{"vulnerability": "CVE-2025-4768", "sightings": [{"uuid": "23d4ac98-7549-456c-b44e-2c038830a967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47685", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lolzkddzxm2r", "content": "", "creation_timestamp": "2025-05-07T18:26:55.511897Z"}, {"uuid": "8aa4e4b4-7b5f-435d-97c2-aeb8dec955fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47686", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lolzkdhel222", "content": "", "creation_timestamp": "2025-05-07T18:26:56.133187Z"}, {"uuid": "3995b9dd-4d62-4bb2-8583-bd1686ca07e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47683", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lolzke5zmf2j", "content": "", "creation_timestamp": "2025-05-07T18:26:59.932168Z"}, {"uuid": "a48fd8ca-da81-4da3-9785-3280f036499b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47688", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lolzkebezv2j", "content": "", "creation_timestamp": "2025-05-07T18:27:00.575684Z"}, {"uuid": "dd5a5d5b-e324-41d3-b50d-65e434eb3d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47681", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lolzkelgd52j", "content": "", "creation_timestamp": "2025-05-07T18:27:02.246400Z"}, {"uuid": "6fa6ff82-bb8c-4514-bfbd-5dd1de02f025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47684", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lolzkes3lu2r", "content": "", "creation_timestamp": "2025-05-07T18:27:03.600879Z"}, {"uuid": "2b111408-9acd-4ec7-9181-7c48d33da868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47687", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lptxntl3qy2m", "content": "", "creation_timestamp": "2025-05-23T15:39:33.773573Z"}, {"uuid": "08562559-4e8d-47cd-929e-36e5773a21a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47682", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loytpbiqqt2p", "content": "", "creation_timestamp": "2025-05-12T20:46:53.864225Z"}, {"uuid": "45b8c73f-fa70-4253-b6b2-976a89326e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15987", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47682\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications \u2013 WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.8.2.\n\ud83d\udccf Published: 2025-05-12T18:19:43.926Z\n\ud83d\udccf Modified: 2025-05-12T18:19:43.926Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/sms-alert/vulnerability/wordpress-sms-alert-order-notifications-woocommerce-3-8-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-12T18:31:34.000000Z"}, {"uuid": "e14f6991-5d43-4e15-92c4-bca2c0ff7c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15973", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47682\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications \u2013 WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.8.2.\n\ud83d\udccf Published: 2025-05-12T18:19:43.926Z\n\ud83d\udccf Modified: 2025-05-12T18:19:43.926Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/sms-alert/vulnerability/wordpress-sms-alert-order-notifications-woocommerce-3-8-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-12T18:29:15.000000Z"}, {"uuid": "f49c147c-dc2e-4aec-be93-c0a674b61ce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47686", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15376", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47686\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO allows Stored XSS. This issue affects DELUCKS SEO: from n/a through 2.5.9.\n\ud83d\udccf Published: 2025-05-07T14:20:56.276Z\n\ud83d\udccf Modified: 2025-05-07T18:07:40.834Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/delucks-seo/vulnerability/wordpress-delucks-seo-2-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-07T18:23:03.000000Z"}, {"uuid": "29079f78-8f2d-47b7-afdb-62c62884afe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47685", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15375", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47685\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout allows Stored XSS. This issue affects Contribuinte Checkout: from n/a through 2.0.02.\n\ud83d\udccf Published: 2025-05-07T14:20:55.734Z\n\ud83d\udccf Modified: 2025-05-07T18:07:51.298Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/contribuinte-checkout/vulnerability/wordpress-contribuinte-checkout-plugin-2-0-02-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-07T18:23:02.000000Z"}, {"uuid": "1667582b-1452-4b79-8e49-3397efcc2fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47684", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15374", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47684\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Smaily Smaily for WP allows Cross Site Request Forgery. This issue affects Smaily for WP: from n/a through 3.1.6.\n\ud83d\udccf Published: 2025-05-07T14:20:55.218Z\n\ud83d\udccf Modified: 2025-05-07T18:08:01.412Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/smaily-for-wp/vulnerability/wordpress-smaily-for-wp-3-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-07T18:23:01.000000Z"}, {"uuid": "7945a8f7-c55b-4d29-9b56-91f3208e0ad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47683", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15373", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47683\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in Florent Maillefaud WP Maintenance allows Object Injection. This issue affects WP Maintenance: from n/a through 6.1.9.7.\n\ud83d\udccf Published: 2025-05-07T14:20:54.652Z\n\ud83d\udccf Modified: 2025-05-07T18:08:11.722Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-maintenance/vulnerability/wordpress-wp-maintenance-6-1-9-7-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-07T18:23:00.000000Z"}, {"uuid": "f89d0c69-9bd4-4f9b-ac54-748485bfc832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47681", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15372", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47681\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Ability, Inc Web Accessibility with Max Access allows Cross Site Request Forgery. This issue affects Web Accessibility with Max Access: from n/a through 2.0.9.\n\ud83d\udccf Published: 2025-05-07T14:20:54.122Z\n\ud83d\udccf Modified: 2025-05-07T18:08:23.223Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/accessibility-toolbar/vulnerability/wordpress-web-accessibility-with-max-access-2-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-07T18:22:59.000000Z"}, {"uuid": "18cb4c81-b0cb-4d55-807c-ddcf13716cf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15377", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47688\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.\n\ud83d\udccf Published: 2025-05-07T14:20:56.807Z\n\ud83d\udccf Modified: 2025-05-07T18:07:28.371Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-07T18:23:04.000000Z"}, {"uuid": "81f1c46e-4d94-4bf2-a342-38f74b273941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47684", "type": "seen", "source": "https://t.me/cvedetector/24718", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47684 - Smaily for WP CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-47684 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Smaily Smaily for WP allows Cross Site Request Forgery. This issue affects Smaily for WP: from n/a through 3.1.6. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:00:38.000000Z"}, {"uuid": "38bcad84-95e3-4f75-9d88-513eb5c73f3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47685", "type": "seen", "source": "https://t.me/cvedetector/24719", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47685 - Moloni Contribuinte Checkout CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-47685 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout allows Stored XSS. This issue affects Contribuinte Checkout: from n/a through 2.0.02. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:00:39.000000Z"}, {"uuid": "1379ad9a-5d90-4b97-8f3a-7bb7897bead8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47686", "type": "seen", "source": "https://t.me/cvedetector/24720", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47686 - DELUCKS SEO Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-47686 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DELUCKS DELUCKS SEO allows Stored XSS. This issue affects DELUCKS SEO: from n/a through 2.5.9. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:00:43.000000Z"}, {"uuid": "0024013e-d534-4fec-bec0-12295800a2f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47688", "type": "seen", "source": "https://t.me/cvedetector/24721", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47688 - Saad Iqbal Advanced File Manager Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-47688 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:00:44.000000Z"}, {"uuid": "75f4a01c-51d7-4122-a957-19cded83fccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47681", "type": "seen", "source": "https://t.me/cvedetector/24723", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47681 - Ability, Inc Web Accessibility with Max Access CSRF\", \n  \"Content\": \"CVE ID : CVE-2025-47681 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Ability, Inc Web Accessibility with Max Access allows Cross Site Request Forgery. This issue affects Web Accessibility with Max Access: from n/a through 2.0.9. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:00:46.000000Z"}, {"uuid": "7e01d1c2-9c4e-4310-9a89-42528f2bf80d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47683", "type": "seen", "source": "https://t.me/cvedetector/24724", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47683 - Florent Maillefaud WP Maintenance Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-47683 \nPublished : May 7, 2025, 3:16 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Florent Maillefaud WP Maintenance allows Object Injection. This issue affects WP Maintenance: from n/a through 6.1.9.7. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T19:00:47.000000Z"}, {"uuid": "88d8821e-eb45-47ce-9e18-995d9b1633de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16003", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47682\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications \u2013 WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.8.2.\n\ud83d\udccf Published: 2025-05-12T18:19:43.926Z\n\ud83d\udccf Modified: 2025-05-12T18:19:43.926Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/sms-alert/vulnerability/wordpress-sms-alert-order-notifications-woocommerce-3-8-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-12T18:37:54.000000Z"}, {"uuid": "6381893a-8b45-4598-af1a-e309ab09d7f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16001", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47682\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications \u2013 WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.8.2.\n\ud83d\udccf Published: 2025-05-12T18:19:43.926Z\n\ud83d\udccf Modified: 2025-05-12T18:19:43.926Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/sms-alert/vulnerability/wordpress-sms-alert-order-notifications-woocommerce-3-8-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-12T18:37:50.000000Z"}, {"uuid": "a9ac579d-0344-45bf-892d-992ae253d4bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4768", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16670", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4768\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.\n\ud83d\udccf Published: 2025-05-16T10:00:07.182Z\n\ud83d\udccf Modified: 2025-05-16T10:00:07.182Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309069\n2. https://vuldb.com/?ctiid.309069\n3. https://vuldb.com/?submit.571737\n4. https://github.com/Hao-Ni/CVE/issues/4", "creation_timestamp": "2025-05-16T10:34:34.000000Z"}, {"uuid": "578b3894-e97e-41df-914f-26664c955294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-47682", "type": "seen", "source": "https://t.me/cvedetector/25110", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-47682 - Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications \u2013 WooCommerce SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-47682 \nPublished : May 12, 2025, 7:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications \u2013 WooCommerce allows SQL Injection.This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.8.2. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-12T22:48:36.000000Z"}]}