp": "2025-05-10T09:42:10.842490Z"}, {"uuid": "5ef8cf1f-5f9a-4a31-8733-82b8f438f1de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lottmvote626", "content": "", "creation_timestamp": "2025-05-10T21:02:17.097065Z"}, {"uuid": "6ec93a4e-76b3-469f-8cc7-834d0a81fdab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lp5vionrhf2l", "content": "", "creation_timestamp": "2025-05-14T21:02:26.862884Z"}, {"uuid": "bceb1c1f-bedd-4cda-843d-948ee5421242", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb", "content": "", "creation_timestamp": "2025-05-13T16:01:34.000000Z"}, {"uuid": "9db119fe-aeef-4234-bc36-2b07e483ff3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27002", "type": "published-proof-of-concept", "source": "Telegram/4pwzrJnceRLyEgpbd6VO8VdJVifSdOcVQ4b7TmcAbl02Blg", "content": "", "creation_timestamp": "2026-01-08T17:13:19.000000Z"}, {"uuid": "fd303792-b94d-4b94-b9bb-9406f877a5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27004", "type": "seen", "source": "Telegram/jXqh7iGd3nKmZccxZRIgdWFEyhTj1-aVjALGGvD6hr5r9pg", "content": "", "creation_timestamp": "2026-01-08T17:13:43.000000Z"}, {"uuid": "099bc9dc-d6fd-454b-a3ce-311488b1db25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27009", "type": "seen", "source": "https://t.me/cvedetector/22841", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27009 - Allegro My Auctions CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-27009 \nPublished : April 14, 2025, 11:15 a.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS.This issue affects My auctions allegro: from n/a through 3.6.20. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-14T14:40:22.000000Z"}, {"uuid": "aa072b67-a7ed-4d0c-9d10-15b6c0035999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2700", "type": "seen", "source": "https://t.me/cvedetector/20950", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2700 - \"Micronaut Dante Editor Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-2700 \nPublished : March 24, 2025, 9:15 a.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in michelson Dante Editor up to 0.4.4. This affects an unknown part of the component Insert Link Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T12:32:50.000000Z"}, {"uuid": "07140b60-f057-42e9-8790-289ca5308645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27009", "type": "seen", "source": "Telegram/z-eE4j_pd2xofaRpPR35edWI1QGb9fr2BIzfSaNm13p6uDA", "content": "", "creation_timestamp": "2025-04-14T13:30:26.000000Z"}, {"uuid": "4467d231-f949-4194-96d1-44753c792a09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27007", "type": "exploited", "source": "https://t.me/true_secator/7019", "content": "\u041a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0438\u043b\u043e\u0441\u044c \u043d\u0430 \u0432\u0442\u043e\u0440\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 OttoKit \u0434\u043b\u044f WordPress \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Defiant \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 OttoKit, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0430 \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041f\u043b\u0430\u0433\u0438\u043d OttoKit: All-in-One Automation Platform (\u0440\u0430\u043d\u0435\u0435 SureTriggers), \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0431\u043e\u043b\u0435\u0435 100 000 \u0440\u0430\u0437, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u0430\u0439\u0442\u043e\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0437\u0430\u0434\u0430\u0447, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b.\n\n\u0412 \u043d\u0430\u0447\u0430\u043b\u0435 \u0430\u043f\u0440\u0435\u043b\u044f \u0431\u044b\u043b\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-3102\u00a0- \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u044b\u0435 \u0438 \u043d\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 OttoKit, - \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 Defiant \u043e\u0431\u0440\u0430\u0449\u0430\u0435\u0442 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435, CVE-2025-27007 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0441\u0430\u0439\u0442\u0430\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 create_wp_connection(), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e, \u0447\u0442\u043e\u0431\u044b \u0441\u0430\u0439\u0442 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0438 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0430 OttoKit/SureTriggers \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u043b\u0441\u044f \u043a \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0443 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0412 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441\u043c\u043e\u0436\u0435\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0434\u0430\u0436\u0435 \u043d\u0435 \u0437\u043d\u0430\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0441\u0430\u0439\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043b\u0438\u0441\u044c \u043a \u043f\u043b\u0430\u0433\u0438\u043d\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043d\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439.", "creation_timestamp": "2025-05-07T19:00:09.000000Z"}]}