{"vulnerability": "cve-2025-6206", "sightings": [{"uuid": "f244c850-f42a-4237-a889-207c410343ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-6206", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsdva6rkxk2a", "content": "", "creation_timestamp": "2025-06-24T10:29:07.452011Z"}, {"uuid": "f895116f-a0f4-4256-a874-d7c4a8f6ea9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-62066", "type": "seen", "source": "https://gist.github.com/Darkcrai86/dedefe68ad678d79122fe470170139c1", "content": "", "creation_timestamp": "2025-11-06T16:59:09.000000Z"}, {"uuid": "c0996e26-ce8b-4075-99a5-1d43d1a2f312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-62067", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4y5icvxaz2k", "content": "", "creation_timestamp": "2025-11-06T18:02:00.908391Z"}, {"uuid": "307960d1-0c66-49f9-98e9-6ea60384e718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-62064", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4yjfhlbr52q", "content": "", "creation_timestamp": "2025-11-06T21:35:10.246302Z"}, {"uuid": "79cd8fb9-d57d-4d54-bccc-18ee4885d50e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-62065", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4yksy7iet2s", "content": "", "creation_timestamp": "2025-11-06T22:00:37.427937Z"}, {"uuid": "bde60494-26e0-449c-a72a-39f1cac58c04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-6206", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19322", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-6206\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_image_editor_ajax_submit' function in all versions up to, and including, 2.5.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. In order to exploit the vulnerability, there must be a value entered for the Stability.AI API key. The value can be arbitrary.\n\ud83d\udccf Published: 2025-06-24T08:23:55.136Z\n\ud83d\udccf Modified: 2025-06-24T08:23:55.136Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/8e0ff2d6-65d2-4a54-b3e5-64b424013313?source=cve\n2. https://codecanyon.net/item/aiomatic-automatic-ai-content-writer/38877369#item-description__changelog", "creation_timestamp": "2025-06-24T08:50:37.000000Z"}, {"uuid": "59f33db6-37a1-46a8-a9da-8226089a238d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-62064", "type": "seen", "source": "https://gist.github.com/Darkcrai86/d70dd943c1ddf01df725e0aba3df0728", "content": "", "creation_timestamp": "2025-11-06T16:59:37.000000Z"}]}