From be97a3529890e0695ffe111a265813ca90d9e5b6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 28 May 2025 09:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2025/27xxx/CVE-2025-27522.json | 78 +++++++++++++++++++++++++++++--- 2025/27xxx/CVE-2025-27526.json | 82 +++++++++++++++++++++++++++++++--- 2025/27xxx/CVE-2025-27528.json | 82 +++++++++++++++++++++++++++++++--- 2025/2xxx/CVE-2025-2784.json | 26 +++++++++++ 2025/32xxx/CVE-2025-32049.json | 26 +++++++++++ 2025/32xxx/CVE-2025-32914.json | 26 +++++++++++ 2025/48xxx/CVE-2025-48902.json | 18 ++++++++ 2025/48xxx/CVE-2025-48903.json | 18 ++++++++ 2025/48xxx/CVE-2025-48904.json | 18 ++++++++ 2025/48xxx/CVE-2025-48905.json | 18 ++++++++ 2025/48xxx/CVE-2025-48906.json | 18 ++++++++ 2025/48xxx/CVE-2025-48907.json | 18 ++++++++ 2025/48xxx/CVE-2025-48908.json | 18 ++++++++ 2025/48xxx/CVE-2025-48909.json | 18 ++++++++ 2025/48xxx/CVE-2025-48910.json | 18 ++++++++ 2025/48xxx/CVE-2025-48911.json | 18 ++++++++ 2025/4xxx/CVE-2025-4948.json | 26 +++++++++++ 2025/5xxx/CVE-2025-5287.json | 76 +++++++++++++++++++++++++++++-- 2025/5xxx/CVE-2025-5300.json | 18 ++++++++ 19 files changed, 601 insertions(+), 19 deletions(-) create mode 100644 2025/48xxx/CVE-2025-48902.json create mode 100644 2025/48xxx/CVE-2025-48903.json create mode 100644 2025/48xxx/CVE-2025-48904.json create mode 100644 2025/48xxx/CVE-2025-48905.json create mode 100644 2025/48xxx/CVE-2025-48906.json create mode 100644 2025/48xxx/CVE-2025-48907.json create mode 100644 2025/48xxx/CVE-2025-48908.json create mode 100644 2025/48xxx/CVE-2025-48909.json create mode 100644 2025/48xxx/CVE-2025-48910.json create mode 100644 2025/48xxx/CVE-2025-48911.json create mode 100644 2025/5xxx/CVE-2025-5300.json diff --git a/2025/27xxx/CVE-2025-27522.json b/2025/27xxx/CVE-2025-27522.json index 845ea9ee384..f2b15568486 100644 --- a/2025/27xxx/CVE-2025-27522.json +++ b/2025/27xxx/CVE-2025-27522.json @@ -1,18 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Deserialization of Untrusted Data vulnerability in Apache InLong.\n\nThis issue affects Apache InLong: from 1.13.0 through 2.1.0.\u00a0This vulnerability is a secondary mining bypass for CVE-2024-26579.\u00a0Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it.\n\n[1] \n\n https://github.com/apache/inlong/pull/11732" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache InLong", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.13.0", + "version_value": "2.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/s4dnmq3gwcjocxf85qk190knlzd26jby", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/s4dnmq3gwcjocxf85qk190knlzd26jby" + }, + { + "url": "https://github.com/apache/inlong/pull/11732", + "refsource": "MISC", + "name": "https://github.com/apache/inlong/pull/11732" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "yulate" + }, + { + "lang": "en", + "value": "m4x" + } + ] } \ No newline at end of file diff --git a/2025/27xxx/CVE-2025-27526.json b/2025/27xxx/CVE-2025-27526.json index 7c47b018d99..8182e9bd6e9 100644 --- a/2025/27xxx/CVE-2025-27526.json +++ b/2025/27xxx/CVE-2025-27526.json @@ -1,18 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Deserialization of Untrusted Data vulnerability in Apache InLong.\n\nThis issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerability URLEncdoe and backspace bypass. Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it.\n\n[1]\u00a0 https://github.com/apache/inlong/pull/11747" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache InLong", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.13", + "version_value": "2.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/4t4sqscm7xdqn883dyjy40qk6ncf26xf", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/4t4sqscm7xdqn883dyjy40qk6ncf26xf" + }, + { + "url": "https://github.com/apache/inlong/pull/11747", + "refsource": "MISC", + "name": "https://github.com/apache/inlong/pull/11747" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "yulate" + }, + { + "lang": "en", + "value": "m4x" + }, + { + "lang": "en", + "value": "h3h3qaq" + } + ] } \ No newline at end of file diff --git a/2025/27xxx/CVE-2025-27528.json b/2025/27xxx/CVE-2025-27528.json index 1fcea2bc4ef..9628ef3cc9f 100644 --- a/2025/27xxx/CVE-2025-27528.json +++ b/2025/27xxx/CVE-2025-27528.json @@ -1,18 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27528", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Deserialization of Untrusted Data vulnerability in Apache InLong.\n\nThis issue affects Apache InLong: from 1.13.0 through 2.1.0. \n\nThis\nvulnerability allows attackers to bypass the security mechanisms of InLong\nJDBC and leads to arbitrary file reading.\u00a0Users are advised to upgrade to Apache InLong's 2.2.0 or cherry-pick [1] to solve it.\n\n[1] https://github.com/apache/inlong/pull/11747" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache InLong", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "1.13.0", + "version_value": "2.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://lists.apache.org/thread/b807rqzgyv4qgvxw3nhkq8tl6g90gqgj", + "refsource": "MISC", + "name": "https://lists.apache.org/thread/b807rqzgyv4qgvxw3nhkq8tl6g90gqgj" + }, + { + "url": "https://github.com/apache/inlong/pull/11747", + "refsource": "MISC", + "name": "https://github.com/apache/inlong/pull/11747" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "credits": [ + { + "lang": "en", + "value": "yulat" + }, + { + "lang": "en", + "value": "m4x" + }, + { + "lang": "en", + "value": "h3h3qaq" + } + ] } \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2784.json b/2025/2xxx/CVE-2025-2784.json index 7e29161de17..b31938205c6 100644 --- a/2025/2xxx/CVE-2025-2784.json +++ b/2025/2xxx/CVE-2025-2784.json @@ -91,6 +91,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.62.3-3.el8_8.5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9", "version": { @@ -213,6 +234,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2025:8140" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:8252", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:8252" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-2784", "refsource": "MISC", diff --git a/2025/32xxx/CVE-2025-32049.json b/2025/32xxx/CVE-2025-32049.json index fd842309137..cd3a4a9696b 100644 --- a/2025/32xxx/CVE-2025-32049.json +++ b/2025/32xxx/CVE-2025-32049.json @@ -91,6 +91,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.62.3-3.el8_8.5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9", "version": { @@ -213,6 +234,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2025:8140" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:8252", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:8252" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-32049", "refsource": "MISC", diff --git a/2025/32xxx/CVE-2025-32914.json b/2025/32xxx/CVE-2025-32914.json index 1ebaabe7e7b..879ce9018ee 100644 --- a/2025/32xxx/CVE-2025-32914.json +++ b/2025/32xxx/CVE-2025-32914.json @@ -91,6 +91,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.62.3-3.el8_8.5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9", "version": { @@ -213,6 +234,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2025:8140" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:8252", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:8252" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-32914", "refsource": "MISC", diff --git a/2025/48xxx/CVE-2025-48902.json b/2025/48xxx/CVE-2025-48902.json new file mode 100644 index 00000000000..6464371aa08 --- /dev/null +++ b/2025/48xxx/CVE-2025-48902.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48902", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48903.json b/2025/48xxx/CVE-2025-48903.json new file mode 100644 index 00000000000..919a769d1fc --- /dev/null +++ b/2025/48xxx/CVE-2025-48903.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48903", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48904.json b/2025/48xxx/CVE-2025-48904.json new file mode 100644 index 00000000000..543f655ba86 --- /dev/null +++ b/2025/48xxx/CVE-2025-48904.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48904", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48905.json b/2025/48xxx/CVE-2025-48905.json new file mode 100644 index 00000000000..356984db57f --- /dev/null +++ b/2025/48xxx/CVE-2025-48905.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48905", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48906.json b/2025/48xxx/CVE-2025-48906.json new file mode 100644 index 00000000000..2a1a32c7c81 --- /dev/null +++ b/2025/48xxx/CVE-2025-48906.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48906", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48907.json b/2025/48xxx/CVE-2025-48907.json new file mode 100644 index 00000000000..10f2e99a89e --- /dev/null +++ b/2025/48xxx/CVE-2025-48907.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48907", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48908.json b/2025/48xxx/CVE-2025-48908.json new file mode 100644 index 00000000000..83a818b894b --- /dev/null +++ b/2025/48xxx/CVE-2025-48908.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48908", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48909.json b/2025/48xxx/CVE-2025-48909.json new file mode 100644 index 00000000000..62cb408a0b4 --- /dev/null +++ b/2025/48xxx/CVE-2025-48909.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48909", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48910.json b/2025/48xxx/CVE-2025-48910.json new file mode 100644 index 00000000000..e1e2620beac --- /dev/null +++ b/2025/48xxx/CVE-2025-48910.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48910", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/48xxx/CVE-2025-48911.json b/2025/48xxx/CVE-2025-48911.json new file mode 100644 index 00000000000..9362d80744c --- /dev/null +++ b/2025/48xxx/CVE-2025-48911.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-48911", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4948.json b/2025/4xxx/CVE-2025-4948.json index 9cb8945db11..58a69a3cc57 100644 --- a/2025/4xxx/CVE-2025-4948.json +++ b/2025/4xxx/CVE-2025-4948.json @@ -91,6 +91,27 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:2.62.3-3.el8_8.5", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 9", "version": { @@ -213,6 +234,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2025:8140" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:8252", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:8252" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-4948", "refsource": "MISC", diff --git a/2025/5xxx/CVE-2025-5287.json b/2025/5xxx/CVE-2025-5287.json index f7178776d81..3e9cc453693 100644 --- a/2025/5xxx/CVE-2025-5287.json +++ b/2025/5xxx/CVE-2025-5287.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-5287", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "erumfaham", + "product": { + "product_data": [ + { + "product_name": "Likes and Dislikes Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad19205d-d355-45d8-be5b-f8005459a8c7?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad19205d-d355-45d8-be5b-f8005459a8c7?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/inprosysmedia-likes-dislikes-post/trunk/inprosysmedia-likes-dislikes-post.php#L76", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/inprosysmedia-likes-dislikes-post/trunk/inprosysmedia-likes-dislikes-post.php#L76" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Nxploited" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH" } ] } diff --git a/2025/5xxx/CVE-2025-5300.json b/2025/5xxx/CVE-2025-5300.json new file mode 100644 index 00000000000..de80f2ebf38 --- /dev/null +++ b/2025/5xxx/CVE-2025-5300.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-5300", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file