{"vulnerability": "CVE-2025-4807", "sightings": [{"uuid": "efebfeb7-f60b-4ca9-bc4e-0e392db7ab5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48075", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpru52wvnw2w", "content": "", "creation_timestamp": "2025-05-22T19:31:10.114477Z"}, {"uuid": "3309ef44-3a66-48e6-9833-c96d53d77e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48076", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4tlcxpqpy2w", "content": "", "creation_timestamp": "2025-11-04T22:26:15.285494Z"}, {"uuid": "e5db67b3-a74e-4fb6-92d1-b2de87284732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48079", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16697", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48079\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Metagauss ProfileGrid  allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ProfileGrid : from n/a through 5.9.5.1.\n\ud83d\udccf Published: 2025-05-16T15:45:05.014Z\n\ud83d\udccf Modified: 2025-05-16T16:26:06.180Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/profilegrid-user-profiles-groups-and-communities/vulnerability/wordpress-profilegrid-5-9-5-1-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-16T16:34:42.000000Z"}, {"uuid": "31349ca6-eaab-4c3b-8309-1c0a838baba9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48070", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48070\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Plane is open-source project management software. Versions prior to 0.23 have insecure permissions in UserSerializer that allows users to change fields that are meant to be read-only, such as email. This can lead to account takeover when chained with another vulnerability such as cross-site scripting (XSS). Version 0.23 fixes the issue.\n\ud83d\udccf Published: 2025-05-21T22:11:06.177Z\n\ud83d\udccf Modified: 2025-05-21T22:11:06.177Z\n\ud83d\udd17 References:\n1. https://github.com/makeplane/plane/security/advisories/GHSA-cjh4-q763-cc48\n2. https://github.com/makeplane/plane/commit/0a8cc24da505fd519fcc3c9d6b5e15bc7ce21b29", "creation_timestamp": "2025-05-21T22:41:53.000000Z"}, {"uuid": "97e55df2-749a-4a7f-8b18-dc68db224917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48070", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lppxlfcpza27", "content": "", "creation_timestamp": "2025-05-22T01:27:32.494184Z"}, {"uuid": "907109ec-d6a5-44f9-922a-38bdc7cbf8f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48072", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvccsrrjty2d", "content": "", "creation_timestamp": "2025-07-31T23:42:24.970862Z"}, {"uuid": "64f94d5e-d55b-4ab8-88a4-1d9f3d76bd6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48071", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvcdeoqrfy2k", "content": "", "creation_timestamp": "2025-07-31T23:52:26.001883Z"}, {"uuid": "3bb70148-4de8-476e-9f64-76ce2b4f84d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48073", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvcdwlpcda2c", "content": "", "creation_timestamp": "2025-08-01T00:02:26.613938Z"}, {"uuid": "690bc741-85a2-4bf3-b7f8-8dc1608915f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48074", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvedwm6nf32l", "content": "", "creation_timestamp": "2025-08-01T19:07:46.763631Z"}, {"uuid": "27ec09a3-5694-414e-9f31-2307eb493dae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48071", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-834/", "content": "", "creation_timestamp": "2025-08-13T03:00:00.000000Z"}, {"uuid": "43bba01a-86cc-44e1-8ab9-1dd3d5d7506f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48076", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4th3y2zog42", "content": "", "creation_timestamp": "2025-11-04T21:10:58.847164Z"}, {"uuid": "8bd3c8f8-b371-486e-aff5-d5a72caff435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4807", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4807\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1.0. This affects an unknown part. The manipulation leads to exposure of information through directory listing. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-16T19:31:05.433Z\n\ud83d\udccf Modified: 2025-05-16T19:31:05.433Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309261\n2. https://vuldb.com/?ctiid.309261\n3. https://vuldb.com/?submit.572238\n4. https://github.com/laifeng-boy/cve/issues/2\n5. https://www.sourcecodester.com/", "creation_timestamp": "2025-05-16T20:35:10.000000Z"}]}