{"vulnerability": "CVE-2025-3432", "sightings": [{"uuid": "529d41d9-d22a-4225-b5fc-b5ae7ddb00cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-34329", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m5zrtq3yy724", "content": "", "creation_timestamp": "2025-11-20T03:03:31.620167Z"}, {"uuid": "7778f895-4792-457a-a2b8-9d6c0c8434cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-34329", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115579801359079862", "content": "", "creation_timestamp": "2025-11-20T03:03:31.935874Z"}, {"uuid": "5646f3fd-89b5-4281-8eb4-38fbd307a14b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34324", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5wcxdrlhr26", "content": "", "creation_timestamp": "2025-11-18T17:59:45.980341Z"}, {"uuid": "2837f0f0-1619-4994-9feb-bd3faa682961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34328", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5yrwvdze426", "content": "", "creation_timestamp": "2025-11-19T17:33:16.579406Z"}, {"uuid": "b481ff47-0207-4107-8b99-a43bff96f321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34329", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5ys4ugc2h2k", "content": "", "creation_timestamp": "2025-11-19T17:36:36.941107Z"}, {"uuid": "677a5549-0d25-4f9a-a7dd-1d190fcfc330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34322", "type": "published-proof-of-concept", "source": "Telegram/MnfDtTO7wJ3H0_uNrhjZAmV8vXhG2hG4Vq-UJg_HVKnfrpk", "content": "", "creation_timestamp": "2025-11-26T03:00:07.000000Z"}, {"uuid": "038ebdde-70e1-4e3f-9dff-384c7968bd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34323", "type": "published-proof-of-concept", "source": "Telegram/MnfDtTO7wJ3H0_uNrhjZAmV8vXhG2hG4Vq-UJg_HVKnfrpk", "content": "", "creation_timestamp": "2025-11-26T03:00:07.000000Z"}, {"uuid": "aaf7833f-d078-41ae-a172-a40e37f6b6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34323", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60787", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aProof of Concept exploits for CVE-2025-34322 and CVE-2025-34323 in Nagios Log Server\nURL\uff1ahttps://github.com/mcorybillington/CVE-2025-34322_CVE-2025-34323_Nagios_Log_Server\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-25T21:27:03.000000Z"}, {"uuid": "4f03ae31-545b-404f-98a4-39c4f66cdb6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3432", "type": "seen", "source": "https://t.me/cvedetector/22440", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3432 - WordPress AAWP Obfuscator Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-3432 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : The AAWP Obfuscator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data-aawp-web' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T13:59:48.000000Z"}, {"uuid": "816d1ec8-4928-4a5e-b52d-9ecfdf5aaacb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-34328", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115580155779530992", "content": "", "creation_timestamp": "2025-11-20T04:33:38.491854Z"}, {"uuid": "f9300a10-841a-4444-ab1e-8eb441c0c844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-34328", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m5zwuy2brz2t", "content": "", "creation_timestamp": "2025-11-20T04:33:39.702426Z"}, {"uuid": "d90fe686-099e-4a41-838a-f10cfc3e3809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34320", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m63dcoebai2n", "content": "", "creation_timestamp": "2025-11-20T17:49:24.940022Z"}, {"uuid": "bd7394b6-4bb8-4926-a675-1f2aa1b24b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34322", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60787", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aProof of Concept exploits for CVE-2025-34322 and CVE-2025-34323 in Nagios Log Server\nURL\uff1ahttps://github.com/mcorybillington/CVE-2025-34322_CVE-2025-34323_Nagios_Log_Server\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-25T21:27:03.000000Z"}, {"uuid": "aa2bc05d-a6e7-42b7-b750-1893182773a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3432", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10885", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3432\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The AAWP Obfuscator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data-aawp-web' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-04-08T08:22:08.355Z\n\ud83d\udccf Modified: 2025-04-08T08:22:08.355Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/26b1b899-37a2-44fd-b961-5e6175e0417f?source=cve\n2. https://wordpress.org/plugins/aawp-obfuscator/", "creation_timestamp": "2025-04-08T08:46:50.000000Z"}]}