{"vulnerability": "cve-2025-3218", "sightings": [{"uuid": "0c964683-eb41-470b-b666-e83ddeb3a9d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3218", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lokkl3bkij22", "content": "", "creation_timestamp": "2025-05-07T04:26:15.105369Z"}, {"uuid": "5dc6dc62-5317-423b-8cb8-704b390cea62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32185", "type": "seen", "source": "Telegram/utadLXNkSCvrMbTZz54AhdBQKOBTuhF91QCnJiq7ebTgUxA", "content": "", "creation_timestamp": "2026-01-07T15:01:10.000000Z"}, {"uuid": "7ad82f21-da07-48e3-b216-cf18d7f80c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3218", "type": "seen", "source": "https://t.me/cvedetector/24674", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3218 - IBM i Netserver Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-3218 \nPublished : May 7, 2025, 2:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver.  A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access the server. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T07:12:58.000000Z"}, {"uuid": "c2a43047-1f37-403f-ad3b-0452ea61cb69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3218", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lolm7ge4gn2z", "content": "", "creation_timestamp": "2025-05-07T14:28:09.312704Z"}, {"uuid": "7ea063cc-30b4-47d8-9a31-b86ab00a0465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32183", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10517", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32183\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Galaxy Weblinks Video Playlist For YouTube allows Stored XSS. This issue affects Video Playlist For YouTube: from n/a through 6.6.\n\ud83d\udccf Published: 2025-04-04T15:58:58.127Z\n\ud83d\udccf Modified: 2025-04-04T18:28:23.515Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/video-playlist-for-youtube/vulnerability/wordpress-video-playlist-for-youtube-plugin-6-6-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T18:36:07.000000Z"}, {"uuid": "0871d70c-53b2-4f65-8952-954417cbd847", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32182", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10516", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32182\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spider Themes Spider Elements \u2013 Addons for Elementor allows Stored XSS. This issue affects Spider Elements \u2013 Addons for Elementor: from n/a through 1.6.2.\n\ud83d\udccf Published: 2025-04-04T15:58:57.361Z\n\ud83d\udccf Modified: 2025-04-04T18:29:47.791Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/spider-elements/vulnerability/wordpress-spider-elements-addons-for-elementor-plugin-1-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T18:36:07.000000Z"}, {"uuid": "9e3d7a6c-54ee-412a-988c-ec727743027d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32181", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10515", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32181\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fast Simon Search, Filters & Merchandising for WooCommerce allows Stored XSS. This issue affects Search, Filters & Merchandising for WooCommerce: from n/a through 3.0.57.\n\ud83d\udccf Published: 2025-04-04T15:58:56.730Z\n\ud83d\udccf Modified: 2025-04-04T18:31:11.920Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/instantsearch-for-woocommerce/vulnerability/wordpress-search-filters-merchandising-for-woocommerce-plugin-3-0-57-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T18:36:06.000000Z"}, {"uuid": "eb975df4-003b-4bfb-a08a-d3ddc8043d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3218", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15250", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3218\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver.  A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access the server.\n\ud83d\udccf Published: 2025-05-07T01:10:57.713Z\n\ud83d\udccf Modified: 2025-05-07T01:10:57.713Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7232750", "creation_timestamp": "2025-05-07T02:21:47.000000Z"}]}