{"vulnerability": "cve-2025-1324", "sightings": [{"uuid": "5a310d51-1a83-4792-a4c9-636822587076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1324", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljujwouqxy2x", "content": "", "creation_timestamp": "2025-03-08T12:35:31.457044Z"}, {"uuid": "f6fb67dd-34d6-4ccc-88c3-19f72073f565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13245", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qqomuyog2j", "content": "", "creation_timestamp": "2025-11-16T12:49:27.468234Z"}, {"uuid": "9951fcf2-e01a-433f-9607-0ee2b1937755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13247", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qqxlbxax26", "content": "", "creation_timestamp": "2025-11-16T12:54:27.869638Z"}, {"uuid": "71331aeb-b3e4-4bbd-89c9-0d733e8ba176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13246", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qrajpgvw2x", "content": "", "creation_timestamp": "2025-11-16T12:59:28.183481Z"}, {"uuid": "834a4474-030d-4d12-8628-9b18ccc7e764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13248", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qys4tfvu2a", "content": "", "creation_timestamp": "2025-11-16T15:14:34.874302Z"}, {"uuid": "d5f9c43f-5ef2-4343-9f80-4b4db066126e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13249", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qz33ck7b2s", "content": "", "creation_timestamp": "2025-11-16T15:19:35.126936Z"}, {"uuid": "37e3d78d-35cc-4d9f-ac2a-fdf9b68543d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1324", "type": "seen", "source": "Telegram/zgmEtxeNIPIJ79NxUPsZhvJK0h6fGs1Uw0GtOzGgh_bsHTPj", "content": "", "creation_timestamp": "2025-03-08T16:29:01.000000Z"}, {"uuid": "8443b7b2-21d1-434e-8ec5-3fc6f251dc4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1324", "type": "seen", "source": "https://t.me/cvedetector/19894", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1324 - WordPress WP-Recall Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1324 \nPublished : March 8, 2025, 10:15 a.m. | 1\u00a0hour, 41\u00a0minutes ago \nDescription : The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-08T13:30:56.000000Z"}, {"uuid": "6e1a16bc-88f6-44f2-a306-cfddc526b155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1324", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6940", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1324\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-03-08T09:22:53.285Z\n\ud83d\udccf Modified: 2025-03-08T09:22:53.285Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/3e0be093-d61a-4634-ba9b-91dd7328e8cd?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3250094/wp-recall/trunk/add-on/publicpost/shortcodes.php", "creation_timestamp": "2025-03-08T09:36:04.000000Z"}]}