{"vulnerability": "cve-2025-1325", "sightings": [{"uuid": "93e11fd0-6f3f-4fb0-9e5b-98a08c7c989c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13254", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5sci3wo4u2a", "content": "", "creation_timestamp": "2025-11-17T03:40:35.758383Z"}, {"uuid": "e5a8857e-6279-46e5-8bd7-b161f7e477d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13257", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5scr2ewma26", "content": "", "creation_timestamp": "2025-11-17T03:45:35.967316Z"}, {"uuid": "67148f55-07ac-43c3-9ea6-4df0c03d01a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-13258", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115564224606265170", "content": "", "creation_timestamp": "2025-11-17T09:02:08.157995Z"}, {"uuid": "93468b7e-5347-4e90-8943-460149da1259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1325", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6938", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1325\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to arbitrary shortcode execution due to a missing capability check on the 'rcl_preview_post' AJAX endpoint in all versions up to, and including, 16.26.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.\n\ud83d\udccf Published: 2025-03-08T09:22:54.259Z\n\ud83d\udccf Modified: 2025-03-08T09:22:54.259Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/ad3b9040-05ed-452d-9b3f-26d1a93c62ba?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3250094/wp-recall/trunk/add-on/publicpost/functions-ajax.php", "creation_timestamp": "2025-03-08T09:35:59.000000Z"}, {"uuid": "024ad6a8-fb34-4926-a126-f4e34c71381d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1325", "type": "seen", "source": "Telegram/hhB_cZBApp7ElDpWqGzNH-Zcg8W8oauJvci_SZ3sso4CCx29", "content": "", "creation_timestamp": "2025-03-08T16:29:02.000000Z"}, {"uuid": "06d24dfc-ce2f-46cc-88e3-1f84969e6f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1325", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljujwoke242k", "content": "", "creation_timestamp": "2025-03-08T12:35:30.373604Z"}, {"uuid": "1da1da1e-a680-492c-9125-36cdc7ab7a42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13250", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qzdzpr2c2s", "content": "", "creation_timestamp": "2025-11-16T15:24:35.455112Z"}, {"uuid": "c625c287-3a46-4c4c-930f-d37be7b0a5a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13251", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5qzmy4w6v2k", "content": "", "creation_timestamp": "2025-11-16T15:29:35.955852Z"}, {"uuid": "8e594474-726b-495c-b97b-e0d92e4f24e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1325", "type": "seen", "source": "https://t.me/cvedetector/19895", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1325 - WordPress WP-Recall Arbitrary Shortcode Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1325 \nPublished : March 8, 2025, 10:15 a.m. | 1\u00a0hour, 41\u00a0minutes ago \nDescription : The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to arbitrary shortcode execution due to a missing capability check on the 'rcl_preview_post' AJAX endpoint in all versions up to, and including, 16.26.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-08T13:30:56.000000Z"}, {"uuid": "97e41efe-432f-4fb4-aa8e-8894dec895a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13252", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5sapwmjch2b", "content": "", "creation_timestamp": "2025-11-17T03:09:10.948814Z"}, {"uuid": "7fc2b13d-c9b6-4287-b77d-a8087cc4cb11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13259", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5savvqa2b2j", "content": "", "creation_timestamp": "2025-11-17T03:12:31.309019Z"}, {"uuid": "cb6360e3-a6a2-4813-b342-64406e58e164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13258", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5sb4mmpj72q", "content": "", "creation_timestamp": "2025-11-17T03:16:16.613576Z"}, {"uuid": "653b6f25-72a3-4560-95a8-6c1e592f4d03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13255", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5sbec6afo2a", "content": "", "creation_timestamp": "2025-11-17T03:20:34.094412Z"}, {"uuid": "3813bddb-71a9-40d9-8833-992a79c6c7d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13258", "type": "seen", "source": "https://bsky.app/profile/allthebuzz.bsky.social/post/3m5wcfa4m222p", "content": "", "creation_timestamp": "2025-11-18T17:49:38.212744Z"}, {"uuid": "a786095b-a6db-407e-9341-0fe855ea988c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13256", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5sbw6zozf26", "content": "", "creation_timestamp": "2025-11-17T03:30:34.869721Z"}, {"uuid": "4c14c2a4-1e93-4e2e-829d-449bbf37df50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-13253", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5sc75ipvu2b", "content": "", "creation_timestamp": "2025-11-17T03:35:35.174810Z"}]}