{"vulnerability": "CVE-2025-4986", "sightings": [{"uuid": "cb3c13a2-9517-4bc6-b6d7-cdaf3e43fa2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49862", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18779", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49862\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in motov.net Ebook Store allows Stored XSS. This issue affects Ebook Store: from n/a through 5.8008.\n\ud83d\udccf Published: 2025-06-17T15:01:18.902Z\n\ud83d\udccf Modified: 2025-06-18T16:27:54.364Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ebook-store/vulnerability/wordpress-ebook-store-plugin-5-8008-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-18T16:43:24.000000Z"}, {"uuid": "6a2d7cfe-96f3-4b17-be2f-580e80baac7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49861", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18780", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49861\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timur Kamaev Kama Click Counter allows Stored XSS. This issue affects Kama Click Counter: from n/a through 4.0.3.\n\ud83d\udccf Published: 2025-06-17T15:01:19.373Z\n\ud83d\udccf Modified: 2025-06-18T16:24:32.055Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/kama-clic-counter/vulnerability/wordpress-kama-click-counter-plugin-4-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-18T16:43:25.000000Z"}, {"uuid": "60348b7c-32cc-45d8-9bb4-1de6b6cd4197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49868", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18948", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49868\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FunnelKit Automation By Autonami allows Phishing. This issue affects Automation By Autonami: from n/a through 3.6.0.\n\ud83d\udccf Published: 2025-06-17T15:01:17.009Z\n\ud83d\udccf Modified: 2025-06-20T13:13:46.403Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-marketing-automations/vulnerability/wordpress-automation-by-autonami-plugin-3-6-0-open-redirection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:05.000000Z"}, {"uuid": "4a2c16f5-31f9-4617-a555-59d8ccbf2291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49863", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18797", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49863\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Stored XSS. This issue affects Advanced Sermons: from n/a through 3.6.\n\ud83d\udccf Published: 2025-06-17T15:01:18.412Z\n\ud83d\udccf Modified: 2025-06-18T17:25:49.205Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/advanced-sermons/vulnerability/wordpress-advanced-sermons-plugin-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-18T17:39:01.000000Z"}, {"uuid": "01623b9d-6449-426a-a8d8-c09dd7c3da9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4986", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqfgyb5iiuy2", "content": "", "creation_timestamp": "2025-05-30T14:29:51.501654Z"}, {"uuid": "6984cd15-d4a4-43c1-be5a-17880660809f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4986", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqfh5w3ogoe2", "content": "", "creation_timestamp": "2025-05-30T14:32:28.930543Z"}, {"uuid": "caf849f7-b42b-42fe-9b08-bd90c6a4b41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49862", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt5l3oqes2i", "content": "", "creation_timestamp": "2025-06-17T18:43:07.490409Z"}, {"uuid": "2a8e2232-fcc2-4177-88a3-eae2e7bf3153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49865", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18949", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49865\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross Site Request Forgery. This issue affects Advanced Settings: from n/a through 3.0.1.\n\ud83d\udccf Published: 2025-06-17T15:01:17.471Z\n\ud83d\udccf Modified: 2025-06-20T13:13:40.803Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/advanced-settings/vulnerability/wordpress-advanced-settings-plugin-3-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:06.000000Z"}, {"uuid": "ebcf93ce-d9f9-464d-8694-9c2a9f63e344", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49864", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt2jeibrl2k", "content": "", "creation_timestamp": "2025-06-17T17:48:28.305882Z"}, {"uuid": "9360fd32-8fbc-422d-8728-b6325489a1ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49861", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt2m2mtys23", "content": "", "creation_timestamp": "2025-06-17T17:49:58.674924Z"}, {"uuid": "1703b7b9-7828-42ee-b50f-4eae6e3b323f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49868", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt2ovby2r2k", "content": "", "creation_timestamp": "2025-06-17T17:51:33.651184Z"}, {"uuid": "f3cee631-6a74-4681-ad7e-ff3ec3ec99ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49865", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt2v2cxuz2a", "content": "", "creation_timestamp": "2025-06-17T17:55:00.260265Z"}, {"uuid": "6bff3c9b-bf4b-4edf-832a-08325ab13cb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49864", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18950", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49864\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in AFS Analytics AFS Analytics allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects AFS Analytics: from n/a through 4.21.\n\ud83d\udccf Published: 2025-06-17T15:01:17.962Z\n\ud83d\udccf Modified: 2025-06-20T13:13:34.623Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/addfreestats/vulnerability/wordpress-afs-analytics-plugin-4-21-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:07.000000Z"}, {"uuid": "67237aab-f9f0-4ed7-b459-a15813cffee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4986", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqfmpxkjc52k", "content": "", "creation_timestamp": "2025-05-30T16:11:49.233985Z"}, {"uuid": "d6813b37-5282-4822-a56d-c20ae2f2d4bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49863", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt3ngymvn2r", "content": "", "creation_timestamp": "2025-06-17T18:08:38.852005Z"}, {"uuid": "cb102c0c-6713-44ba-b2d2-aac473238755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-49867", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mkdwukeft52x", "content": "", "creation_timestamp": "2026-04-25T21:03:13.011375Z"}]}