From 4e58b9db2d75f496d346ccf311c70aafbd5b01a2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 30 May 2025 06:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2025/41xxx/CVE-2025-41235.json | 108 +++++++++++++++++++++++++++++++-- 2025/48xxx/CVE-2025-48490.json | 77 +++++++++++++++++++++-- 2025/48xxx/CVE-2025-48881.json | 80 ++++++++++++++++++++++-- 2025/49xxx/CVE-2025-49018.json | 18 ++++++ 2025/49xxx/CVE-2025-49019.json | 18 ++++++ 2025/49xxx/CVE-2025-49020.json | 18 ++++++ 2025/49xxx/CVE-2025-49021.json | 18 ++++++ 2025/49xxx/CVE-2025-49022.json | 18 ++++++ 2025/49xxx/CVE-2025-49023.json | 18 ++++++ 2025/49xxx/CVE-2025-49024.json | 18 ++++++ 2025/49xxx/CVE-2025-49025.json | 18 ++++++ 2025/49xxx/CVE-2025-49026.json | 18 ++++++ 2025/49xxx/CVE-2025-49027.json | 18 ++++++ 2025/4xxx/CVE-2025-4659.json | 76 +++++++++++++++++++++-- 2025/5xxx/CVE-2025-5259.json | 86 ++++++++++++++++++++++++-- 2025/5xxx/CVE-2025-5342.json | 18 ++++++ 16 files changed, 605 insertions(+), 20 deletions(-) create mode 100644 2025/49xxx/CVE-2025-49018.json create mode 100644 2025/49xxx/CVE-2025-49019.json create mode 100644 2025/49xxx/CVE-2025-49020.json create mode 100644 2025/49xxx/CVE-2025-49021.json create mode 100644 2025/49xxx/CVE-2025-49022.json create mode 100644 2025/49xxx/CVE-2025-49023.json create mode 100644 2025/49xxx/CVE-2025-49024.json create mode 100644 2025/49xxx/CVE-2025-49025.json create mode 100644 2025/49xxx/CVE-2025-49026.json create mode 100644 2025/49xxx/CVE-2025-49027.json create mode 100644 2025/5xxx/CVE-2025-5342.json diff --git a/2025/41xxx/CVE-2025-41235.json b/2025/41xxx/CVE-2025-41235.json index 758fad94a4c..a21386e4575 100644 --- a/2025/41xxx/CVE-2025-41235.json +++ b/2025/41xxx/CVE-2025-41235.json @@ -1,17 +1,117 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-41235", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Spring Cloud Gateway Server forwards the X-Forwarded-For\u00a0and Forwarded\u00a0headers from untrusted proxies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "VMware", + "product": { + "product_data": [ + { + "product_name": "Spring cloud Gateway", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "4.3.0, 4.2.3, 4.1.8, 4.0.12, 3.1.10", + "status": "affected", + "version": "2.2.10.RELEASE - 4.2.2, 4.3.0-{M1, M2, RC1}", + "versionType": "oss, commercial" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Spring Cloud Gateway Server MVC", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "4.3.0, 4.2.3, 4.1.8", + "status": "affected", + "version": "4.1.7 - 4.2.2, 4.3.0-{M1, M2, RC1}", + "versionType": "OSS" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://spring.io/security/cve-2025-41235", + "refsource": "MISC", + "name": "https://spring.io/security/cve-2025-41235" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", + "version": "3.1" } ] } diff --git a/2025/48xxx/CVE-2025-48490.json b/2025/48xxx/CVE-2025-48490.json index 2056f7c9516..ebf71f43f95 100644 --- a/2025/48xxx/CVE-2025-48490.json +++ b/2025/48xxx/CVE-2025-48490.json @@ -1,18 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-48490", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Laravel Rest Api is an API generator. Prior to version 2.13.0, a validation bypass vulnerability was discovered where multiple validations defined for the same attribute could be silently overridden. Due to how the framework merged validation rules across multiple contexts (such as index, store, and update actions), malicious actors could exploit this behavior by crafting requests that bypass expected validation rules, potentially injecting unexpected or dangerous parameters into the application. This could lead to unauthorized data being accepted or processed by the API, depending on the context in which the validation was bypassed. This issue has been patched in version 2.13.0." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-1173: Improper Use of Validation Framework", + "cweId": "CWE-1173" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Lomkit", + "product": { + "product_data": [ + { + "product_name": "laravel-rest-api", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 2.13.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Lomkit/laravel-rest-api/security/advisories/GHSA-69rh-hccr-cxrj", + "refsource": "MISC", + "name": "https://github.com/Lomkit/laravel-rest-api/security/advisories/GHSA-69rh-hccr-cxrj" + }, + { + "url": "https://github.com/Lomkit/laravel-rest-api/pull/172", + "refsource": "MISC", + "name": "https://github.com/Lomkit/laravel-rest-api/pull/172" + }, + { + "url": "https://github.com/Lomkit/laravel-rest-api/commit/88b14587b4efd7e59d7379658c606d325bb513b4", + "refsource": "MISC", + "name": "https://github.com/Lomkit/laravel-rest-api/commit/88b14587b4efd7e59d7379658c606d325bb513b4" + } + ] + }, + "source": { + "advisory": "GHSA-69rh-hccr-cxrj", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48881.json b/2025/48xxx/CVE-2025-48881.json index 89e0eb38bb7..a5d091019bf 100644 --- a/2025/48xxx/CVE-2025-48881.json +++ b/2025/48xxx/CVE-2025-48881.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-48881", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all objects for which an object-management configuration exists can be listed, viewed, edited, created or deleted by unauthorised users. If object-urls are exposed via other channels, the contents of these objects can be viewed independent of object-management configurations. At time of publication, no known patches exist. A workaround for this issue involves overriding the endpoint security as defined in ObjectenApiHttpSecurityConfigurer and ObjectManagementHttpSecurityConfigurer. Depending on the implementation, this could result in loss of functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-863: Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "valtimo-platform", + "product": { + "product_data": [ + { + "product_name": "valtimo-backend-libraries", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 11.0.0.RELEASE, <= 11.3.3.RELEASE" + }, + { + "version_affected": "=", + "version_value": ">= 12.0.0.RELEASE, <= 12.12.0.RELEASE" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/valtimo-platform/valtimo-backend-libraries/security/advisories/GHSA-965r-9cg9-g42p", + "refsource": "MISC", + "name": "https://github.com/valtimo-platform/valtimo-backend-libraries/security/advisories/GHSA-965r-9cg9-g42p" + } + ] + }, + "source": { + "advisory": "GHSA-965r-9cg9-g42p", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", + "version": "3.1" } ] } diff --git a/2025/49xxx/CVE-2025-49018.json b/2025/49xxx/CVE-2025-49018.json new file mode 100644 index 00000000000..3a964180751 --- /dev/null +++ b/2025/49xxx/CVE-2025-49018.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49018", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49019.json b/2025/49xxx/CVE-2025-49019.json new file mode 100644 index 00000000000..f3177e44494 --- /dev/null +++ b/2025/49xxx/CVE-2025-49019.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49019", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49020.json b/2025/49xxx/CVE-2025-49020.json new file mode 100644 index 00000000000..a9985e3bb6a --- /dev/null +++ b/2025/49xxx/CVE-2025-49020.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49020", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49021.json b/2025/49xxx/CVE-2025-49021.json new file mode 100644 index 00000000000..befaca98f8e --- /dev/null +++ b/2025/49xxx/CVE-2025-49021.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49021", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49022.json b/2025/49xxx/CVE-2025-49022.json new file mode 100644 index 00000000000..918bb955d68 --- /dev/null +++ b/2025/49xxx/CVE-2025-49022.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49022", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49023.json b/2025/49xxx/CVE-2025-49023.json new file mode 100644 index 00000000000..948ad374756 --- /dev/null +++ b/2025/49xxx/CVE-2025-49023.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49023", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49024.json b/2025/49xxx/CVE-2025-49024.json new file mode 100644 index 00000000000..f24f1764498 --- /dev/null +++ b/2025/49xxx/CVE-2025-49024.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49024", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49025.json b/2025/49xxx/CVE-2025-49025.json new file mode 100644 index 00000000000..8528bf1db3c --- /dev/null +++ b/2025/49xxx/CVE-2025-49025.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49025", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49026.json b/2025/49xxx/CVE-2025-49026.json new file mode 100644 index 00000000000..19ae2b57598 --- /dev/null +++ b/2025/49xxx/CVE-2025-49026.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49026", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/49xxx/CVE-2025-49027.json b/2025/49xxx/CVE-2025-49027.json new file mode 100644 index 00000000000..b9420fed4ea --- /dev/null +++ b/2025/49xxx/CVE-2025-49027.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-49027", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4659.json b/2025/4xxx/CVE-2025-4659.json index 792afc79e7b..3fc3e9a2ae5 100644 --- a/2025/4xxx/CVE-2025-4659.json +++ b/2025/4xxx/CVE-2025-4659.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4659", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.4. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "crmperks", + "product": { + "product_data": [ + { + "product_name": "Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.4.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a99456c4-c828-4dc9-9375-8981eafbeb15?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a99456c4-c828-4dc9-9375-8981eafbeb15?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3299864/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3299864/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Fabian Rosales" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2025/5xxx/CVE-2025-5259.json b/2025/5xxx/CVE-2025-5259.json index fd58ab98d60..18e1d820bec 100644 --- a/2025/5xxx/CVE-2025-5259.json +++ b/2025/5xxx/CVE-2025-5259.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-5259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Minimal Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018align\u2019 parameter in all versions up to, and including, 1.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "gonzomir", + "product": { + "product_data": [ + { + "product_name": "Minimal Share Buttons", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ac2ac7a-4cb5-4051-bec7-a22693c50915?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ac2ac7a-4cb5-4051-bec7-a22693c50915?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/minimal-share-buttons/trunk/inc/class-minimal-share-buttons.php#L67", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/minimal-share-buttons/trunk/inc/class-minimal-share-buttons.php#L67" + }, + { + "url": "https://wordpress.org/plugins/minimal-share-buttons/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/minimal-share-buttons/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3302704%40minimal-share-buttons&old=3074272%40minimal-share-buttons&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3302704%40minimal-share-buttons&old=3074272%40minimal-share-buttons&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Peter Thaleikis" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2025/5xxx/CVE-2025-5342.json b/2025/5xxx/CVE-2025-5342.json new file mode 100644 index 00000000000..09d2fba6318 --- /dev/null +++ b/2025/5xxx/CVE-2025-5342.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-5342", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file