{"vulnerability": "cve-2025-2940", "sightings": [{"uuid": "4ae12a91-e66f-4058-90db-68651136b178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2940", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19681", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2940\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Ninja Tables \u2013 Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.\n\ud83d\udccf Published: 2025-06-27T08:23:57.327Z\n\ud83d\udccf Modified: 2025-06-27T08:23:57.327Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/02480559-be5c-4d23-9e62-bb76fafb4f42?source=cve\n2. https://plugins.trac.wordpress.org/browser/ninja-tables/trunk/vendor/wpfluent/framework/src/WPFluent/Http/Client.php#L268\n3. https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.18/vendor/wpfluent/framework/src/WPFluent/Http/Client.php#L268\n4. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3269692%40ninja-tables&new=3269692%40ninja-tables&sfp_email=&sfph_mail=\n5. https://plugins.trac.wordpress.org/browser/ninja-tables/tags/5.0.19/vendor/wpfluent/framework/src/WPFluent/Http/Client.php", "creation_timestamp": "2025-06-27T08:52:07.000000Z"}, {"uuid": "db4c87d9-f6f7-4f7c-8f72-17b06e94a9f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29403", "type": "seen", "source": "https://gist.github.com/bGl1o/9293becd52228c3734ffc86691bfdf57", "content": "", "creation_timestamp": "2025-03-19T07:49:33.000000Z"}, {"uuid": "1ffcb761-9d16-440d-8232-62a5443c8d32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29404", "type": "seen", "source": "https://gist.github.com/bGl1o/dc3c799c7db3b583ce8737c52a830d21", "content": "", "creation_timestamp": "2025-03-19T07:53:31.000000Z"}, {"uuid": "a2ddc0df-44c0-4780-b752-50f957f407d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29405", "type": "seen", "source": "https://gist.github.com/bGl1o/19a141ee6e899884fa85f3a52898bcc6", "content": "", "creation_timestamp": "2025-03-19T07:56:49.000000Z"}, {"uuid": "c5338ac1-e79b-4a24-a32c-b810ab64bb06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29401", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtnaz3gr2s", "content": "", "creation_timestamp": "2025-03-19T18:43:41.681178Z"}, {"uuid": "3b7e405c-960c-4493-b28c-93a721f876dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29401", "type": "seen", "source": "https://gist.github.com/bGl1o/f946e99e94f3b563c9b9b5c095da660a", "content": "", "creation_timestamp": "2025-03-19T02:18:11.000000Z"}, {"uuid": "34e299eb-6f7a-4c59-b3ac-a77d42288597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29402", "type": "seen", "source": "https://gist.github.com/bGl1o/150938492af2623161c6037dc4b1be68", "content": "", "creation_timestamp": "2025-03-19T04:08:41.000000Z"}, {"uuid": "d1da660f-4314-4391-a8bb-d945218e2cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29401", "type": "seen", "source": "https://t.me/cvedetector/20650", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29401 - Emlog Pro Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-29401 \nPublished : March 19, 2025, 4:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7 allows attackers to execute arbitrary code via uploading a crafted PHP file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T18:49:27.000000Z"}, {"uuid": "f2fdbc7c-e513-4656-b38b-04c9b9ef4eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29405", "type": "seen", "source": "https://t.me/cvedetector/20658", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29405 - Emlog Pro PHP File Upload RCE\", \n  \"Content\": \"CVE ID : CVE-2025-29405 \nPublished : March 19, 2025, 6:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : An arbitrary file upload vulnerability in the component /admin/template.php of emlog pro 2.5.0 and pro 2.5.* allows attackers to execute arbitrary code via uploading a crafted PHP file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T20:29:46.000000Z"}, {"uuid": "7807c76a-8628-4ba9-b70a-cb07008179e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2940", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lslihekmjc2i", "content": "", "creation_timestamp": "2025-06-27T11:01:47.399591Z"}]}