{"vulnerability": "cve-2025-4828", "sightings": [{"uuid": "f91f97f9-73ee-4722-a41b-3d77fe51fba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48281", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr73nnn5fl2m", "content": "", "creation_timestamp": "2025-06-09T19:15:31.116111Z"}, {"uuid": "25cba9ed-7705-4c32-ad2b-35551957ec05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48289", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lptwelu4wg2a", "content": "", "creation_timestamp": "2025-05-23T15:16:29.682520Z"}, {"uuid": "fe9f6180-b16c-4be1-96cc-32a74ba48deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48283", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lptx3wr3zv2s", "content": "", "creation_timestamp": "2025-05-23T15:29:33.169140Z"}, {"uuid": "0e40b675-dd01-4e6b-9395-c577d313b0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48286", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17649", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48286\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catkin ReDi Restaurant Reservation allows Reflected XSS. This issue affects ReDi Restaurant Reservation: from n/a through 24.1209.\n\ud83d\udccf Published: 2025-05-23T12:43:15.038Z\n\ud83d\udccf Modified: 2025-05-27T14:37:11.990Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/redi-restaurant-reservation/vulnerability/wordpress-redi-restaurant-reservation-plugin-24-1209-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-27T14:48:45.000000Z"}, {"uuid": "08fd4cb5-289e-4756-a0ed-216362c1d147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48287", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lptvuehqbx2y", "content": "", "creation_timestamp": "2025-05-23T15:07:25.128070Z"}, {"uuid": "d44eeb8a-4a6b-4729-a59c-9beedc532863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48287", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17391", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48287\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in Pagaleve Pix 4x sem juros - Pagaleve allows Object Injection.This issue affects Pix 4x sem juros - Pagaleve: from n/a through 1.6.9.\n\ud83d\udccf Published: 2025-05-23T12:43:14.537Z\n\ud83d\udccf Modified: 2025-05-23T14:26:17.219Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wc-pagaleve/vulnerability/wordpress-pix-4x-sem-juros-pagaleve-1-6-9-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-23T14:46:19.000000Z"}, {"uuid": "57b49ac9-7cdb-455f-a720-10355e39d32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-48281", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mimmlgc2vm2f", "content": "", "creation_timestamp": "2026-04-03T21:02:40.143725Z"}, {"uuid": "227520ee-f9fb-46b1-abbe-ca576eaf2a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48283", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17650", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48283\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Majestic Support Majestic Support allows SQL Injection. This issue affects Majestic Support: from n/a through 1.1.0.\n\ud83d\udccf Published: 2025-05-23T12:43:15.502Z\n\ud83d\udccf Modified: 2025-05-27T14:36:45.002Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/majestic-support/vulnerability/wordpress-majestic-support-1-1-0-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-27T14:48:47.000000Z"}, {"uuid": "ba0a5399-59dd-43e4-bb67-a5373aa196e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-48281", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17724", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48281\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mystyleplatform MyStyle Custom Product Designer allows Blind SQL Injection. This issue affects MyStyle Custom Product Designer: from n/a through 3.21.1.\n\ud83d\udccf Published: 2025-06-09T15:53:53.912Z\n\ud83d\udccf Modified: 2025-06-09T17:23:37.812Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/mystyle-custom-product-designer/vulnerability/wordpress-mystyle-custom-product-designer-3-21-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-09T18:11:08.000000Z"}]}