{"vulnerability": "cve-2025-2542", "sightings": [{"uuid": "1e285f2c-0970-41c5-9cd3-4c98dd06c0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://t.me/cvedetector/23302", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25427 - \"TP-Link WR841N UPnP Stored XSS\"\", \n  \"Content\": \"CVE ID : CVE-2025-25427 \nPublished : April 18, 2025, 1:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : A Stored cross-site scripting (XSS)  \nvulnerability in upnp page of the web Interface in TP-Link WR841N <=4.19\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-18T04:52:31.000000Z"}, {"uuid": "03987d53-f3b7-4847-869f-68ae0848550b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2542", "type": "seen", "source": "https://t.me/cvedetector/21085", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2542 - WordPress Your Simple SVG Support Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2542 \nPublished : March 25, 2025, 10:15 a.m. | 1\u00a0hour, 41\u00a0minutes ago \nDescription : The Your Simple SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T13:38:26.000000Z"}, {"uuid": "5649cba0-e8f6-405d-9a08-a6e5962c872d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25426", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljlnykqnhs2r", "content": "", "creation_timestamp": "2025-03-04T23:54:08.523518Z"}, {"uuid": "b2012783-f17e-402d-89f5-57fa3d8f4808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln2mk6hd7c2u", "content": "", "creation_timestamp": "2025-04-18T02:53:43.375354Z"}, {"uuid": "494e02ec-f1be-49b0-a72e-88144832e383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25429", "type": "seen", "source": "Telegram/pITSVEZ6Zozk8fnJWOL8OYa2TwFlpQKSsD9K53p2PDoHPoL7", "content": "", "creation_timestamp": "2025-03-02T11:46:30.000000Z"}, {"uuid": "a203122f-2834-45c7-9b7d-0239daae2c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2542", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll747phg6626", "content": "", "creation_timestamp": "2025-03-25T10:54:28.053087Z"}, {"uuid": "c7aa6f37-8dc7-4aab-a0ea-549b9b15ae45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25426", "type": "seen", "source": "https://gist.github.com/Catherines77/79e6b69490b085d9c2d96c99e72c3579", "content": "", "creation_timestamp": "2025-02-28T14:20:06.000000Z"}, {"uuid": "8a78801f-73ba-432c-bbac-e7167e299bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114359113293487655", "content": "", "creation_timestamp": "2025-04-18T13:06:28.859941Z"}, {"uuid": "9f8669a7-bf80-4295-8994-4d957cb53f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln4rydvvt672", "content": "", "creation_timestamp": "2025-04-18T23:36:35.387714Z"}, {"uuid": "cea0f03e-403e-464b-8cfd-c3048312155c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln4ryettfdx2", "content": "", "creation_timestamp": "2025-04-18T23:36:35.952709Z"}, {"uuid": "8c996c0b-4013-4124-9a17-357a97a3f690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln4zfmh4sto2", "content": "", "creation_timestamp": "2025-04-19T01:49:20.352504Z"}, {"uuid": "34b5119f-c6cc-43b3-a65b-9a413abf5297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lnhfrtskaw2h", "content": "", "creation_timestamp": "2025-04-23T04:57:21.071413Z"}, {"uuid": "3df9e395-8b12-4579-8eba-6d9708dbb35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25426", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:31:00.000000Z"}, {"uuid": "a7d99302-baf2-44f3-972b-a74cf5c4fed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25429", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6025", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25429\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page.\n\ud83d\udccf Published: 2025-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T22:18:56.361Z\n\ud83d\udd17 References:\n1. https://instinctive-acapella-fc7.notion.site/Trendnet-TEW-929DRU-XSS-10315d9d4d26801f8985c11a22389e6b", "creation_timestamp": "2025-02-28T23:27:51.000000Z"}, {"uuid": "af4311c8-14f5-465e-a7b4-e1ea7dc90b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2542", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8642", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2542\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Your Simple SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.\n\ud83d\udccf Published: 2025-03-25T09:22:02.466Z\n\ud83d\udccf Modified: 2025-03-25T09:22:02.466Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/1aa9d836-4e13-4c6a-b1e6-a8f984805842?source=cve\n2. https://plugins.trac.wordpress.org/browser/your-simple-svg-support/tags/1.0.0/your-simple-svg-support.php#L16\n3. https://plugins.trac.wordpress.org/browser/your-simple-svg-support/tags/1.0.0/your-simple-svg-support.php#L20\n4. https://wordpress.org/plugins/your-simple-svg-support/#developers\n5. https://plugins.trac.wordpress.org/changeset/3259951/", "creation_timestamp": "2025-03-25T10:24:35.000000Z"}, {"uuid": "7ee59192-ed1d-4859-a83f-43ab36d2d5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "published-proof-of-concept", "source": "Telegram/l8rpmt9IEsaMir73BEzPWVwPlbkzU9EJpZeQ9myt0c4T-pE", "content": "", "creation_timestamp": "2025-04-18T03:00:28.000000Z"}, {"uuid": "40732828-4bfd-4f78-bd91-6b8e955ac78d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25427", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lni6ztyb3c23", "content": "", "creation_timestamp": "2025-04-23T12:29:14.557403Z"}, {"uuid": "7e9f0d5c-e560-477a-a163-8ac7eff6cee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25426", "type": "seen", "source": "https://t.me/cvedetector/19550", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25426 - Yshopmall SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25426 \nPublished : March 4, 2025, 10:15 p.m. | 34\u00a0minutes ago \nDescription : yshopmall <=v1.9.0\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T00:12:43.000000Z"}, {"uuid": "95738884-bfdc-4f35-8d03-746fc5e33195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25429", "type": "seen", "source": "https://t.me/cvedetector/19183", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25429 - Trendnet TEW-929DRU Stored Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-25429 \nPublished : Feb. 28, 2025, 7:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Trendnet TEW-929DRU 1.0.0.10 contains a Stored Cross-site Scripting (XSS) vulnerability via the r_name variable inside the have_same_name function on the /addschedule.htm page. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T22:03:06.000000Z"}, {"uuid": "16787419-3d17-4d1c-89f5-e0ef27470101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25428", "type": "seen", "source": "https://t.me/cvedetector/19182", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25428 - TRENDnet TEW-929DRU Root Hardcoded Password Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25428 \nPublished : Feb. 28, 2025, 7:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T22:03:05.000000Z"}]}