{"vulnerability": "cve-2022-2560", "sightings": [{"uuid": "2e8f0709-e7a4-493b-8057-dc852253a707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25608", "type": "seen", "source": "https://t.me/cibsecurity/39454", "content": "\u203c CVE-2022-25608 \u203c\n\nCross-Site Request Forgery (CSRF) in Yoo Slider \u00e2\u20ac\u201c Image Slider & Video Slider (WordPress plugin) allows attackers to trick authenticated users into unwanted slider duplicate or delete action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-23T23:29:14.000000Z"}, {"uuid": "69a90115-5ce5-427a-9140-f98828f44609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25609", "type": "seen", "source": "https://t.me/cibsecurity/39450", "content": "\u203c CVE-2022-25609 \u203c\n\nStored Cross-Site Scripting (XSS) in Yoo Slider \u00e2\u20ac\u201c Image Slider & Video Slider (WordPress plugin) allows attackers with contributor or higher user role to inject the malicious code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-23T23:29:08.000000Z"}, {"uuid": "fe540b2e-92ed-49de-bff0-d8f6938f14e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25603", "type": "seen", "source": "https://t.me/cibsecurity/39226", "content": "\u203c CVE-2022-25603 \u203c\n\nAuthenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in MaxGalleria WordPress plugin (versions 6.2.5).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:22:56.000000Z"}, {"uuid": "2b35fee2-a683-45ec-84d1-da09d95626fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25606", "type": "seen", "source": "https://t.me/cibsecurity/39573", "content": "\u203c CVE-2022-25606 \u203c\n\nMultiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:36:56.000000Z"}, {"uuid": "fe526d6f-b7d2-481c-aa42-718e7fb5efe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25605", "type": "seen", "source": "https://t.me/cibsecurity/39221", "content": "\u203c CVE-2022-25605 \u203c\n\nMultiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:22:49.000000Z"}, {"uuid": "a1066f4a-5feb-4316-bc6a-b3203bb64b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2560", "type": "seen", "source": "Telegram/7r_e2U1FxnCa2kNQpvovquwMZPIMPrP98oj2hayY9MZGeSr0", "content": "", "creation_timestamp": "2025-02-18T21:11:32.000000Z"}, {"uuid": "64271c9f-48f2-4b4b-a811-03357d7ab6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25607", "type": "seen", "source": "https://t.me/cibsecurity/39237", "content": "\u203c CVE-2022-25607 \u203c\n\nAuthenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:23:10.000000Z"}, {"uuid": "71c3aaf9-3085-444e-8e7b-b7ca049f5254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25601", "type": "seen", "source": "https://t.me/cibsecurity/38813", "content": "\u203c CVE-2022-25601 \u203c\n\nReflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T20:15:20.000000Z"}, {"uuid": "62be428b-41cf-453a-9462-b85fd4983656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25600", "type": "seen", "source": "https://t.me/cibsecurity/38820", "content": "\u203c CVE-2022-25600 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T20:21:00.000000Z"}]}