From 813e971e52c226d023427c8ec7e8584dfe0e91a5 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 3 Mar 2025 15:03:50 +0000 Subject: [PATCH] Auto-Update: 2025-03-03T15:00:20.810379+00:00 --- CVE-2024/CVE-2024-470xx/CVE-2024-47092.json | 82 ++++++ CVE-2024/CVE-2024-530xx/CVE-2024-53011.json | 14 +- CVE-2024/CVE-2024-541xx/CVE-2024-54179.json | 56 +++++ CVE-2025/CVE-2025-12xx/CVE-2025-1247.json | 6 +- CVE-2025/CVE-2025-16xx/CVE-2025-1634.json | 6 +- CVE-2025/CVE-2025-18xx/CVE-2025-1869.json | 78 ++++++ CVE-2025/CVE-2025-18xx/CVE-2025-1870.json | 78 ++++++ CVE-2025/CVE-2025-18xx/CVE-2025-1871.json | 78 ++++++ CVE-2025/CVE-2025-18xx/CVE-2025-1872.json | 78 ++++++ CVE-2025/CVE-2025-18xx/CVE-2025-1873.json | 78 ++++++ CVE-2025/CVE-2025-18xx/CVE-2025-1874.json | 78 ++++++ CVE-2025/CVE-2025-18xx/CVE-2025-1875.json | 78 ++++++ CVE-2025/CVE-2025-211xx/CVE-2025-21121.json | 49 +++- CVE-2025/CVE-2025-211xx/CVE-2025-21123.json | 61 ++++- CVE-2025/CVE-2025-211xx/CVE-2025-21124.json | 49 +++- CVE-2025/CVE-2025-211xx/CVE-2025-21125.json | 49 +++- CVE-2025/CVE-2025-211xx/CVE-2025-21126.json | 61 ++++- CVE-2025/CVE-2025-211xx/CVE-2025-21157.json | 49 +++- CVE-2025/CVE-2025-211xx/CVE-2025-21158.json | 49 +++- CVE-2025/CVE-2025-234xx/CVE-2025-23425.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23433.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23437.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23439.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23440.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23441.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23446.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23447.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23450.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23451.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23464.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23465.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23468.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23472.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23473.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23478.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23479.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23480.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23481.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23482.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23484.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23485.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23487.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23488.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23490.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23493.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23494.json | 56 +++++ CVE-2025/CVE-2025-234xx/CVE-2025-23496.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23502.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23505.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23515.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23516.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23517.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23518.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23519.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23520.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23521.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23524.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23526.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23536.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23538.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23539.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23549.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23552.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23553.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23555.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23556.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23563.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23564.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23565.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23570.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23575.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23576.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23579.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23584.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23585.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23586.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23587.json | 56 +++++ CVE-2025/CVE-2025-235xx/CVE-2025-23595.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23600.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23613.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23615.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23616.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23619.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23635.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23637.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23663.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23668.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23670.json | 56 +++++ CVE-2025/CVE-2025-236xx/CVE-2025-23688.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23716.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23718.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23721.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23726.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23731.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23736.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23738.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23739.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23740.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23741.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23753.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23762.json | 56 +++++ CVE-2025/CVE-2025-237xx/CVE-2025-23763.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23813.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23814.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23829.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23843.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23847.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23850.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23852.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23879.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23881.json | 56 +++++ CVE-2025/CVE-2025-238xx/CVE-2025-23883.json | 56 +++++ CVE-2025/CVE-2025-239xx/CVE-2025-23903.json | 56 +++++ CVE-2025/CVE-2025-239xx/CVE-2025-23904.json | 56 +++++ CVE-2025/CVE-2025-239xx/CVE-2025-23945.json | 56 +++++ CVE-2025/CVE-2025-239xx/CVE-2025-23956.json | 56 +++++ CVE-2025/CVE-2025-246xx/CVE-2025-24633.json | 6 +- CVE-2025/CVE-2025-246xx/CVE-2025-24694.json | 56 +++++ CVE-2025/CVE-2025-247xx/CVE-2025-24758.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25070.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25083.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25084.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25087.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25089.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25090.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25092.json | 56 +++++ CVE-2025/CVE-2025-250xx/CVE-2025-25099.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25102.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25108.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25109.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25112.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25113.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25114.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25115.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25118.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25119.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25121.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25122.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25124.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25127.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25129.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25130.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25131.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25132.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25133.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25137.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25142.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25150.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25157.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25158.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25161.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25162.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25164.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25165.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25169.json | 56 +++++ CVE-2025/CVE-2025-251xx/CVE-2025-25170.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26534.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26535.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26540.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26557.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26563.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26585.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26586.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26587.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26588.json | 56 +++++ CVE-2025/CVE-2025-265xx/CVE-2025-26589.json | 56 +++++ CVE-2025/CVE-2025-268xx/CVE-2025-26879.json | 56 +++++ CVE-2025/CVE-2025-268xx/CVE-2025-26885.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26914.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26917.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26918.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26967.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26970.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26984.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26988.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26989.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26994.json | 56 +++++ CVE-2025/CVE-2025-269xx/CVE-2025-26999.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27263.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27264.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27268.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27269.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27270.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27271.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27273.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27274.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27275.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27278.json | 56 +++++ CVE-2025/CVE-2025-272xx/CVE-2025-27279.json | 56 +++++ README.md | 73 +++--- _state.csv | 264 ++++++++++++++++---- 191 files changed, 10779 insertions(+), 105 deletions(-) create mode 100644 CVE-2024/CVE-2024-470xx/CVE-2024-47092.json create mode 100644 CVE-2024/CVE-2024-541xx/CVE-2024-54179.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1869.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1870.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1871.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1872.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1873.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1874.json create mode 100644 CVE-2025/CVE-2025-18xx/CVE-2025-1875.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23425.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23433.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23437.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23439.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23440.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23441.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23446.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23447.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23450.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23451.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23464.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23465.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23468.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23472.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23473.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23478.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23479.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23480.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23481.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23482.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23484.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23485.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23487.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23488.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23490.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23493.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23494.json create mode 100644 CVE-2025/CVE-2025-234xx/CVE-2025-23496.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23502.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23505.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23515.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23516.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23517.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23518.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23519.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23520.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23521.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23524.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23526.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23536.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23538.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23539.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23549.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23552.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23553.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23555.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23556.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23563.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23564.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23565.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23570.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23575.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23576.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23579.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23584.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23585.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23586.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23587.json create mode 100644 CVE-2025/CVE-2025-235xx/CVE-2025-23595.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23600.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23613.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23615.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23616.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23619.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23635.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23637.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23663.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23668.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23670.json create mode 100644 CVE-2025/CVE-2025-236xx/CVE-2025-23688.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23716.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23718.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23721.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23726.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23731.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23736.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23738.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23739.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23740.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23741.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23753.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23762.json create mode 100644 CVE-2025/CVE-2025-237xx/CVE-2025-23763.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23813.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23814.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23829.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23843.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23847.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23850.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23852.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23879.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23881.json create mode 100644 CVE-2025/CVE-2025-238xx/CVE-2025-23883.json create mode 100644 CVE-2025/CVE-2025-239xx/CVE-2025-23903.json create mode 100644 CVE-2025/CVE-2025-239xx/CVE-2025-23904.json create mode 100644 CVE-2025/CVE-2025-239xx/CVE-2025-23945.json create mode 100644 CVE-2025/CVE-2025-239xx/CVE-2025-23956.json create mode 100644 CVE-2025/CVE-2025-246xx/CVE-2025-24694.json create mode 100644 CVE-2025/CVE-2025-247xx/CVE-2025-24758.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25070.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25083.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25084.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25087.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25089.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25090.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25092.json create mode 100644 CVE-2025/CVE-2025-250xx/CVE-2025-25099.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25102.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25108.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25109.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25112.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25113.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25114.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25115.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25118.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25119.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25121.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25122.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25124.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25127.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25129.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25130.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25131.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25132.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25133.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25137.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25142.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25150.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25157.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25158.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25161.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25162.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25164.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25165.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25169.json create mode 100644 CVE-2025/CVE-2025-251xx/CVE-2025-25170.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26534.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26535.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26540.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26557.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26563.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26585.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26586.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26587.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26588.json create mode 100644 CVE-2025/CVE-2025-265xx/CVE-2025-26589.json create mode 100644 CVE-2025/CVE-2025-268xx/CVE-2025-26879.json create mode 100644 CVE-2025/CVE-2025-268xx/CVE-2025-26885.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26914.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26917.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26918.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26967.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26970.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26984.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26988.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26989.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26994.json create mode 100644 CVE-2025/CVE-2025-269xx/CVE-2025-26999.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27263.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27264.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27268.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27269.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27270.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27271.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27273.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27274.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27275.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27278.json create mode 100644 CVE-2025/CVE-2025-272xx/CVE-2025-27279.json diff --git a/CVE-2024/CVE-2024-470xx/CVE-2024-47092.json b/CVE-2024/CVE-2024-470xx/CVE-2024-47092.json new file mode 100644 index 00000000000..63c838736f6 --- /dev/null +++ b/CVE-2024/CVE-2024-470xx/CVE-2024-47092.json @@ -0,0 +1,82 @@ +{ + "id": "CVE-2024-47092", + "sourceIdentifier": "security@checkmk.com", + "published": "2025-03-03T14:15:33.473", + "lastModified": "2025-03-03T14:15:33.473", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1" + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.checkmk.com/p/check-mk-api", + "source": "security@checkmk.com" + }, + { + "url": "https://github.com/HeinleinSupport/check_mk_extensions/commit/b5a2a7529e3367d7a643e66f05da4f2a27013904", + "source": "security@checkmk.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-530xx/CVE-2024-53011.json b/CVE-2024/CVE-2024-530xx/CVE-2024-53011.json index bd9ab0b6956..a98cfdaa1dd 100644 --- a/CVE-2024/CVE-2024-530xx/CVE-2024-53011.json +++ b/CVE-2024/CVE-2024-530xx/CVE-2024-53011.json @@ -2,7 +2,7 @@ "id": "CVE-2024-53011", "sourceIdentifier": "product-security@qualcomm.com", "published": "2025-03-03T11:15:13.080", - "lastModified": "2025-03-03T11:15:13.080", + "lastModified": "2025-03-03T13:15:10.853", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -15,7 +15,7 @@ "cvssMetricV31": [ { "source": "product-security@qualcomm.com", - "type": "Primary", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", @@ -45,6 +45,16 @@ "value": "CWE-264" } ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] } ], "references": [ diff --git a/CVE-2024/CVE-2024-541xx/CVE-2024-54179.json b/CVE-2024/CVE-2024-541xx/CVE-2024-54179.json new file mode 100644 index 00000000000..b4a956f3477 --- /dev/null +++ b/CVE-2024/CVE-2024-541xx/CVE-2024-54179.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-54179", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2025-03-03T14:15:33.960", + "lastModified": "2025-03-03T14:15:33.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "IBM Business Automation Workflow and IBM Business Automation Workflow Enterprise Service Bus 24.0.0, 24.0.1 and earlier unsupported versions are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.ibm.com/support/pages/node/7184647", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json b/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json index d82e29f4523..1b16cf1698d 100644 --- a/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json +++ b/CVE-2025/CVE-2025-12xx/CVE-2025-1247.json @@ -2,7 +2,7 @@ "id": "CVE-2025-1247", "sourceIdentifier": "secalert@redhat.com", "published": "2025-02-13T14:16:18.400", - "lastModified": "2025-02-27T16:15:38.390", + "lastModified": "2025-03-03T14:15:34.120", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -60,6 +60,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:1885", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:2067", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-1247", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json b/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json index 428bac2d0e6..28142fd1f78 100644 --- a/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json +++ b/CVE-2025/CVE-2025-16xx/CVE-2025-1634.json @@ -2,7 +2,7 @@ "id": "CVE-2025-1634", "sourceIdentifier": "secalert@redhat.com", "published": "2025-02-26T17:15:22.083", - "lastModified": "2025-02-27T16:15:38.500", + "lastModified": "2025-03-03T14:15:34.237", "vulnStatus": "Received", "cveTags": [], "descriptions": [ @@ -60,6 +60,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:1885", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:2067", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-1634", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1869.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1869.json new file mode 100644 index 00000000000..13f846db780 --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1869.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1869", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:11.950", + "lastModified": "2025-03-03T13:15:11.950", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"username\" parameter in admin/check_avalability.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1870.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1870.json new file mode 100644 index 00000000000..6f44ce9bdeb --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1870.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1870", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:12.113", + "lastModified": "2025-03-03T13:15:12.113", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"pagedescription\" parameter in admin/aboutus.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1871.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1871.json new file mode 100644 index 00000000000..fc5a7ac7a5d --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1871.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1871", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:12.253", + "lastModified": "2025-03-03T13:15:12.253", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"category\" and \"subcategory\" parameters in admin/add-subcategory.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1872.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1872.json new file mode 100644 index 00000000000..8e7fe950e38 --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1872.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1872", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:12.400", + "lastModified": "2025-03-03T13:15:12.400", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"sadminusername\" parameter in admin/add-subadmins.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1873.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1873.json new file mode 100644 index 00000000000..4356b6b28ab --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1873.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1873", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:12.547", + "lastModified": "2025-03-03T13:15:12.547", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"pagetitle\" and \"pagedescription\" parameters in admin/contactus.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1874.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1874.json new file mode 100644 index 00000000000..2cf71c3778c --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1874.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1874", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:12.693", + "lastModified": "2025-03-03T13:15:12.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"description\" parameter in admin/add-category.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-18xx/CVE-2025-1875.json b/CVE-2025/CVE-2025-18xx/CVE-2025-1875.json new file mode 100644 index 00000000000..cd815ae6243 --- /dev/null +++ b/CVE-2025/CVE-2025-18xx/CVE-2025-1875.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-1875", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2025-03-03T13:15:12.837", + "lastModified": "2025-03-03T13:15:12.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SQL injection vulnerability have been found in 101news affecting version 1.0 through the \"searchtitle\" parameter in search.php." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-101news", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21121.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21121.json index 07dea3b3874..357a6e48b30 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21121.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21121.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21121", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:23.673", - "lastModified": "2025-02-11T17:15:23.673", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21123.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21123.json index fb943bca457..bdb7fae7cbe 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21123.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21123.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21123", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:23.817", - "lastModified": "2025-02-11T17:15:23.817", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -42,19 +42,72 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-122" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] } ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21124.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21124.json index b5de8423549..64ffd516b9c 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21124.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21124.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21124", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:23.950", - "lastModified": "2025-02-11T17:15:23.950", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21125.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21125.json index 1ce484e8df3..5d86d356c5f 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21125.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21125.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21125", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:24.083", - "lastModified": "2025-02-11T17:15:24.083", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21126.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21126.json index 61d7feb5ec4..7024a55f681 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21126.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21126.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21126", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:24.220", - "lastModified": "2025-02-11T17:15:24.220", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -42,19 +42,72 @@ "weaknesses": [ { "source": "psirt@adobe.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-20" } ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] } ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21157.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21157.json index 5f1163d04a1..e1a2c932a8e 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21157.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21157.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21157", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:24.353", - "lastModified": "2025-02-11T17:15:24.353", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-211xx/CVE-2025-21158.json b/CVE-2025/CVE-2025-211xx/CVE-2025-21158.json index b1a168990de..e4454218e62 100644 --- a/CVE-2025/CVE-2025-211xx/CVE-2025-21158.json +++ b/CVE-2025/CVE-2025-211xx/CVE-2025-21158.json @@ -2,8 +2,8 @@ "id": "CVE-2025-21158", "sourceIdentifier": "psirt@adobe.com", "published": "2025-02-11T17:15:24.487", - "lastModified": "2025-02-11T17:15:24.487", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-03T14:54:17.487", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -51,10 +51,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionEndExcluding": "19.5.2", + "matchCriteriaId": "BFAA287E-8E00-402E-A33F-E3C8CBC86618" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEF1D0A8-9DAD-403E-800C-FBFB8F9C0F41" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb25-01.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23425.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23425.json new file mode 100644 index 00000000000..41e2156ebd0 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23425.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23425", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:34.600", + "lastModified": "2025-03-03T14:15:34.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in marekki Marekkis Watermark allows Reflected XSS. This issue affects Marekkis Watermark: from n/a through 0.9.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/marekkis-watermark/vulnerability/wordpress-marekkis-watermark-plugin-0-9-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23433.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23433.json new file mode 100644 index 00000000000..ef47c23dc92 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23433.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23433", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:34.750", + "lastModified": "2025-03-03T14:15:34.750", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jnwry vcOS allows Reflected XSS. This issue affects vcOS: from n/a through 1.4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/vcos/vulnerability/wordpress-vcos-plugin-1-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23437.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23437.json new file mode 100644 index 00000000000..d170e2390c6 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23437.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23437", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:34.890", + "lastModified": "2025-03-03T14:15:34.890", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ntp-header-images allows Reflected XSS. This issue affects ntp-header-images: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/header-images-rotator/vulnerability/wordpress-ntp-header-images-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23439.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23439.json new file mode 100644 index 00000000000..fee0c059776 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23439.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23439", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.047", + "lastModified": "2025-03-03T14:15:35.047", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in willshouse TinyMCE Extended Config allows Reflected XSS. This issue affects TinyMCE Extended Config: from n/a through 0.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tinymce-extended-config/vulnerability/wordpress-tinymce-extended-config-plugin-0-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23440.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23440.json new file mode 100644 index 00000000000..af781b759bc --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23440.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23440", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.217", + "lastModified": "2025-03-03T14:15:35.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in radicaldesigns radSLIDE allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects radSLIDE: from n/a through 2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/radslide/vulnerability/wordpress-radslide-plugin-2-1-broken-access-control-to-stored-cross-site-scripting-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23441.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23441.json new file mode 100644 index 00000000000..a1f99b4f26e --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23441.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23441", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.360", + "lastModified": "2025-03-03T14:15:35.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Attach Gallery Posts allows Reflected XSS. This issue affects Attach Gallery Posts: from n/a through 1.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/attach-gallery-posts/vulnerability/wordpress-attach-gallery-posts-plugin-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23446.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23446.json new file mode 100644 index 00000000000..1521bfc5d5f --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23446.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23446", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.500", + "lastModified": "2025-03-03T14:15:35.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in NotFound WP SpaceContent allows Stored XSS. This issue affects WP SpaceContent: from n/a through 0.4.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-spacecontent/vulnerability/wordpress-wp-spacecontent-plugin-0-4-5-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23447.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23447.json new file mode 100644 index 00000000000..205db933229 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23447.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23447", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.637", + "lastModified": "2025-03-03T14:15:35.637", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Smooth Dynamic Slider allows Reflected XSS. This issue affects Smooth Dynamic Slider: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/smooth-dynamic-slider/vulnerability/wordpress-smooth-dynamic-slider-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23450.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23450.json new file mode 100644 index 00000000000..e75089ce706 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23450.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23450", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.780", + "lastModified": "2025-03-03T14:15:35.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in agenwebsite AW WooCommerce Kode Pembayaran allows Reflected XSS. This issue affects AW WooCommerce Kode Pembayaran: from n/a through 1.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/aw-woocommerce-kode-pembayaran/vulnerability/wordpress-aw-woocommerce-kode-pembayaran-plugin-1-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23451.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23451.json new file mode 100644 index 00000000000..afcfc02fa5c --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23451.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23451", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:35.920", + "lastModified": "2025-03-03T14:15:35.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Awesome Twitter Feeds allows Reflected XSS. This issue affects Awesome Twitter Feeds: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/awesome-twitter-feeds/vulnerability/wordpress-awesome-twitter-feeds-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23464.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23464.json new file mode 100644 index 00000000000..4e9cb6129c6 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23464.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23464", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.070", + "lastModified": "2025-03-03T14:15:36.070", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Twitter News Feed allows Reflected XSS. This issue affects Twitter News Feed: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/twitter-news-feed/vulnerability/wordpress-twitter-news-feed-plugin-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23465.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23465.json new file mode 100644 index 00000000000..2dfcabdd808 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23465.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23465", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.213", + "lastModified": "2025-03-03T14:15:36.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Vampire Character Manager allows Reflected XSS. This issue affects Vampire Character Manager: from n/a through 2.13." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/vampire-character/vulnerability/wordpress-vampire-character-manager-plugin-2-13-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23468.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23468.json new file mode 100644 index 00000000000..6d0a040d611 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23468.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23468", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.357", + "lastModified": "2025-03-03T14:15:36.357", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Essay Wizard (wpCRES) allows Reflected XSS. This issue affects Essay Wizard (wpCRES): from n/a through 1.0.6.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/essay-wizard-wpcres/vulnerability/wordpress-essay-wizard-wpcres-plugin-1-0-6-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23472.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23472.json new file mode 100644 index 00000000000..5149c36c4df --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23472.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23472", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.497", + "lastModified": "2025-03-03T14:15:36.497", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Flexo Slider allows Reflected XSS. This issue affects Flexo Slider: from n/a through 1.0013." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/flexo-slider/vulnerability/wordpress-flexo-slider-plugin-1-0013-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23473.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23473.json new file mode 100644 index 00000000000..e2a9936d920 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23473.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23473", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.633", + "lastModified": "2025-03-03T14:15:36.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Killer Theme Options allows Reflected XSS. This issue affects Killer Theme Options: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/killer-theme-options/vulnerability/wordpress-killer-theme-options-plugin-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23478.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23478.json new file mode 100644 index 00000000000..907e2de7d4f --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23478.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23478", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.777", + "lastModified": "2025-03-03T14:15:36.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Photo Video Store allows Reflected XSS. This issue affects Photo Video Store: from n/a through 21.07." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/photo-video-store/vulnerability/wordpress-photo-video-store-plugin-21-07-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23479.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23479.json new file mode 100644 index 00000000000..fa3bd28fe24 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23479.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23479", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:36.920", + "lastModified": "2025-03-03T14:15:36.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound melascrivi allows Reflected XSS. This issue affects melascrivi: from n/a through 1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/melascrivi/vulnerability/wordpress-melascrivi-plugin-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23480.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23480.json new file mode 100644 index 00000000000..6165fc06922 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23480.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23480", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.060", + "lastModified": "2025-03-03T14:15:37.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RSVP ME allows Stored XSS. This issue affects RSVP ME: from n/a through 1.9.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rsvp-me/vulnerability/wordpress-rsvp-me-plugin-1-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23481.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23481.json new file mode 100644 index 00000000000..3419814e3ad --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23481.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23481", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.207", + "lastModified": "2025-03-03T14:15:37.207", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Ni WooCommerce Sales Report Email allows Reflected XSS. This issue affects Ni WooCommerce Sales Report Email: from n/a through 3.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ni-woocommerce-sales-report-email/vulnerability/wordpress-ni-woocommerce-sales-report-email-plugin-3-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23482.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23482.json new file mode 100644 index 00000000000..5cf1e07bed5 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23482.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23482", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.367", + "lastModified": "2025-03-03T14:15:37.367", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound azurecurve Floating Featured Image allows Reflected XSS. This issue affects azurecurve Floating Featured Image: from n/a through 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/azurecurve-floating-featured-image/vulnerability/wordpress-azurecurve-floating-featured-image-plugin-2-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23484.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23484.json new file mode 100644 index 00000000000..74b3cb8e3c3 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23484.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23484", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.507", + "lastModified": "2025-03-03T14:15:37.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Predict When allows Reflected XSS. This issue affects Predict When: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/predict-when/vulnerability/wordpress-predict-when-plugin-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23485.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23485.json new file mode 100644 index 00000000000..775d024e016 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23485.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23485", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.647", + "lastModified": "2025-03-03T14:15:37.647", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in richestsoft RS Survey allows Reflected XSS. This issue affects RS Survey: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rs-survey/vulnerability/wordpress-rs-survey-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23487.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23487.json new file mode 100644 index 00000000000..52e3714701a --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23487.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23487", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.787", + "lastModified": "2025-03-03T14:15:37.787", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Gallery allows Reflected XSS. This issue affects Easy Gallery: from n/a through 1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/simple-gallery-odihost/vulnerability/wordpress-easy-gallery-plugin-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23488.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23488.json new file mode 100644 index 00000000000..4349c4498f0 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23488.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23488", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:37.930", + "lastModified": "2025-03-03T14:15:37.930", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound rng-refresh allows Reflected XSS. This issue affects rng-refresh: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rng-refresh/vulnerability/wordpress-rng-refresh-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23490.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23490.json new file mode 100644 index 00000000000..f2d765a6aa2 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23490.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23490", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.077", + "lastModified": "2025-03-03T14:15:38.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Browser-Update-Notify allows Reflected XSS. This issue affects Browser-Update-Notify: from n/a through 0.2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/browser-update-notify/vulnerability/wordpress-browser-update-notify-plugin-0-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23493.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23493.json new file mode 100644 index 00000000000..9a895f34d65 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23493.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23493", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.213", + "lastModified": "2025-03-03T14:15:38.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Google Transliteration allows Reflected XSS. This issue affects Google Transliteration: from n/a through 1.7.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/google-transliteration/vulnerability/wordpress-google-transliteration-plugin-1-7-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23494.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23494.json new file mode 100644 index 00000000000..68d177da771 --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23494.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23494", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.353", + "lastModified": "2025-03-03T14:15:38.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Quizzin allows Reflected XSS. This issue affects Quizzin: from n/a through 1.01.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/quizzin/vulnerability/wordpress-quizzin-plugin-1-01-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-234xx/CVE-2025-23496.json b/CVE-2025/CVE-2025-234xx/CVE-2025-23496.json new file mode 100644 index 00000000000..9cefaba07de --- /dev/null +++ b/CVE-2025/CVE-2025-234xx/CVE-2025-23496.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23496", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.497", + "lastModified": "2025-03-03T14:15:38.497", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP FPO allows Reflected XSS. This issue affects WP FPO: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-fpo/vulnerability/wordpress-wp-fpo-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23502.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23502.json new file mode 100644 index 00000000000..d26e2504bdf --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23502.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23502", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.633", + "lastModified": "2025-03-03T14:15:38.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in NotFound Curated Search allows Stored XSS. This issue affects Curated Search: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/curated-search/vulnerability/wordpress-curated-search-plugin-1-2-csrf-to-stored-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23505.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23505.json new file mode 100644 index 00000000000..6e3b2509a34 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23505.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23505", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.777", + "lastModified": "2025-03-03T14:15:38.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pit Login Welcome allows Reflected XSS. This issue affects Pit Login Welcome: from n/a through 1.1.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/pit-login-welcome/vulnerability/wordpress-pit-login-welcome-plugin-1-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23515.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23515.json new file mode 100644 index 00000000000..cfc69ad1246 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23515.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23515", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:38.920", + "lastModified": "2025-03-03T14:15:38.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in tsecher ts-tree allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ts-tree: from n/a through 0.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ts-tree/vulnerability/wordpress-ts-tree-plugin-0-1-1-arbitrary-content-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23516.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23516.json new file mode 100644 index 00000000000..f13a097a157 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23516.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23516", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.057", + "lastModified": "2025-03-03T14:15:39.057", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Sale with Razorpay allows Reflected XSS. This issue affects Sale with Razorpay: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sell-with-razorpay/vulnerability/wordpress-sale-with-razorpay-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23517.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23517.json new file mode 100644 index 00000000000..629bed12f7b --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23517.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23517", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.200", + "lastModified": "2025-03-03T14:15:39.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Google Map on Post/Page allows Reflected XSS. This issue affects Google Map on Post/Page: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/google-map-on-postpage/vulnerability/wordpress-google-map-on-post-page-plugin-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23518.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23518.json new file mode 100644 index 00000000000..45e10cb83f0 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23518.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23518", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.347", + "lastModified": "2025-03-03T14:15:39.347", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound GoogleMapper allows Reflected XSS. This issue affects GoogleMapper: from n/a through 2.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/googlemapper-2/vulnerability/wordpress-googlemapper-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23519.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23519.json new file mode 100644 index 00000000000..5d2e2caa78a --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23519.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23519", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.487", + "lastModified": "2025-03-03T14:15:39.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound G Web Pro Store Locator allows Reflected XSS. This issue affects G Web Pro Store Locator: from n/a through 2.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/gwebpro-store-locator/vulnerability/wordpress-g-web-pro-store-locator-plugin-2-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23520.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23520.json new file mode 100644 index 00000000000..be17c1d507c --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23520.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23520", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.630", + "lastModified": "2025-03-03T14:15:39.630", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SecureSubmit Heartland Management Terminal allows Reflected XSS. This issue affects Heartland Management Terminal: from n/a through 1.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/heartland-management-terminal/vulnerability/wordpress-heartland-management-terminal-plugin-1-3-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23521.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23521.json new file mode 100644 index 00000000000..a0ddb8281b9 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23521.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23521", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.767", + "lastModified": "2025-03-03T14:15:39.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Goodlayers Blocks allows Reflected XSS. This issue affects Goodlayers Blocks: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/goodlayers-blocks/vulnerability/wordpress-goodlayers-blocks-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23524.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23524.json new file mode 100644 index 00000000000..109fdb134f3 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23524.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23524", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:39.900", + "lastModified": "2025-03-03T14:15:39.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ClickBank Storefront allows Reflected XSS. This issue affects ClickBank Storefront: from n/a through 1.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mycbgenie-clickbank-storefront/vulnerability/wordpress-clickbank-storefront-wordpress-plugin-plugin-1-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23526.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23526.json new file mode 100644 index 00000000000..5711a2d0634 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23526.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23526", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.043", + "lastModified": "2025-03-03T14:15:40.043", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Swift Calendar Online Appointment Scheduling allows Reflected XSS. This issue affects Swift Calendar Online Appointment Scheduling: from n/a through 1.3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/online-appointment-scheduling-software/vulnerability/wordpress-swift-calendar-online-appointment-scheduling-plugin-1-3-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23536.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23536.json new file mode 100644 index 00000000000..45887a1f4eb --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23536.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23536", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.187", + "lastModified": "2025-03-03T14:15:40.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Track Page Scroll allows Reflected XSS. This issue affects Track Page Scroll: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/track-page-scroll/vulnerability/wordpress-track-page-scroll-plugin-1-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23538.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23538.json new file mode 100644 index 00000000000..2c692b51659 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23538.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23538", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.327", + "lastModified": "2025-03-03T14:15:40.327", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Contest allows Reflected XSS. This issue affects WP Contest: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-contest/vulnerability/wordpress-wp-contest-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23539.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23539.json new file mode 100644 index 00000000000..706b0530e3a --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23539.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23539", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.470", + "lastModified": "2025-03-03T14:15:40.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Awesome Hooks allows Reflected XSS. This issue affects Awesome Hooks: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/awesome-hooks/vulnerability/wordpress-awesome-hooks-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23549.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23549.json new file mode 100644 index 00000000000..f5fa0150b07 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23549.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23549", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.613", + "lastModified": "2025-03-03T14:15:40.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Maniac SEO allows Reflected XSS. This issue affects Maniac SEO: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/maniac-seo/vulnerability/wordpress-maniac-seo-plugin-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23552.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23552.json new file mode 100644 index 00000000000..ca29e2d8fc0 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23552.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23552", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.760", + "lastModified": "2025-03-03T14:15:40.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Texteller allows Reflected XSS. This issue affects Texteller: from n/a through 1.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/texteller/vulnerability/wordpress-texteller-plugin-1-3-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23553.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23553.json new file mode 100644 index 00000000000..c3190ab3986 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23553.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23553", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:40.900", + "lastModified": "2025-03-03T14:15:40.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Cramer Userbase Access Control allows Reflected XSS. This issue affects Userbase Access Control: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/userbase-access-control/vulnerability/wordpress-userbase-access-control-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23555.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23555.json new file mode 100644 index 00000000000..61231add668 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23555.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23555", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:41.040", + "lastModified": "2025-03-03T14:15:41.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Ui Slider Filter By Price allows Reflected XSS. This issue affects Ui Slider Filter By Price: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ui-slider-filter-by-price/vulnerability/wordpress-ui-slider-filter-by-price-plugin-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23556.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23556.json new file mode 100644 index 00000000000..56d87b1297f --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23556.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23556", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:41.180", + "lastModified": "2025-03-03T14:15:41.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Push Envoy Notifications allows Reflected XSS. This issue affects Push Envoy Notifications: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/push-envoy/vulnerability/wordpress-push-envoy-notifications-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23563.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23563.json new file mode 100644 index 00000000000..c0576fbdbb0 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23563.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23563", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:41.330", + "lastModified": "2025-03-03T14:15:41.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Explore pages allows Reflected XSS. This issue affects Explore pages: from n/a through 1.01." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/explore-pages/vulnerability/wordpress-explore-pages-plugin-1-01-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23564.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23564.json new file mode 100644 index 00000000000..1b3404d1f03 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23564.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23564", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:41.470", + "lastModified": "2025-03-03T14:15:41.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mohsenshahbazi WP FixTag allows Reflected XSS. This issue affects WP FixTag: from n/a through v2.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-fixtag/vulnerability/wordpress-wp-fixtag-plugin-v2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23565.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23565.json new file mode 100644 index 00000000000..4bf4f28a52e --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23565.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23565", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:41.617", + "lastModified": "2025-03-03T14:15:41.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Wibstats allows Reflected XSS. This issue affects Wibstats: from n/a through 0.5.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wibstats-statistics-for-wordpress-mu/vulnerability/wordpress-wibstats-plugin-0-5-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23570.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23570.json new file mode 100644 index 00000000000..efaeb18fbfe --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23570.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23570", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:42.437", + "lastModified": "2025-03-03T14:15:42.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Social Links allows Reflected XSS. This issue affects WP Social Links: from n/a through 0.3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-social-links/vulnerability/wordpress-wp-social-links-plugin-0-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23575.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23575.json new file mode 100644 index 00000000000..a6b69b36975 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23575.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23575", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:42.583", + "lastModified": "2025-03-03T14:15:42.583", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DX Sales CRM allows Reflected XSS. This issue affects DX Sales CRM: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dx-sales-crm/vulnerability/wordpress-dx-sales-crm-plugin-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23576.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23576.json new file mode 100644 index 00000000000..eb33b0fe097 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23576.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23576", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:42.723", + "lastModified": "2025-03-03T14:15:42.723", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Intro.JS allows Reflected XSS. This issue affects WP Intro.JS: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-intro-js-tours/vulnerability/wordpress-wp-intro-js-plugin-plugin-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23579.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23579.json new file mode 100644 index 00000000000..201c3a20230 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23579.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23579", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:42.870", + "lastModified": "2025-03-03T14:15:42.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DZS Ajaxer Lite allows Stored XSS. This issue affects DZS Ajaxer Lite: from n/a through 1.04." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dzs-ajaxer-lite-dynamic-page-load/vulnerability/wordpress-dzs-ajaxer-lite-plugin-1-04-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23584.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23584.json new file mode 100644 index 00000000000..7c94a20a48f --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23584.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23584", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.010", + "lastModified": "2025-03-03T14:15:43.010", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pin Locations on Map allows Reflected XSS. This issue affects Pin Locations on Map: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/pin-locations-on-map/vulnerability/wordpress-pin-locations-on-map-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23585.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23585.json new file mode 100644 index 00000000000..6072ecc7919 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23585.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23585", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.153", + "lastModified": "2025-03-03T14:15:43.153", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CantonBolo Goo.gl Url Shorter allows Reflected XSS. This issue affects Goo.gl Url Shorter: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/googl-url-shorter/vulnerability/wordpress-goo-gl-url-shorter-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23586.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23586.json new file mode 100644 index 00000000000..192758e4355 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23586.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23586", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.293", + "lastModified": "2025-03-03T14:15:43.293", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Post Category Notifications allows Reflected XSS. This issue affects WP Post Category Notifications: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-post-category-notifications/vulnerability/wordpress-wp-post-category-notifications-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23587.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23587.json new file mode 100644 index 00000000000..ef2d0532b33 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23587.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23587", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.437", + "lastModified": "2025-03-03T14:15:43.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound all-in-one-box-login allows Reflected XSS. This issue affects all-in-one-box-login: from n/a through 2.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/all-in-one-login/vulnerability/wordpress-all-in-one-box-login-plugin-2-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-235xx/CVE-2025-23595.json b/CVE-2025/CVE-2025-235xx/CVE-2025-23595.json new file mode 100644 index 00000000000..2db5f1ff4e5 --- /dev/null +++ b/CVE-2025/CVE-2025-235xx/CVE-2025-23595.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23595", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.580", + "lastModified": "2025-03-03T14:15:43.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Page Health-O-Meter allows Reflected XSS. This issue affects Page Health-O-Meter: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/page-health-o-meter/vulnerability/wordpress-page-health-o-meter-plugin-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23600.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23600.json new file mode 100644 index 00000000000..375bd9620ed --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23600.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23600", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.717", + "lastModified": "2025-03-03T14:15:43.717", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pinal.shah Send to a Friend Addon allows Reflected XSS. This issue affects Send to a Friend Addon: from n/a through 1.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/send-booking-invites-to-friends/vulnerability/wordpress-send-to-a-friend-addon-plugin-1-4-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23613.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23613.json new file mode 100644 index 00000000000..258f66fdd6e --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23613.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23613", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.860", + "lastModified": "2025-03-03T14:15:43.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in NotFound WP Journal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Journal: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpjournal/vulnerability/wordpress-wp-journal-plugin-1-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23615.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23615.json new file mode 100644 index 00000000000..867542978b1 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23615.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23615", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:43.997", + "lastModified": "2025-03-03T14:15:43.997", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in NotFound Interactive Page Hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Page Hierarchy: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/interactive-page-hierarchy/vulnerability/wordpress-interactive-page-hierarchy-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23616.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23616.json new file mode 100644 index 00000000000..53186dddc79 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23616.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23616", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.140", + "lastModified": "2025-03-03T14:15:44.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Canalplan allows Reflected XSS. This issue affects Canalplan: from n/a through 5.31." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/canalplan-ac/vulnerability/wordpress-canalplan-plugin-5-31-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23619.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23619.json new file mode 100644 index 00000000000..8878900a456 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23619.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23619", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.280", + "lastModified": "2025-03-03T14:15:44.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Catch Duplicate Switcher allows Reflected XSS. This issue affects Catch Duplicate Switcher: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/catch-duplicate-switcher/vulnerability/wordpress-catch-duplicate-switcher-plugin-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23635.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23635.json new file mode 100644 index 00000000000..a6f66ae5172 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23635.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23635", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.413", + "lastModified": "2025-03-03T14:15:44.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mobde3net ePermissions allows Reflected XSS. This issue affects ePermissions: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/epermissions/vulnerability/wordpress-epermissions-plugin-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23637.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23637.json new file mode 100644 index 00000000000..2638c2f74f7 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23637.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23637", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.553", + "lastModified": "2025-03-03T14:15:44.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound \u65b0\u6dd8\u5ba2WordPress\u63d2\u4ef6 allows Reflected XSS. This issue affects \u65b0\u6dd8\u5ba2WordPress\u63d2\u4ef6: from n/a through 1.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-xintaoke/vulnerability/wordpress-wordpress-plugin-1-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23663.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23663.json new file mode 100644 index 00000000000..09cc48baba2 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23663.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23663", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.693", + "lastModified": "2025-03-03T14:15:44.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Vaquez Contexto allows Reflected XSS. This issue affects Contexto: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/contexto/vulnerability/wordpress-contexto-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23668.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23668.json new file mode 100644 index 00000000000..8dd22375f2c --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23668.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23668", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.833", + "lastModified": "2025-03-03T14:15:44.833", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ChatGPT Open AI Images & Content for WooCommerce allows Reflected XSS. This issue affects ChatGPT Open AI Images & Content for WooCommerce: from n/a through 2.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/glasses-for-woocommerce/vulnerability/wordpress-chatgpt-open-ai-images-content-for-woocommerce-plugin-2-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23670.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23670.json new file mode 100644 index 00000000000..0c547d65140 --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23670.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23670", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:44.970", + "lastModified": "2025-03-03T14:15:44.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound 4 author cheer up donate allows Reflected XSS. This issue affects 4 author cheer up donate: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/4-author-cheer-up-donate/vulnerability/wordpress-4-author-cheer-up-donate-plugin-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-236xx/CVE-2025-23688.json b/CVE-2025/CVE-2025-236xx/CVE-2025-23688.json new file mode 100644 index 00000000000..ebbbf69877f --- /dev/null +++ b/CVE-2025/CVE-2025-236xx/CVE-2025-23688.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23688", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:45.110", + "lastModified": "2025-03-03T14:15:45.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Cobwebo URL Plugin allows Reflected XSS. This issue affects Cobwebo URL Plugin: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cobwebo-url/vulnerability/wordpress-cobwebo-url-plugin-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23716.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23716.json new file mode 100644 index 00000000000..01f9464cbc1 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23716.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23716", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:45.270", + "lastModified": "2025-03-03T14:15:45.270", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Login Watchdog allows Stored XSS. This issue affects Login Watchdog: from n/a through 1.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/login-watchdog/vulnerability/wordpress-login-watchdog-plugin-1-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23718.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23718.json new file mode 100644 index 00000000000..cea1ce58674 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23718.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23718", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:45.440", + "lastModified": "2025-03-03T14:15:45.440", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mancx AskMe Widget allows Reflected XSS. This issue affects Mancx AskMe Widget: from n/a through 0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mancx-askme-widget/vulnerability/wordpress-mancx-askme-widget-plugin-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23721.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23721.json new file mode 100644 index 00000000000..bfbcb522bd1 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23721.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23721", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:45.580", + "lastModified": "2025-03-03T14:15:45.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mobigate allows Reflected XSS. This issue affects Mobigate: from n/a through 1.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mobigatevn/vulnerability/wordpress-mobigate-plugin-1-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23726.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23726.json new file mode 100644 index 00000000000..9eb3778e949 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23726.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23726", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:45.723", + "lastModified": "2025-03-03T14:15:45.723", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ComparePress allows Reflected XSS. This issue affects ComparePress: from n/a through 2.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/comparepress/vulnerability/wordpress-comparepress-plugin-2-0-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23731.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23731.json new file mode 100644 index 00000000000..b90198726c0 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23731.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23731", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:45.863", + "lastModified": "2025-03-03T14:15:45.863", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in infosoftplugin Tax Report for WooCommerce allows Reflected XSS. This issue affects Tax Report for WooCommerce: from n/a through 2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/tax-report-for-woocommerce/vulnerability/wordpress-tax-report-for-woocommerce-plugin-2-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23736.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23736.json new file mode 100644 index 00000000000..0637d506f15 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23736.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23736", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.003", + "lastModified": "2025-03-03T14:15:46.003", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Form To JSON allows Reflected XSS. This issue affects Form To JSON: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/form-to-json/vulnerability/wordpress-form-to-json-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23738.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23738.json new file mode 100644 index 00000000000..86dc1d1a069 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23738.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23738", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.157", + "lastModified": "2025-03-03T14:15:46.157", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Ps Ads Pro allows Reflected XSS. This issue affects Ps Ads Pro: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ps-ads-pro/vulnerability/wordpress-ps-ads-pro-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23739.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23739.json new file mode 100644 index 00000000000..f247a6dcfb0 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23739.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23739", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.300", + "lastModified": "2025-03-03T14:15:46.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Ultimate Reviews FREE allows Reflected XSS. This issue affects WP Ultimate Reviews FREE: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-ultimate-reviews-free/vulnerability/wordpress-wp-ultimate-reviews-free-plugin-1-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23740.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23740.json new file mode 100644 index 00000000000..b5fb3d836d9 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23740.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23740", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.443", + "lastModified": "2025-03-03T14:15:46.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy School Registration allows Reflected XSS. This issue affects Easy School Registration: from n/a through 3.9.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/easy-school-registration/vulnerability/wordpress-easy-school-registration-plugin-3-9-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23741.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23741.json new file mode 100644 index 00000000000..9d1c7d04048 --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23741.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23741", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.580", + "lastModified": "2025-03-03T14:15:46.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Notifications Center allows Reflected XSS. This issue affects Notifications Center: from n/a through 1.5.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/notifications-center/vulnerability/wordpress-notifications-center-plugin-1-5-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23753.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23753.json new file mode 100644 index 00000000000..9511b65567f --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23753.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23753", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.720", + "lastModified": "2025-03-03T14:15:46.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DN Sitemap Control allows Reflected XSS. This issue affects DN Sitemap Control: from n/a through 1.0.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dn-sitemap-control/vulnerability/wordpress-dn-sitemap-control-plugin-1-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23762.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23762.json new file mode 100644 index 00000000000..d95125fe93e --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23762.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23762", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:46.860", + "lastModified": "2025-03-03T14:15:46.860", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DsgnWrks Twitter Importer allows Reflected XSS. This issue affects DsgnWrks Twitter Importer: from n/a through 1.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dsgnwrks-twitter-importer/vulnerability/wordpress-dsgnwrks-twitter-importer-plugin-1-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-237xx/CVE-2025-23763.json b/CVE-2025/CVE-2025-237xx/CVE-2025-23763.json new file mode 100644 index 00000000000..2a377c75d1d --- /dev/null +++ b/CVE-2025/CVE-2025-237xx/CVE-2025-23763.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23763", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.000", + "lastModified": "2025-03-03T14:15:47.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Alex Volkov WAH Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WAH Forms: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wah-forms/vulnerability/wordpress-wah-forms-plugin-1-0-sensitive-data-exposure-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23813.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23813.json new file mode 100644 index 00000000000..1c212d6cf97 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23813.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23813", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.140", + "lastModified": "2025-03-03T14:15:47.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Guten Free Options allows Reflected XSS. This issue affects Guten Free Options: from n/a through 0.9.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/guten-free-options/vulnerability/wordpress-guten-free-options-plugin-0-9-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23814.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23814.json new file mode 100644 index 00000000000..289ddd7ba86 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23814.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23814", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.280", + "lastModified": "2025-03-03T14:15:47.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound CRUDLab Like Box allows Reflected XSS. This issue affects CRUDLab Like Box: from n/a through 2.0.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/crudlab-facebook-like-box/vulnerability/wordpress-crudlab-like-box-plugin-2-0-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23829.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23829.json new file mode 100644 index 00000000000..2f37b4f3690 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23829.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23829", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.417", + "lastModified": "2025-03-03T14:15:47.417", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Woo Update Variations In Cart allows Stored XSS. This issue affects Woo Update Variations In Cart: from n/a through 0.0.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/woo-update-variations-in-cart/vulnerability/wordpress-woo-update-variations-in-cart-plugin-0-0-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23843.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23843.json new file mode 100644 index 00000000000..f1b266367f9 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23843.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23843", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.583", + "lastModified": "2025-03-03T14:15:47.583", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphrmanager WP-HR Manager: The Human Resources Plugin for WordPress allows Reflected XSS. This issue affects WP-HR Manager: The Human Resources Plugin for WordPress: from n/a through 3.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-hr-manager/vulnerability/wordpress-wp-hr-manager-plugin-3-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23847.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23847.json new file mode 100644 index 00000000000..6e3f54f15cf --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23847.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23847", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.730", + "lastModified": "2025-03-03T14:15:47.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Site Launcher allows Reflected XSS. This issue affects Site Launcher: from n/a through 0.9.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/site-launcher/vulnerability/wordpress-site-launcher-plugin-0-9-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23850.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23850.json new file mode 100644 index 00000000000..1e89d3c71c0 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23850.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23850", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:47.870", + "lastModified": "2025-03-03T14:15:47.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mojo Under Construction allows Reflected XSS. This issue affects Mojo Under Construction: from n/a through 1.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mojo-under-construction/vulnerability/wordpress-mojo-under-construction-plugin-1-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23852.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23852.json new file mode 100644 index 00000000000..a5218b061e0 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23852.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23852", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.013", + "lastModified": "2025-03-03T14:15:48.013", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound First Comment Redirect allows Reflected XSS. This issue affects First Comment Redirect: from n/a through 1.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/first-comment-redirect/vulnerability/wordpress-first-comment-redirect-plugin-1-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23879.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23879.json new file mode 100644 index 00000000000..1b4e366f5c0 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23879.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23879", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.157", + "lastModified": "2025-03-03T14:15:48.157", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PillarDev Easy Automatic Newsletter Lite allows Reflected XSS. This issue affects Easy Automatic Newsletter Lite: from n/a through 3.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/easy-automatic-newsletter/vulnerability/wordpress-easy-automatic-newsletter-lite-plugin-3-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23881.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23881.json new file mode 100644 index 00000000000..17eedc5ce16 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23881.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23881", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.290", + "lastModified": "2025-03-03T14:15:48.290", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound LJ Custom Menu Links allows Reflected XSS. This issue affects LJ Custom Menu Links: from n/a through 2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/lj-custom-menu-links/vulnerability/wordpress-lj-custom-menu-links-plugin-2-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-238xx/CVE-2025-23883.json b/CVE-2025/CVE-2025-238xx/CVE-2025-23883.json new file mode 100644 index 00000000000..ea196fe91e0 --- /dev/null +++ b/CVE-2025/CVE-2025-238xx/CVE-2025-23883.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23883", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.430", + "lastModified": "2025-03-03T14:15:48.430", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Stray Random Quotes allows Reflected XSS. This issue affects Stray Random Quotes: from n/a through 1.9.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/stray-quotes/vulnerability/wordpress-stray-random-quotes-plugin-1-9-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23903.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23903.json new file mode 100644 index 00000000000..784c77eb149 --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23903.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23903", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.573", + "lastModified": "2025-03-03T14:15:48.573", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Local Shipping Labels for WooCommerce allows Reflected XSS. This issue affects Local Shipping Labels for WooCommerce: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/local-shipping-labels-for-woocommerce/vulnerability/wordpress-local-shipping-labels-for-woocommerce-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23904.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23904.json new file mode 100644 index 00000000000..385b12e8d44 --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23904.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23904", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.720", + "lastModified": "2025-03-03T14:15:48.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Rebrand Fluent Forms allows Reflected XSS. This issue affects Rebrand Fluent Forms: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rebrand-fluent-forms/vulnerability/wordpress-rebrand-fluent-forms-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23945.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23945.json new file mode 100644 index 00000000000..6948d2437d3 --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23945.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23945", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:48.863", + "lastModified": "2025-03-03T14:15:48.863", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Popliup allows PHP Local File Inclusion. This issue affects Popliup: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/popliup/vulnerability/wordpress-popliup-plugin-1-1-1-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23956.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23956.json new file mode 100644 index 00000000000..92ab068131b --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23956.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23956", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.010", + "lastModified": "2025-03-03T14:15:49.010", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Easy Post Mailer allows Reflected XSS. This issue affects WP Easy Post Mailer: from n/a through 0.64." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-mailer/vulnerability/wordpress-wp-easy-post-mailer-plugin-0-64-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-246xx/CVE-2025-24633.json b/CVE-2025/CVE-2025-246xx/CVE-2025-24633.json index ea97269aadd..2a6a212d843 100644 --- a/CVE-2025/CVE-2025-246xx/CVE-2025-24633.json +++ b/CVE-2025/CVE-2025-246xx/CVE-2025-24633.json @@ -2,13 +2,13 @@ "id": "CVE-2025-24633", "sourceIdentifier": "audit@patchstack.com", "published": "2025-01-24T18:15:38.200", - "lastModified": "2025-01-24T18:15:38.200", + "lastModified": "2025-03-03T13:15:12.980", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", - "value": "Missing Authorization vulnerability in silverplugins217 Build Private Store For Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Build Private Store For Woocommerce: from n/a through 1.0." + "value": "Missing Authorization vulnerability in silverplugins217 Build Private Store For Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Build Private Store For Woocommerce: from n/a through 1.0." }, { "lang": "es", @@ -42,7 +42,7 @@ "weaknesses": [ { "source": "audit@patchstack.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2025/CVE-2025-246xx/CVE-2025-24694.json b/CVE-2025/CVE-2025-246xx/CVE-2025-24694.json new file mode 100644 index 00000000000..fd17cc519a2 --- /dev/null +++ b/CVE-2025/CVE-2025-246xx/CVE-2025-24694.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-24694", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.157", + "lastModified": "2025-03-03T14:15:49.157", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Email Registration Blacklist and Whitelist allows Reflected XSS. This issue affects CM Email Registration Blacklist and Whitelist: from n/a through 1.5.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cm-email-blacklist/vulnerability/wordpress-name-cm-e-mail-registration-blacklist-plugin-1-5-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-247xx/CVE-2025-24758.json b/CVE-2025/CVE-2025-247xx/CVE-2025-24758.json new file mode 100644 index 00000000000..44f5817d60a --- /dev/null +++ b/CVE-2025/CVE-2025-247xx/CVE-2025-24758.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-24758", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.300", + "lastModified": "2025-03-03T14:15:49.300", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations allows Reflected XSS. This issue affects CM Map Locations: from n/a through 2.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cm-map-locations/vulnerability/wordpress-cm-map-locations-plugin-2-0-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25070.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25070.json new file mode 100644 index 00000000000..83ec88d363d --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25070.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25070", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.490", + "lastModified": "2025-03-03T14:15:49.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Album Reviewer allows Stored XSS. This issue affects Album Reviewer: from n/a through 2.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/albumreviewer/vulnerability/wordpress-album-reviewer-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25083.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25083.json new file mode 100644 index 00000000000..80917fc0f90 --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25083.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25083", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.633", + "lastModified": "2025-03-03T14:15:49.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound EP4 More Embeds allows Stored XSS. This issue affects EP4 More Embeds: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ep4-more-embeds/vulnerability/wordpress-ep4-more-embeds-plugin-1-0-0-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25084.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25084.json new file mode 100644 index 00000000000..0c543888033 --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25084.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25084", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.777", + "lastModified": "2025-03-03T14:15:49.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound UniTimetable allows Stored XSS. This issue affects UniTimetable: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/unitimetable/vulnerability/wordpress-unitimetable-plugin-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25087.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25087.json new file mode 100644 index 00000000000..6370e2cb043 --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25087.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25087", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:49.920", + "lastModified": "2025-03-03T14:15:49.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound seekXL Snapr allows Reflected XSS. This issue affects seekXL Snapr: from n/a through 2.0.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/seekxl-snapr/vulnerability/wordpress-seekxl-snapr-plugin-2-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25089.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25089.json new file mode 100644 index 00000000000..f2ef0843140 --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25089.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25089", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.053", + "lastModified": "2025-03-03T14:15:50.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in appten Image Rotator allows Reflected XSS. This issue affects Image Rotator: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/appten-image-rotator/vulnerability/wordpress-easy-wp-tiles-plugin-1-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25090.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25090.json new file mode 100644 index 00000000000..1b90a6f28aa --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25090.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25090", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.197", + "lastModified": "2025-03-03T14:15:50.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Dreamstime Stock Photos allows Reflected XSS. This issue affects Dreamstime Stock Photos: from n/a through 4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dreamstime-stock-photos/vulnerability/wordpress-dreamstime-stock-photos-plugin-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25092.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25092.json new file mode 100644 index 00000000000..764e1c8d13f --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25092.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25092", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.343", + "lastModified": "2025-03-03T14:15:50.343", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gtlwpdev All push notification for WP allows Reflected XSS. This issue affects All push notification for WP: from n/a through 1.5.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/all-push-notification/vulnerability/wordpress-easy-wp-tiles-plugin-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-250xx/CVE-2025-25099.json b/CVE-2025/CVE-2025-250xx/CVE-2025-25099.json new file mode 100644 index 00000000000..af388542a4b --- /dev/null +++ b/CVE-2025/CVE-2025-250xx/CVE-2025-25099.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25099", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.490", + "lastModified": "2025-03-03T14:15:50.490", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in accreteinfosolution Appointment Buddy Widget allows Reflected XSS. This issue affects Appointment Buddy Widget: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/appointment-buddy-online-appointment-booking-by-accrete/vulnerability/wordpress-embed-rss-plugin-3-1-arbitrary-shortcode-execution-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25102.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25102.json new file mode 100644 index 00000000000..1b73bb7437b --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25102.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25102", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.630", + "lastModified": "2025-03-03T14:15:50.630", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Yahoo BOSS allows Reflected XSS. This issue affects Yahoo BOSS: from n/a through 0.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/yahoo-boss/vulnerability/wordpress-yahoo-boss-plugin-0-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25108.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25108.json new file mode 100644 index 00000000000..433132d57a0 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25108.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25108", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.767", + "lastModified": "2025-03-03T14:15:50.767", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shalomworld SW Plus allows Reflected XSS. This issue affects SW Plus: from n/a through 2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/shalom-world-media-gallery/vulnerability/wordpress-sw-plus-plugin-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25109.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25109.json new file mode 100644 index 00000000000..2a6510670cf --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25109.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25109", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:50.907", + "lastModified": "2025-03-03T14:15:50.907", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound WP Vehicle Manager allows PHP Local File Inclusion. This issue affects WP Vehicle Manager: from n/a through 3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/js-vehicle-manager/vulnerability/wordpress-embed-rss-plugin-3-1-arbitrary-shortcode-execution-vulnerability-3?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25112.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25112.json new file mode 100644 index 00000000000..96aa915379a --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25112.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25112", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.050", + "lastModified": "2025-03-03T14:15:51.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Social Links allows Blind SQL Injection. This issue affects Social Links: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/social-links/vulnerability/wordpress-links-in-captions-plugin-1-2-stored-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25113.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25113.json new file mode 100644 index 00000000000..f5e34447bb0 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25113.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25113", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.193", + "lastModified": "2025-03-03T14:15:51.193", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Implied Cookie Consent allows Reflected XSS. This issue affects Implied Cookie Consent: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/implied-cookie-consent/vulnerability/wordpress-external-video-for-everybody-plugin-2-1-1-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25114.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25114.json new file mode 100644 index 00000000000..e927276b4c7 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25114.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25114", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.333", + "lastModified": "2025-03-03T14:15:51.333", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ehabstar User Role allows Reflected XSS. This issue affects User Role: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/user-roles/vulnerability/wordpress-easy-wp-tiles-plugin-1-cross-site-scripting-xss-vulnerability-6?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25115.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25115.json new file mode 100644 index 00000000000..a32505cb8a9 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25115.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25115", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.477", + "lastModified": "2025-03-03T14:15:51.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Like dislike plus counter allows Stored XSS. This issue affects Like dislike plus counter: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/like-dislike-plus-counter/vulnerability/wordpress-easy-wp-tiles-plugin-1-cross-site-scripting-xss-vulnerability-5?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25118.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25118.json new file mode 100644 index 00000000000..f9ccd06a0e9 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25118.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25118", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.610", + "lastModified": "2025-03-03T14:15:51.610", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Top Bar \u2013 PopUps \u2013 by WPOptin allows Reflected XSS. This issue affects Top Bar \u2013 PopUps \u2013 by WPOptin: from n/a through 2.0.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpoptin/vulnerability/wordpress-easy-wp-tiles-plugin-1-cross-site-scripting-xss-vulnerability-7?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25119.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25119.json new file mode 100644 index 00000000000..42fc6a85f03 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25119.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25119", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.750", + "lastModified": "2025-03-03T14:15:51.750", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Woocommerce osCommerce Sync allows Reflected XSS. This issue affects Woocommerce osCommerce Sync: from n/a through 2.0.20." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/woo-oscommerce-sync/vulnerability/wordpress-easy-wp-tiles-plugin-1-cross-site-scripting-xss-vulnerability-4?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25121.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25121.json new file mode 100644 index 00000000000..de40b260508 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25121.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25121", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:51.887", + "lastModified": "2025-03-03T14:15:51.887", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Theme Options Z allows Stored XSS. This issue affects Theme Options Z: from n/a through 1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/theme-options-z/vulnerability/wordpress-wp-spell-check-plugin-9-21-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25122.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25122.json new file mode 100644 index 00000000000..4ff97f85bf0 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25122.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25122", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.033", + "lastModified": "2025-03-03T14:15:52.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue affects WizShop: from n/a through 3.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-35" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wizshop/vulnerability/wordpress-wp-spell-check-plugin-9-21-cross-site-request-forgery-csrf-vulnerability-4?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25124.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25124.json new file mode 100644 index 00000000000..6d0eae81d0c --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25124.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25124", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.183", + "lastModified": "2025-03-03T14:15:52.183", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devu Status Updater allows Reflected XSS. This issue affects Status Updater: from n/a through 1.9.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/fb-status-updater/vulnerability/wordpress-wp-spell-check-plugin-9-21-cross-site-request-forgery-csrf-vulnerability-3?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25127.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25127.json new file mode 100644 index 00000000000..5e1b53386f7 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25127.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25127", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.320", + "lastModified": "2025-03-03T14:15:52.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rohitashv Singhal Contact Us By Lord Linus allows Reflected XSS. This issue affects Contact Us By Lord Linus: from n/a through 2.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/contact-us-by-lord-linus/vulnerability/wordpress-contact-us-by-lord-linus-plugin-2-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25129.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25129.json new file mode 100644 index 00000000000..509542b6bea --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25129.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25129", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.460", + "lastModified": "2025-03-03T14:15:52.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Callback Request allows Reflected XSS. This issue affects Callback Request: from n/a through 1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/callback-request/vulnerability/wordpress-callback-request-plugin-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25130.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25130.json new file mode 100644 index 00000000000..c438807452e --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25130.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25130", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.613", + "lastModified": "2025-03-03T14:15:52.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File Inclusion. This issue affects Delete Comments By Status: from n/a through 2.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-23" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/delete-comments-by-status/vulnerability/wordpress-external-video-for-everybody-plugin-2-1-1-cross-site-scripting-xss-vulnerability-3?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25131.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25131.json new file mode 100644 index 00000000000..98866fd0372 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25131.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25131", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.777", + "lastModified": "2025-03-03T14:15:52.777", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RJ Quickcharts allows Stored XSS. This issue affects RJ Quickcharts: from n/a through 0.6.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rj-quickcharts/vulnerability/wordpress-rj-quickcharts-plugin-0-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25132.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25132.json new file mode 100644 index 00000000000..6cc6c6adf3d --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25132.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25132", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:52.917", + "lastModified": "2025-03-03T14:15:52.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ravi Singh Visitor Details allows Stored XSS. This issue affects Visitor Details: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/visitors-details/vulnerability/wordpress-visitor-details-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25133.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25133.json new file mode 100644 index 00000000000..7d3fd5dfbc1 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25133.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25133", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.060", + "lastModified": "2025-03-03T14:15:53.060", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Frontend Submit allows Cross-Site Scripting (XSS). This issue affects WP Frontend Submit: from n/a through 1.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-frontend-submit/vulnerability/wordpress-indeed-api-plugin-0-5-csrf-to-settings-change-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25137.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25137.json new file mode 100644 index 00000000000..0ced86bff2e --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25137.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25137", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.200", + "lastModified": "2025-03-03T14:15:53.200", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Social Links allows Stored XSS. This issue affects Social Links: from n/a through 1.0.11." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/social-links/vulnerability/wordpress-facilita-form-tracker-plugin-1-0-csrf-to-stored-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25142.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25142.json new file mode 100644 index 00000000000..73a9a388510 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25142.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25142", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.337", + "lastModified": "2025-03-03T14:15:53.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Less Compiler allows Stored XSS. This issue affects WP Less Compiler: from n/a through 1.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-less-compiler/vulnerability/wordpress-wp-less-compiler-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25150.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25150.json new file mode 100644 index 00000000000..3a7b8ef89e2 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25150.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25150", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.477", + "lastModified": "2025-03-03T14:15:53.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing allows Blind SQL Injection. This issue affects uListing: from n/a through 2.1.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ulisting/vulnerability/wordpress-songkick-concerts-and-festivals-plugin-0-9-7-cross-site-request-forgery-csrf-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25157.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25157.json new file mode 100644 index 00000000000..c0cc3035f10 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25157.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25157", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.617", + "lastModified": "2025-03-03T14:15:53.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Church Center allows Reflected XSS. This issue affects WP Church Center: from n/a through 1.3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-church-center/vulnerability/wordpress-wp-church-center-plugin-1-3-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25158.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25158.json new file mode 100644 index 00000000000..644586ee495 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25158.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25158", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.760", + "lastModified": "2025-03-03T14:15:53.760", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Uncomplicated SEO allows Reflected XSS. This issue affects Uncomplicated SEO: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/uncomplicated-seo/vulnerability/wordpress-uncomplicated-seo-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25161.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25161.json new file mode 100644 index 00000000000..30d6fbbc5cf --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25161.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25161", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:53.900", + "lastModified": "2025-03-03T14:15:53.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Find Your Nearest allows Reflected XSS. This issue affects WP Find Your Nearest: from n/a through 0.3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-find-your-nearest/vulnerability/wordpress-globalquran-plugin-1-0-csrf-to-settings-change-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25162.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25162.json new file mode 100644 index 00000000000..bebb79634cf --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25162.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25162", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.040", + "lastModified": "2025-03-03T14:15:54.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Sports Rankings and Lists allows Absolute Path Traversal. This issue affects Sports Rankings and Lists: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sports-rankings-lists/vulnerability/wordpress-read-more-copy-link-plugin-1-0-2-csrf-to-stored-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25164.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25164.json new file mode 100644 index 00000000000..cd0b44e3b0e --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25164.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25164", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.190", + "lastModified": "2025-03-03T14:15:54.190", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Meta Accelerator allows Reflected XSS. This issue affects Meta Accelerator: from n/a through 1.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/meta-accelerator/vulnerability/wordpress-meta-accelerator-plugin-1-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25165.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25165.json new file mode 100644 index 00000000000..f20a5ced473 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25165.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25165", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.330", + "lastModified": "2025-03-03T14:15:54.330", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Staff Directory Plugin: Company Directory allows Stored XSS. This issue affects Staff Directory Plugin: Company Directory: from n/a through 4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/staff-directory-pro/vulnerability/wordpress-staff-directory-plugin-company-directory-plugin-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25169.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25169.json new file mode 100644 index 00000000000..47de4041a03 --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25169.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25169", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.477", + "lastModified": "2025-03-03T14:15:54.477", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Authors Autocomplete Meta Box allows Reflected XSS. This issue affects Authors Autocomplete Meta Box: from n/a through 1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/authors-autocomplete-meta-box/vulnerability/wordpress-authors-autocomplete-meta-box-plugin-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-251xx/CVE-2025-25170.json b/CVE-2025/CVE-2025-251xx/CVE-2025-25170.json new file mode 100644 index 00000000000..b672fd4a9be --- /dev/null +++ b/CVE-2025/CVE-2025-251xx/CVE-2025-25170.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-25170", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.613", + "lastModified": "2025-03-03T14:15:54.613", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Migrate Posts allows Reflected XSS. This issue affects Migrate Posts: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/migrate-post/vulnerability/wordpress-migrate-posts-plugin-1-0-post-based-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26534.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26534.json new file mode 100644 index 00000000000..3638a8f296b --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26534.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26534", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.757", + "lastModified": "2025-03-03T14:15:54.757", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/helloprint/vulnerability/wordpress-helloprint-plugin-2-0-7-arbitrary-file-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26535.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26535.json new file mode 100644 index 00000000000..4ca82b5636c --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26535.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26535", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:54.900", + "lastModified": "2025-03-03T14:15:54.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Bitcoin / AltCoin Payment Gateway for WooCommerce allows Blind SQL Injection. This issue affects Bitcoin / AltCoin Payment Gateway for WooCommerce: from n/a through 1.7.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/woo-altcoin-payment-gateway/vulnerability/wordpress-bitcoin-altcoin-payment-gateway-for-woocommerce-multivendor-store-shop-plugin-1-7-6-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26540.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26540.json new file mode 100644 index 00000000000..9f4e292deab --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26540.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26540", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.037", + "lastModified": "2025-03-03T14:15:55.037", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Helloprint allows Path Traversal. This issue affects Helloprint: from n/a through 2.0.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/helloprint/vulnerability/wordpress-helloprint-plugin-2-0-7-arbitrary-file-deletion-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26557.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26557.json new file mode 100644 index 00000000000..dd6f6510883 --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26557.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26557", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.173", + "lastModified": "2025-03-03T14:15:55.173", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ViperBar allows Reflected XSS. This issue affects ViperBar: from n/a through 2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/viperbar/vulnerability/wordpress-viperbar-plugin-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26563.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26563.json new file mode 100644 index 00000000000..b03a5690a9d --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26563.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26563", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.310", + "lastModified": "2025-03-03T14:15:55.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mobile allows Reflected XSS. This issue affects Mobile: from n/a through 1.3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rocket-wp-mobile/vulnerability/wordpress-rocket-mobile-plugin-0-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26585.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26585.json new file mode 100644 index 00000000000..2e54c8abe2b --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26585.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26585", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.470", + "lastModified": "2025-03-03T14:15:55.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DL Leadback allows Reflected XSS. This issue affects DL Leadback: from n/a through 1.2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dl-leadback/vulnerability/wordpress-dl-leadback-plugin-1-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26586.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26586.json new file mode 100644 index 00000000000..6fcb65ac84e --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26586.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26586", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.640", + "lastModified": "2025-03-03T14:15:55.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Events Planner allows Reflected XSS. This issue affects Events Planner: from n/a through 1.3.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/events-planner/vulnerability/wordpress-events-planner-plugin-1-3-10-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26587.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26587.json new file mode 100644 index 00000000000..9f292201878 --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26587.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26587", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.780", + "lastModified": "2025-03-03T14:15:55.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound sidebarTabs allows Reflected XSS. This issue affects sidebarTabs: from n/a through 3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sidebartabs/vulnerability/wordpress-sidebartabs-plugin-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26588.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26588.json new file mode 100644 index 00000000000..7c67669bcf4 --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26588.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26588", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:55.920", + "lastModified": "2025-03-03T14:15:55.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound TTT Crop allows Reflected XSS. This issue affects TTT Crop: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ttt-crop/vulnerability/wordpress-ttt-crop-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-265xx/CVE-2025-26589.json b/CVE-2025/CVE-2025-265xx/CVE-2025-26589.json new file mode 100644 index 00000000000..e36f297dde5 --- /dev/null +++ b/CVE-2025/CVE-2025-265xx/CVE-2025-26589.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26589", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.067", + "lastModified": "2025-03-03T14:15:56.067", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound IE CSS3 Support allows Reflected XSS. This issue affects IE CSS3 Support: from n/a through 2.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ie-css3-support/vulnerability/wordpress-ie-css3-support-plugin-2-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-268xx/CVE-2025-26879.json b/CVE-2025/CVE-2025-268xx/CVE-2025-26879.json new file mode 100644 index 00000000000..ec016ae5851 --- /dev/null +++ b/CVE-2025/CVE-2025-268xx/CVE-2025-26879.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26879", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.213", + "lastModified": "2025-03-03T14:15:56.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristi\u00e1n L\u00e1vaque s2Member Pro allows Reflected XSS. This issue affects s2Member Pro: from n/a through 241216." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/s2member/vulnerability/wordpress-s2member-plugin-241216-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-268xx/CVE-2025-26885.json b/CVE-2025/CVE-2025-268xx/CVE-2025-26885.json new file mode 100644 index 00000000000..e2c241edcd4 --- /dev/null +++ b/CVE-2025/CVE-2025-268xx/CVE-2025-26885.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26885", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.360", + "lastModified": "2025-03-03T14:15:56.360", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Brent Jett Assistant allows Object Injection. This issue affects Assistant: from n/a through 1.5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/assistant/vulnerability/wordpress-assistant-plugin-1-5-1-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26914.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26914.json new file mode 100644 index 00000000000..1056e5e21ac --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26914.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26914", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.500", + "lastModified": "2025-03-03T14:15:56.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Variable Inspector allows Reflected XSS. This issue affects Variable Inspector: from n/a through 2.6.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/variable-inspector/vulnerability/wordpress-variable-inspector-plugin-2-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26917.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26917.json new file mode 100644 index 00000000000..68f1ad1d90a --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26917.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26917", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.640", + "lastModified": "2025-03-03T14:15:56.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata allows Reflected XSS. This issue affects WP Templata: from n/a through 1.0.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wptemplata/vulnerability/wordpress-wp-templata-plugin-1-0-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26918.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26918.json new file mode 100644 index 00000000000..78cbdc3501a --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26918.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26918", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.787", + "lastModified": "2025-03-03T14:15:56.787", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Small Package Quotes \u2013 Unishippers Edition allows Reflected XSS. This issue affects Small Package Quotes \u2013 Unishippers Edition: from n/a through 2.4.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/small-package-quotes-unishippers-edition/vulnerability/wordpress-small-package-quotes-unishippers-edition-plugin-2-4-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26967.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26967.json new file mode 100644 index 00000000000..c73e568438b --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26967.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26967", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:56.927", + "lastModified": "2025-03-03T14:15:56.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Stiofan Events Calendar for GeoDirectory allows Object Injection. This issue affects Events Calendar for GeoDirectory: from n/a through 2.3.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/events-for-geodirectory/vulnerability/wordpress-events-calendar-for-geodirectory-plugin-2-3-14-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26970.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26970.json new file mode 100644 index 00000000000..a573119d35e --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26970.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26970", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.077", + "lastModified": "2025-03-03T14:15:57.077", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ark Theme Core allows Code Injection. This issue affects Ark Theme Core: from n/a through 1.70.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ark-core/vulnerability/wordpress-ark-theme-core-plugin-1-70-0-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26984.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26984.json new file mode 100644 index 00000000000..d26b8a0abc1 --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26984.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26984", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.217", + "lastModified": "2025-03-03T14:15:57.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozy Vision SMS Alert Order Notifications \u2013 WooCommerce allows Reflected XSS. This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.7.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sms-alert/vulnerability/wordpress-sms-alert-order-notifications-woocommerce-plugin-3-7-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26988.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26988.json new file mode 100644 index 00000000000..74668e384cc --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26988.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26988", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.370", + "lastModified": "2025-03-03T14:15:57.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications \u2013 WooCommerce allows SQL Injection. This issue affects SMS Alert Order Notifications \u2013 WooCommerce: from n/a through 3.7.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sms-alert/vulnerability/wordpress-sms-alert-order-notifications-woocommerce-plugin-3-7-8-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26989.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26989.json new file mode 100644 index 00000000000..660b4ffd13a --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26989.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26989", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.520", + "lastModified": "2025-03-03T14:15:57.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softdiscover Zigaform \u2013 Form Builder Lite allows Stored XSS. This issue affects Zigaform \u2013 Form Builder Lite: from n/a through 7.4.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/zigaform-form-builder-lite/vulnerability/wordpress-zigaform-form-builder-lite-plugin-7-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26994.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26994.json new file mode 100644 index 00000000000..babd7f76d9f --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26994.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26994", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.667", + "lastModified": "2025-03-03T14:15:57.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softdiscover Zigaform \u2013 Price Calculator & Cost Estimation Form Builder Lite allows Stored XSS. This issue affects Zigaform \u2013 Price Calculator & Cost Estimation Form Builder Lite: from n/a through 7.4.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/zigaform-calculator-cost-estimation-form-builder-lite/vulnerability/wordpress-zigaform-price-calculator-cost-estimation-form-builder-lite-plugin-7-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-269xx/CVE-2025-26999.json b/CVE-2025/CVE-2025-269xx/CVE-2025-26999.json new file mode 100644 index 00000000000..9cec1cac19b --- /dev/null +++ b/CVE-2025/CVE-2025-269xx/CVE-2025-26999.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-26999", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.830", + "lastModified": "2025-03-03T14:15:57.830", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in Metagauss ProfileGrid allows Object Injection. This issue affects ProfileGrid : from n/a through 5.9.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/profilegrid-user-profiles-groups-and-communities/vulnerability/wordpress-profilegrid-plugin-5-9-4-3-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27263.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27263.json new file mode 100644 index 00000000000..8c5c74befb1 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27263.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27263", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:57.980", + "lastModified": "2025-03-03T14:15:57.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Doctor Appointment Booking allows SQL Injection. This issue affects Doctor Appointment Booking: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/doctor-appointment-booking/vulnerability/wordpress-doctor-appointment-booking-plugin-1-0-0-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27264.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27264.json new file mode 100644 index 00000000000..09f20337cc6 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27264.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27264", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.123", + "lastModified": "2025-03-03T14:15:58.123", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Doctor Appointment Booking allows PHP Local File Inclusion. This issue affects Doctor Appointment Booking: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/doctor-appointment-booking/vulnerability/wordpress-doctor-appointment-booking-plugin-1-0-0-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27268.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27268.json new file mode 100644 index 00000000000..76a5f14a905 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27268.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27268", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.260", + "lastModified": "2025-03-03T14:15:58.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes \u2013 Worldwide Express Edition allows SQL Injection. This issue affects Small Package Quotes \u2013 Worldwide Express Edition: from n/a through 5.2.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/small-package-quotes-wwe-edition/vulnerability/wordpress-small-package-quotes-worldwide-express-edition-plugin-5-2-18-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27269.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27269.json new file mode 100644 index 00000000000..7537e6c822a --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27269.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27269", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.403", + "lastModified": "2025-03-03T14:15:58.403", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound .htaccess Login block allows Reflected XSS. This issue affects .htaccess Login block: from n/a through 0.9a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/htaccess-login-block/vulnerability/wordpress-htaccess-login-block-plugin-0-9a-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27270.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27270.json new file mode 100644 index 00000000000..8ce353050ef --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27270.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27270", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.540", + "lastModified": "2025-03-03T14:15:58.540", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in NotFound Residential Address Detection allows Privilege Escalation. This issue affects Residential Address Detection: from n/a through 2.5.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/residential-address-detection/vulnerability/wordpress-residential-address-detection-plugin-2-5-4-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27271.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27271.json new file mode 100644 index 00000000000..5ddfd305e79 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27271.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27271", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.677", + "lastModified": "2025-03-03T14:15:58.677", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DB Tables Import/Export allows Reflected XSS. This issue affects DB Tables Import/Export: from n/a through 1.0.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/db-tables-importexport/vulnerability/wordpress-db-tables-import-export-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27273.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27273.json new file mode 100644 index 00000000000..c9449cf035d --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27273.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27273", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.817", + "lastModified": "2025-03-03T14:15:58.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in winking Affiliate Links Manager allows Reflected XSS. This issue affects Affiliate Links Manager: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/affiliate-links-manager/vulnerability/wordpress-affiliate-links-manager-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27274.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27274.json new file mode 100644 index 00000000000..5e339d36ef2 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27274.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27274", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:58.960", + "lastModified": "2025-03-03T14:15:58.960", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX Viewer: from n/a through 2.2.11." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-35" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/gpx-viewer/vulnerability/wordpress-gpx-viewer-plugin-2-2-11-path-traversal-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27275.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27275.json new file mode 100644 index 00000000000..d5835145270 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27275.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27275", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:59.097", + "lastModified": "2025-03-03T14:15:59.097", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andrew_fisher WOO Codice Fiscale allows Reflected XSS. This issue affects WOO Codice Fiscale: from n/a through 1.6.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/woo-codice-fiscale/vulnerability/wordpress-woo-codice-fiscale-plugin-1-6-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27278.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27278.json new file mode 100644 index 00000000000..4c3a28e6f38 --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27278.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27278", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:59.237", + "lastModified": "2025-03-03T14:15:59.237", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AcuGIS Leaflet Maps allows Reflected XSS. This issue affects AcuGIS Leaflet Maps: from n/a through 5.1.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mapfig-premium-leaflet-map-maker/vulnerability/wordpress-acugis-leaflet-maps-plugin-5-1-1-0-multiple-cross-site-scripting-xss-vulnerabilities?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-272xx/CVE-2025-27279.json b/CVE-2025/CVE-2025-272xx/CVE-2025-27279.json new file mode 100644 index 00000000000..81065768d3b --- /dev/null +++ b/CVE-2025/CVE-2025-272xx/CVE-2025-27279.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-27279", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-03-03T14:15:59.373", + "lastModified": "2025-03-03T14:15:59.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Flashfader allows Reflected XSS. This issue affects Flashfader: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/flashfader/vulnerability/wordpress-flashfader-plugin-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index dc59d031b0a..61758cdde90 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-03T13:00:20.516374+00:00 +2025-03-03T15:00:20.810379+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-03T12:15:34.610000+00:00 +2025-03-03T14:54:17.487000+00:00 ``` ### Last Data Feed Release @@ -33,46 +33,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -283710 +283888 ``` ### CVEs added in the last Commit -Recently added CVEs: `31` +Recently added CVEs: `178` -- [CVE-2024-43057](CVE-2024/CVE-2024-430xx/CVE-2024-43057.json) (`2025-03-03T11:15:11.970`) -- [CVE-2024-43059](CVE-2024/CVE-2024-430xx/CVE-2024-43059.json) (`2025-03-03T11:15:12.140`) -- [CVE-2024-43060](CVE-2024/CVE-2024-430xx/CVE-2024-43060.json) (`2025-03-03T11:15:12.300`) -- [CVE-2024-43061](CVE-2024/CVE-2024-430xx/CVE-2024-43061.json) (`2025-03-03T11:15:12.460`) -- [CVE-2024-43062](CVE-2024/CVE-2024-430xx/CVE-2024-43062.json) (`2025-03-03T11:15:12.617`) -- [CVE-2024-45580](CVE-2024/CVE-2024-455xx/CVE-2024-45580.json) (`2025-03-03T11:15:12.763`) -- [CVE-2024-49836](CVE-2024/CVE-2024-498xx/CVE-2024-49836.json) (`2025-03-03T11:15:12.923`) -- [CVE-2024-53011](CVE-2024/CVE-2024-530xx/CVE-2024-53011.json) (`2025-03-03T11:15:13.080`) -- [CVE-2024-53012](CVE-2024/CVE-2024-530xx/CVE-2024-53012.json) (`2025-03-03T11:15:13.280`) -- [CVE-2024-53014](CVE-2024/CVE-2024-530xx/CVE-2024-53014.json) (`2025-03-03T11:15:13.450`) -- [CVE-2024-53022](CVE-2024/CVE-2024-530xx/CVE-2024-53022.json) (`2025-03-03T11:15:13.630`) -- [CVE-2024-53023](CVE-2024/CVE-2024-530xx/CVE-2024-53023.json) (`2025-03-03T11:15:13.777`) -- [CVE-2024-53024](CVE-2024/CVE-2024-530xx/CVE-2024-53024.json) (`2025-03-03T11:15:13.943`) -- [CVE-2024-53025](CVE-2024/CVE-2024-530xx/CVE-2024-53025.json) (`2025-03-03T11:15:14.120`) -- [CVE-2024-53027](CVE-2024/CVE-2024-530xx/CVE-2024-53027.json) (`2025-03-03T11:15:14.290`) -- [CVE-2024-53028](CVE-2024/CVE-2024-530xx/CVE-2024-53028.json) (`2025-03-03T11:15:14.460`) -- [CVE-2024-53029](CVE-2024/CVE-2024-530xx/CVE-2024-53029.json) (`2025-03-03T11:15:14.617`) -- [CVE-2024-53030](CVE-2024/CVE-2024-530xx/CVE-2024-53030.json) (`2025-03-03T11:15:14.770`) -- [CVE-2024-53031](CVE-2024/CVE-2024-530xx/CVE-2024-53031.json) (`2025-03-03T11:15:14.920`) -- [CVE-2024-53032](CVE-2024/CVE-2024-530xx/CVE-2024-53032.json) (`2025-03-03T11:15:15.060`) -- [CVE-2024-53033](CVE-2024/CVE-2024-530xx/CVE-2024-53033.json) (`2025-03-03T11:15:15.203`) -- [CVE-2024-53034](CVE-2024/CVE-2024-530xx/CVE-2024-53034.json) (`2025-03-03T11:15:15.360`) -- [CVE-2025-0475](CVE-2025/CVE-2025-04xx/CVE-2025-0475.json) (`2025-03-03T11:15:15.517`) -- [CVE-2025-1868](CVE-2025/CVE-2025-18xx/CVE-2025-1868.json) (`2025-03-03T11:15:15.657`) -- [CVE-2025-21424](CVE-2025/CVE-2025-214xx/CVE-2025-21424.json) (`2025-03-03T11:15:15.810`) +- [CVE-2025-26588](CVE-2025/CVE-2025-265xx/CVE-2025-26588.json) (`2025-03-03T14:15:55.920`) +- [CVE-2025-26589](CVE-2025/CVE-2025-265xx/CVE-2025-26589.json) (`2025-03-03T14:15:56.067`) +- [CVE-2025-26879](CVE-2025/CVE-2025-268xx/CVE-2025-26879.json) (`2025-03-03T14:15:56.213`) +- [CVE-2025-26885](CVE-2025/CVE-2025-268xx/CVE-2025-26885.json) (`2025-03-03T14:15:56.360`) +- [CVE-2025-26914](CVE-2025/CVE-2025-269xx/CVE-2025-26914.json) (`2025-03-03T14:15:56.500`) +- [CVE-2025-26917](CVE-2025/CVE-2025-269xx/CVE-2025-26917.json) (`2025-03-03T14:15:56.640`) +- [CVE-2025-26918](CVE-2025/CVE-2025-269xx/CVE-2025-26918.json) (`2025-03-03T14:15:56.787`) +- [CVE-2025-26967](CVE-2025/CVE-2025-269xx/CVE-2025-26967.json) (`2025-03-03T14:15:56.927`) +- [CVE-2025-26970](CVE-2025/CVE-2025-269xx/CVE-2025-26970.json) (`2025-03-03T14:15:57.077`) +- [CVE-2025-26984](CVE-2025/CVE-2025-269xx/CVE-2025-26984.json) (`2025-03-03T14:15:57.217`) +- [CVE-2025-26988](CVE-2025/CVE-2025-269xx/CVE-2025-26988.json) (`2025-03-03T14:15:57.370`) +- [CVE-2025-26989](CVE-2025/CVE-2025-269xx/CVE-2025-26989.json) (`2025-03-03T14:15:57.520`) +- [CVE-2025-26994](CVE-2025/CVE-2025-269xx/CVE-2025-26994.json) (`2025-03-03T14:15:57.667`) +- [CVE-2025-26999](CVE-2025/CVE-2025-269xx/CVE-2025-26999.json) (`2025-03-03T14:15:57.830`) +- [CVE-2025-27263](CVE-2025/CVE-2025-272xx/CVE-2025-27263.json) (`2025-03-03T14:15:57.980`) +- [CVE-2025-27264](CVE-2025/CVE-2025-272xx/CVE-2025-27264.json) (`2025-03-03T14:15:58.123`) +- [CVE-2025-27268](CVE-2025/CVE-2025-272xx/CVE-2025-27268.json) (`2025-03-03T14:15:58.260`) +- [CVE-2025-27269](CVE-2025/CVE-2025-272xx/CVE-2025-27269.json) (`2025-03-03T14:15:58.403`) +- [CVE-2025-27270](CVE-2025/CVE-2025-272xx/CVE-2025-27270.json) (`2025-03-03T14:15:58.540`) +- [CVE-2025-27271](CVE-2025/CVE-2025-272xx/CVE-2025-27271.json) (`2025-03-03T14:15:58.677`) +- [CVE-2025-27273](CVE-2025/CVE-2025-272xx/CVE-2025-27273.json) (`2025-03-03T14:15:58.817`) +- [CVE-2025-27274](CVE-2025/CVE-2025-272xx/CVE-2025-27274.json) (`2025-03-03T14:15:58.960`) +- [CVE-2025-27275](CVE-2025/CVE-2025-272xx/CVE-2025-27275.json) (`2025-03-03T14:15:59.097`) +- [CVE-2025-27278](CVE-2025/CVE-2025-272xx/CVE-2025-27278.json) (`2025-03-03T14:15:59.237`) +- [CVE-2025-27279](CVE-2025/CVE-2025-272xx/CVE-2025-27279.json) (`2025-03-03T14:15:59.373`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `11` -- [CVE-2024-10234](CVE-2024/CVE-2024-102xx/CVE-2024-10234.json) (`2025-03-03T12:15:33.137`) -- [CVE-2025-1244](CVE-2025/CVE-2025-12xx/CVE-2025-1244.json) (`2025-03-03T12:15:34.453`) +- [CVE-2024-53011](CVE-2024/CVE-2024-530xx/CVE-2024-53011.json) (`2025-03-03T13:15:10.853`) +- [CVE-2025-1247](CVE-2025/CVE-2025-12xx/CVE-2025-1247.json) (`2025-03-03T14:15:34.120`) +- [CVE-2025-1634](CVE-2025/CVE-2025-16xx/CVE-2025-1634.json) (`2025-03-03T14:15:34.237`) +- [CVE-2025-21121](CVE-2025/CVE-2025-211xx/CVE-2025-21121.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-21123](CVE-2025/CVE-2025-211xx/CVE-2025-21123.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-21124](CVE-2025/CVE-2025-211xx/CVE-2025-21124.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-21125](CVE-2025/CVE-2025-211xx/CVE-2025-21125.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-21126](CVE-2025/CVE-2025-211xx/CVE-2025-21126.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-21157](CVE-2025/CVE-2025-211xx/CVE-2025-21157.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-21158](CVE-2025/CVE-2025-211xx/CVE-2025-21158.json) (`2025-03-03T14:54:17.487`) +- [CVE-2025-24633](CVE-2025/CVE-2025-246xx/CVE-2025-24633.json) (`2025-03-03T13:15:12.980`) ## Download and Usage diff --git a/_state.csv b/_state.csv index fe0c3e952f0..88fa1137352 100644 --- a/_state.csv +++ b/_state.csv @@ -244453,7 +244453,7 @@ CVE-2024-10230,0,0,0b6a0fc884e5ae244e576686edf454ca3ce274c75c14a9d5a28d123bec664 CVE-2024-10231,0,0,1cdb8518034cbde6323ad37f5ecdbdd8647d8b70c51f5e1314952e0041e1b97b,2024-10-25T17:01:55.633000 CVE-2024-10232,0,0,0d56e4d1ad2ea7a2574f878dbfab6b288953236c47236ee86211a53fb0dc2629,2024-11-01T12:57:03.417000 CVE-2024-10233,0,0,0f0fa741bc160fc828eb74121d2173934d2af8a73c34c7d13db17f836aa89919,2024-10-29T14:34:04.427000 -CVE-2024-10234,0,1,bb105e320b6b03f0532e666c007474e9a4ceb2ac31e85e010e84e643027a47f6,2025-03-03T12:15:33.137000 +CVE-2024-10234,0,0,bb105e320b6b03f0532e666c007474e9a4ceb2ac31e85e010e84e643027a47f6,2025-03-03T12:15:33.137000 CVE-2024-10237,0,0,cc60321022b7cb6e5577da8c0f73bbdcebcda7ac9248188a1c24cddff8eea243,2025-02-04T08:15:27.920000 CVE-2024-10238,0,0,af3722233a0cb909065d9075279edbedb9fe764eee160ff09f19117c4c052fa2,2025-02-04T08:15:28.280000 CVE-2024-10239,0,0,1aeb02b8ba8e9d51182e102b3178de31d842bee8699e4cff348214784dcd3eed,2025-02-04T08:15:28.430000 @@ -245080,7 +245080,7 @@ CVE-2024-10921,0,0,532a30e21aaece93c55687eae34d87e2044d8a94ef7a4b02c6829b158c4e0 CVE-2024-10922,0,0,42c13049e6a343c24626502c7e327925a85251677c778153d6b94466554f54c8,2024-12-12T18:15:22.627000 CVE-2024-10923,0,0,225760898dc6fbab011e0d0a07bc69513dc13006559fd556a531afd48981c97e,2024-11-21T17:15:10.053000 CVE-2024-10924,0,0,f1198492ea5d0448c480cfb52c449c77b28f46a760324baad7abe4da889f15a5,2024-11-20T14:44:47.350000 -CVE-2024-10925,1,1,71e9f7261bef551a60ac03df76c17104a2e931160ceb1ec52372df12d4d8c2db,2025-03-03T12:15:34.080000 +CVE-2024-10925,0,0,71e9f7261bef551a60ac03df76c17104a2e931160ceb1ec52372df12d4d8c2db,2025-03-03T12:15:34.080000 CVE-2024-10926,0,0,e76d1df664d864e028d7e7974d5a29e3528a8f4547669cef248ae31c5c23a1e6,2024-11-08T19:01:25.633000 CVE-2024-10927,0,0,51dbff092839b5cdc766883cb457518cde87efb23eee9d8146d4558d0c340521,2024-11-22T19:14:48.190000 CVE-2024-10928,0,0,ceaf3b03b939bd800d5c1c0e8522d8c6c53e642e161d3e2104c315d8f30327a7,2024-11-22T19:10:19.290000 @@ -252048,7 +252048,7 @@ CVE-2024-24774,0,0,f6081191014f835b364f01c2d06774fe804398159465de16dc62a59398430 CVE-2024-24775,0,0,7f0cbc7d6af894e75c1d6dc5713fcd9f630cd471f82e9ecb0a63fc95da2f7ff6,2025-01-23T19:53:31.737000 CVE-2024-24776,0,0,a2f3ec067717ca04fbf18f3a449f632e7089db64e0a17c019f843c8598b0286f,2024-11-21T08:59:40.850000 CVE-2024-24777,0,0,c46e7117281fbe7f2ffae8cc271867d3ae614f1ea7039937a5b87028aa4a092b,2024-11-21T08:59:41.007000 -CVE-2024-24778,1,1,439fe50836c122b64a1bc0a04d40954f84139c9c631a4c84ad8334e1ab19b84f,2025-03-03T11:15:11.113000 +CVE-2024-24778,0,0,439fe50836c122b64a1bc0a04d40954f84139c9c631a4c84ad8334e1ab19b84f,2025-03-03T11:15:11.113000 CVE-2024-24779,0,0,7865ce8073200edcc497f4b351f74becfa65acde228d4f6892cf22addee64a54,2025-02-13T18:17:09.103000 CVE-2024-2478,0,0,3c239e842dee9874af5c6211db90ee2eaf9a1e0be73fcbf1799989b16285416b,2025-01-23T19:24:38.173000 CVE-2024-24781,0,0,056ec447dbcc83fc2a310224e9277e0a17bd56759c2d803ede35170578118e80,2024-11-21T08:59:41.280000 @@ -262706,7 +262706,7 @@ CVE-2024-38422,0,0,bfdba1d938ae37fbdc4aeaa4ca34e4d56d3f71678329a442fe959d2d4aa00 CVE-2024-38423,0,0,e3498351b7b8492cd7d51fadce9265d5c0051da243d515627a591fd74aa6daa7,2024-11-07T19:46:41.697000 CVE-2024-38424,0,0,b20bddb1e41e4ece23219feec728eb8910763624d1ea2621b5bde813700fd52a,2024-11-07T19:51:32.117000 CVE-2024-38425,0,0,e32a925c31eb52f678b53ceda419af6344b1d99e71a719366ec4341ee3e4c249,2024-10-16T17:34:41.633000 -CVE-2024-38426,1,1,b6440f8ec7de6c911e71e8d9b3f83668350c56836ade028f9017ae263d99703c,2025-03-03T11:15:11.260000 +CVE-2024-38426,0,0,b6440f8ec7de6c911e71e8d9b3f83668350c56836ade028f9017ae263d99703c,2025-03-03T11:15:11.260000 CVE-2024-38427,0,0,e03f18230b0965ff85c2447bdfa04160304b37189e7d46e85ccfd347184198b3,2024-11-21T09:25:48.097000 CVE-2024-38428,0,0,ca429ab8620e857c2740a8b8cc185755a533a3afb8ba56ac4468e697f6bb9392,2024-11-21T09:25:48.560000 CVE-2024-38429,0,0,b538fc48e96d9ea292e38fa094ab837d9c16ca39e46b7d2aa04f5879b36ef5a5,2024-11-21T09:25:48.997000 @@ -266068,17 +266068,17 @@ CVE-2024-43048,0,0,aa462510e6501f1c68792d4463cb05868dde51c2c7f830d9a1911363c50be CVE-2024-43049,0,0,396d2f1d473f42654eb07e32ffbaf51737e64004525269d29bf446d276b04cfd,2024-12-12T15:28:13.420000 CVE-2024-4305,0,0,b12513f5175c0f4629b88ab9716e6b0a0f60c8e17fe5755afa78f7b7a5ed53a1,2024-11-21T09:42:35.147000 CVE-2024-43050,0,0,42271ce6ad3806c1a44b603d2bbc55cdacd28a664360bd8e0ae1272488c011f9,2024-12-12T15:28:32.960000 -CVE-2024-43051,1,1,3895815fd714d4cd909668a11845f75c941aa19b0e2942c7cbabfb3e978bee4f,2025-03-03T11:15:11.453000 +CVE-2024-43051,0,0,3895815fd714d4cd909668a11845f75c941aa19b0e2942c7cbabfb3e978bee4f,2025-03-03T11:15:11.453000 CVE-2024-43052,0,0,f688f09d75ea1280493efd246e06c860b66ffbaf35b8c8d551fb0708ef09b9d5,2024-12-12T15:28:54.787000 CVE-2024-43053,0,0,557eafb2a972c600f8cd1195cb2a7ab112336dd759ccf7035648b847cc40a102,2024-12-12T15:29:14.443000 -CVE-2024-43055,1,1,f1e527a3020db36b83a4085bce3603ba4821d3466fea47fcc96aa727049dc57a,2025-03-03T11:15:11.637000 -CVE-2024-43056,1,1,ae12730284e55a9b1140f979d0654e52ed26b737b0a37c72d25336a2aa80b594,2025-03-03T11:15:11.787000 -CVE-2024-43057,1,1,a7a7ab2977bd8a8ade10468e318beea5cb23d46b93172db4e776b3dcaa7ae7ca,2025-03-03T11:15:11.970000 -CVE-2024-43059,1,1,05462b939752bf1aa021e6b45bd536bb0f4523c1a8b60f2608dd310527275bcd,2025-03-03T11:15:12.140000 +CVE-2024-43055,0,0,f1e527a3020db36b83a4085bce3603ba4821d3466fea47fcc96aa727049dc57a,2025-03-03T11:15:11.637000 +CVE-2024-43056,0,0,ae12730284e55a9b1140f979d0654e52ed26b737b0a37c72d25336a2aa80b594,2025-03-03T11:15:11.787000 +CVE-2024-43057,0,0,a7a7ab2977bd8a8ade10468e318beea5cb23d46b93172db4e776b3dcaa7ae7ca,2025-03-03T11:15:11.970000 +CVE-2024-43059,0,0,05462b939752bf1aa021e6b45bd536bb0f4523c1a8b60f2608dd310527275bcd,2025-03-03T11:15:12.140000 CVE-2024-4306,0,0,a9d1ef0236802bb22bfceddb930f35a94054088f067df2c4e92b7fc4f2d8e7ec,2024-11-21T09:42:35.350000 -CVE-2024-43060,1,1,c317dd5ce0de4916fba6a4f2879d32732eca3f3772943ae21f727201875a6ccf,2025-03-03T11:15:12.300000 -CVE-2024-43061,1,1,4957c1c66b8cd7608c44bf9db2197fc4f71b530bed3769ed53d2a3b24a1afbeb,2025-03-03T11:15:12.460000 -CVE-2024-43062,1,1,4088144f2f5057b601e06f365c9bab540e1916724d5f5c35b15f2dccbba3f87f,2025-03-03T11:15:12.617000 +CVE-2024-43060,0,0,c317dd5ce0de4916fba6a4f2879d32732eca3f3772943ae21f727201875a6ccf,2025-03-03T11:15:12.300000 +CVE-2024-43061,0,0,4957c1c66b8cd7608c44bf9db2197fc4f71b530bed3769ed53d2a3b24a1afbeb,2025-03-03T11:15:12.460000 +CVE-2024-43062,0,0,4088144f2f5057b601e06f365c9bab540e1916724d5f5c35b15f2dccbba3f87f,2025-03-03T11:15:12.617000 CVE-2024-43063,0,0,8753ed6cced2789acaf67947f81e20495a0bebb4d20a1a7648ba9c44702bfc30,2025-01-10T15:37:33.340000 CVE-2024-43064,0,0,3bca3804c5d22727d53d3aebc24210f9425875c9c0a366159e62b07b6f538d51,2025-01-13T21:50:35.483000 CVE-2024-4307,0,0,e22b3a2ddde6a1bbbef551e8119df90fb59ea5e219b25194ed74d47d12720593,2024-11-21T09:42:35.467000 @@ -268048,7 +268048,7 @@ CVE-2024-4557,0,0,f03788c64b01fc0f9d9c6cb18548e7bc0f50cbdbc649d65a3f2f5d0fd687df CVE-2024-45571,0,0,c7f0d89973a00808e2faef19f5c20c56647cadbd6769b20ffdcbb83a50343c42,2025-02-05T16:01:46.163000 CVE-2024-45573,0,0,9a59c58b652198dcc2bdac9416fb5756a5d9c1df6029d3282d02eb5461aa2816,2025-02-05T16:01:49.620000 CVE-2024-4558,0,0,3406f02edd918cc96dd602fdb16b4d4e12ad3abf909753504b463aebc8840fcf,2024-12-20T17:18:09.597000 -CVE-2024-45580,1,1,7c9108a52ac022b17ab652602e6c9e98585371bb4a69a39c14a6faa9d83f9cbe,2025-03-03T11:15:12.763000 +CVE-2024-45580,0,0,7c9108a52ac022b17ab652602e6c9e98585371bb4a69a39c14a6faa9d83f9cbe,2025-03-03T11:15:12.763000 CVE-2024-45582,0,0,00793631d633ec24d1a40beef713f9d423a97e799b35bd6ffc13cd157f29be0d,2025-02-05T16:01:56.140000 CVE-2024-45584,0,0,f0e0d36031c24782c73f581d2df414b44393105ea3cd6d5d26cfa9e14b2899fe,2025-02-05T16:01:23.100000 CVE-2024-45586,0,0,4deeb3aa2260cd51b7800a8653efd1821ed71cf9ac1cbe48f44f9b10b4dcaa22,2024-09-04T12:15:05.320000 @@ -269016,6 +269016,7 @@ CVE-2024-47087,0,0,b56dbb7c29bf52cbde017cc3db3cfe1afcda59c660f79d99f3a4e37b4a7b3 CVE-2024-47088,0,0,07268936431637d0cc30d006ce4270ab2145b17403b263088993818b0addb1fb,2024-09-26T19:12:58.083000 CVE-2024-47089,0,0,8e17a57c1e6618cdf1258c205b02223609ecc9bebe997d19f4b92abe7a24c13b,2024-09-26T19:09:44.377000 CVE-2024-4709,0,0,fb8e04b1891ec411dac50f73dd21b9dddab9f77110643379d3cb27db5c3b5a21,2025-02-06T18:37:12.683000 +CVE-2024-47092,1,1,393b3daa90951bd64b041a3ee8ee705c4e6ed6dddcae0007d888c3165d3c306a,2025-03-03T14:15:33.473000 CVE-2024-47093,0,0,254373901b8fc660464b2e2de4e7fbfe56fe2ef0b4d8cc4ab6e7d7491a830b6b,2024-12-19T15:15:07.250000 CVE-2024-47094,0,0,ee2465816890ce3f2363bf329af267df040aa5a70262d0dafb8ba55c98d9f579,2024-12-03T20:01:52.610000 CVE-2024-47095,0,0,3cad230087e8d967e8998024ec473bf552b2e99f02c3b0ebbe36d9dcd1959318,2024-10-10T12:56:30.817000 @@ -270960,7 +270961,7 @@ CVE-2024-4983,0,0,b82ab4bc704d323c7d9f24e0a3641c93b0503dba6a5392acd5923000e9eef0 CVE-2024-49832,0,0,391e39e7c5b3e995146e5c9a1ef83712ccc04ea31043b019d156c859ce3b56e4,2025-02-05T16:01:09.627000 CVE-2024-49833,0,0,329298065bd1bb3d724e94c1deac431743ff5a22858b998a02d9a56030763581,2025-02-05T16:01:01.780000 CVE-2024-49834,0,0,b4f95628a52aac961e7bbe4a6f241fc7f4346fc4867395a783a39604f3de43eb,2025-02-05T16:02:02.183000 -CVE-2024-49836,1,1,28c7d7cad4098d184fe691cd490c44d22c87cc0ae39c3e4ace3ca16ecc068eef,2025-03-03T11:15:12.923000 +CVE-2024-49836,0,0,28c7d7cad4098d184fe691cd490c44d22c87cc0ae39c3e4ace3ca16ecc068eef,2025-03-03T11:15:12.923000 CVE-2024-49837,0,0,44c0adc79a1133ef0cbafd5e3b95fe7c89090e533d5628dee2688fd57953cb25,2025-02-05T16:02:51.587000 CVE-2024-49838,0,0,10eea15eb9bc1e1b66fb4d58e05a766814d469a560b08490c060ef06fde08f69,2025-02-05T16:02:40.720000 CVE-2024-49839,0,0,e4adae2e6a6fd99d4a1ef07f5bb8c358f7fb67c7e6ba84888990afb4dab67568,2025-02-05T16:02:33.117000 @@ -273297,23 +273298,23 @@ CVE-2024-53006,0,0,9319c5ef0bd10ec00679ded4a4ad11e13d0be340e712e774cbfbbe0a53824 CVE-2024-53007,0,0,7ba22a6b4032cf25f35c1ef00a1f90b930f980bf5515302c33e7724c5430a878,2025-01-31T08:15:08.157000 CVE-2024-53008,0,0,36a5b7477386f9a2d6dcbfd20d0c70ef83d1d8823020ec6fd4bce6966412829a,2024-11-28T03:15:16.363000 CVE-2024-5301,0,0,9944435231e4232deb9644b6756c62dd37aded32278d6910acfd86a9fca6bba1,2024-11-21T09:47:23.327000 -CVE-2024-53011,1,1,e1f34a1f7df90b4961815a2b95750208b0b9d26214555cebba7c6ac161921917,2025-03-03T11:15:13.080000 -CVE-2024-53012,1,1,f829f2be2897b05770fba117015cdc095129f5aca857f32e3d3e206b67416909,2025-03-03T11:15:13.280000 -CVE-2024-53014,1,1,1b100e7b4bb4a47bbbd893ecd270a4054f52891759d07cd8648a6711e2de741f,2025-03-03T11:15:13.450000 +CVE-2024-53011,0,1,6541fabf7a5e7d0669e1f4c44e5c4716c7ec9d8cf2120ac219f149b9e79ccc2a,2025-03-03T13:15:10.853000 +CVE-2024-53012,0,0,f829f2be2897b05770fba117015cdc095129f5aca857f32e3d3e206b67416909,2025-03-03T11:15:13.280000 +CVE-2024-53014,0,0,1b100e7b4bb4a47bbbd893ecd270a4054f52891759d07cd8648a6711e2de741f,2025-03-03T11:15:13.450000 CVE-2024-5302,0,0,82745a56882a5e93127da6843cc252c1f39f5e3b6031b0cf4b30203e7450051c,2024-11-21T09:47:23.453000 -CVE-2024-53022,1,1,f177c41324eff2bf482aabc50e6cf5d35ee757fb36103415c50085efff600024,2025-03-03T11:15:13.630000 -CVE-2024-53023,1,1,612b784a0b4449dafe1a79ca5c35a38d27ba32c15da36d51b12329ef573d438f,2025-03-03T11:15:13.777000 -CVE-2024-53024,1,1,d72f9e9501c8eb18133dacda279514c4b5f0a02c7d6a31cb29a2032a20014a83,2025-03-03T11:15:13.943000 -CVE-2024-53025,1,1,9e2989e8573602fe84f2753811873e25e43e802c66d4a994bccf008d19a04b11,2025-03-03T11:15:14.120000 -CVE-2024-53027,1,1,c8e44b28ea654bc7c92442d8f98564f498be31e1c6ff7586fe41363c0f0891b1,2025-03-03T11:15:14.290000 -CVE-2024-53028,1,1,1adb2bc3a9fffb0f3270ec1a52d1282da84ff633e0579fcb5f081c5602eab4bf,2025-03-03T11:15:14.460000 -CVE-2024-53029,1,1,6b15739cda1fd16dc50d37e7b0bac1f5ddb8ebcde19352cac213a642e632c56b,2025-03-03T11:15:14.617000 +CVE-2024-53022,0,0,f177c41324eff2bf482aabc50e6cf5d35ee757fb36103415c50085efff600024,2025-03-03T11:15:13.630000 +CVE-2024-53023,0,0,612b784a0b4449dafe1a79ca5c35a38d27ba32c15da36d51b12329ef573d438f,2025-03-03T11:15:13.777000 +CVE-2024-53024,0,0,d72f9e9501c8eb18133dacda279514c4b5f0a02c7d6a31cb29a2032a20014a83,2025-03-03T11:15:13.943000 +CVE-2024-53025,0,0,9e2989e8573602fe84f2753811873e25e43e802c66d4a994bccf008d19a04b11,2025-03-03T11:15:14.120000 +CVE-2024-53027,0,0,c8e44b28ea654bc7c92442d8f98564f498be31e1c6ff7586fe41363c0f0891b1,2025-03-03T11:15:14.290000 +CVE-2024-53028,0,0,1adb2bc3a9fffb0f3270ec1a52d1282da84ff633e0579fcb5f081c5602eab4bf,2025-03-03T11:15:14.460000 +CVE-2024-53029,0,0,6b15739cda1fd16dc50d37e7b0bac1f5ddb8ebcde19352cac213a642e632c56b,2025-03-03T11:15:14.617000 CVE-2024-5303,0,0,3ed489db17064b2aff86e9a31b51d53d757813a529fdb6ed7379a772174cd7ec,2024-11-21T09:47:23.590000 -CVE-2024-53030,1,1,46a31f505a0390fe8a3db49a37d6e8235d6cbab03dfc3d38930d81b559b8fe66,2025-03-03T11:15:14.770000 -CVE-2024-53031,1,1,357fcca442b16c2ac8f09d220ac1fae5c9ada136b4f094a0b52d91313d8b79c8,2025-03-03T11:15:14.920000 -CVE-2024-53032,1,1,cd96785067ca1fe7674baef28fef336e72b3fcfd5c380bcd43c524ac506de62c,2025-03-03T11:15:15.060000 -CVE-2024-53033,1,1,908d0b10e322c27894b894caa4ddb936c11da6d047ebabc5fd45b747bed686cb,2025-03-03T11:15:15.203000 -CVE-2024-53034,1,1,aaf93e4ab023f4d9a9900d8d471ffa2a7cce9d3792289f2419133e600c5cb1ed,2025-03-03T11:15:15.360000 +CVE-2024-53030,0,0,46a31f505a0390fe8a3db49a37d6e8235d6cbab03dfc3d38930d81b559b8fe66,2025-03-03T11:15:14.770000 +CVE-2024-53031,0,0,357fcca442b16c2ac8f09d220ac1fae5c9ada136b4f094a0b52d91313d8b79c8,2025-03-03T11:15:14.920000 +CVE-2024-53032,0,0,cd96785067ca1fe7674baef28fef336e72b3fcfd5c380bcd43c524ac506de62c,2025-03-03T11:15:15.060000 +CVE-2024-53033,0,0,908d0b10e322c27894b894caa4ddb936c11da6d047ebabc5fd45b747bed686cb,2025-03-03T11:15:15.203000 +CVE-2024-53034,0,0,aaf93e4ab023f4d9a9900d8d471ffa2a7cce9d3792289f2419133e600c5cb1ed,2025-03-03T11:15:15.360000 CVE-2024-5304,0,0,220f673e6cb9d2e204d0cc75d5c684adf0f056bcbae146fb7d849c2cb8da986e,2024-11-21T09:47:23.727000 CVE-2024-53041,0,0,456440e676aa5cc745c0e9ea48e0e7a8eca5985383615cd66884e1837b6728ed,2024-12-10T14:30:46.507000 CVE-2024-53042,0,0,d7e0d4c1a2c730be549db3ae70702c5a27a3ad932f1d5de3c69038d87b197c91,2024-11-27T21:09:40.700000 @@ -274128,6 +274129,7 @@ CVE-2024-54171,0,0,76fdd9d793c7b352d23e0d64a823cd883e5b81bbb06d5f2cffeb90d9ca778 CVE-2024-54173,0,0,00cfedbefa545cfb7f51fc181eaeb6b327672deee2effac2489357215df8fd22,2025-02-28T03:15:09.357000 CVE-2024-54175,0,0,c1e7728d62bcc6a90f42056250e43b1315e91328a6c3f1d3dfd9c3fe31c3d839,2025-02-28T17:15:15.487000 CVE-2024-54176,0,0,5463f590e796ae65427debb4e96d6df8b03f447d67021c1f3c7471918becbe24,2025-02-08T17:15:21.643000 +CVE-2024-54179,1,1,106483972fb2922e31461a6225a30434b369effc09cdffc6d0f668a1291894c2,2025-03-03T14:15:33.960000 CVE-2024-5418,0,0,c3b6dacc234cf8a9c6de6913d07caa1810e24ada600d2b1f8edeb26c6b62184b,2024-11-21T09:47:36.970000 CVE-2024-54181,0,0,45bad33d373e7dca4c705e8d7f190d9cc110f08937ef6a2be63d00cdd251ea54,2024-12-30T14:15:05.867000 CVE-2024-5419,0,0,bf78f58706f13dc16fbd00574fc12a2ad63186889150404f7c80cf6aaa4041da,2024-11-21T09:47:37.083000 @@ -280159,7 +280161,7 @@ CVE-2025-0471,0,0,9169e9b54a074f1e0d8f97ed160fc9e64cab0efe853cd7456e368c08c8fa76 CVE-2025-0472,0,0,0f40580898fe8da8d58e11b525a8aafe4140ddc85dd699a671742e2ebf135a96,2025-01-16T13:15:07.353000 CVE-2025-0473,0,0,1dd10a9273539100ae454eabb570ef30f5a1ca54c056c49681717a1070ea05e3,2025-01-16T13:15:07.540000 CVE-2025-0474,0,0,82177afd4a03f9b6718aa062961dc28425e1582c17c2ed083ad764687f417f46,2025-01-14T19:15:32.930000 -CVE-2025-0475,1,1,6e704839208407296d53050954eef09211034b27cb1a8f4fc5dd3b8adcf63321,2025-03-03T11:15:15.517000 +CVE-2025-0475,0,0,6e704839208407296d53050954eef09211034b27cb1a8f4fc5dd3b8adcf63321,2025-03-03T11:15:15.517000 CVE-2025-0476,0,0,fac19eeb41e69ef9b9ba32b4e73c5aedd599dc2dafbcc6b1f4512a698dd08737,2025-01-16T00:15:25.217000 CVE-2025-0477,0,0,1d2c7ee2848c276d12d41f37ad7b73e6dd2826f71da2d7cb5a1d643051eaef77,2025-01-30T18:15:31.893000 CVE-2025-0479,0,0,2519d0225470d49a1589a61611ed9a2d77344f18032b639d511518af5dfff43b,2025-01-20T12:15:23.563000 @@ -280635,8 +280637,8 @@ CVE-2025-1231,0,0,53b09d0e70e608d42ef2315cf58b2a0031ad64c29b00c44d026df29aef3338 CVE-2025-1239,0,0,6187788ffe5fd6000cc24d081f477dcae5b0ef59871d160b3ff23ee25b818501,2025-02-14T14:15:32.687000 CVE-2025-1240,0,0,363ac0ec488e57d295d78c481b595c1c1507ba076f5813d8f4f20530988afa84,2025-02-11T22:15:29.800000 CVE-2025-1243,0,0,b36908327b1b41fa664c4a39c71934592fd1d75bcc40ba67f7d64ed64955da7e,2025-02-12T01:15:09.073000 -CVE-2025-1244,0,1,0ae76203740f379d7903882ca8506bd3e442f9968d35d8da5cd8a7c6ae871553,2025-03-03T12:15:34.453000 -CVE-2025-1247,0,0,076ebdee060c0d22b647df1a0cc091510262713de157cf89796199eeb4b4a429,2025-02-27T16:15:38.390000 +CVE-2025-1244,0,0,0ae76203740f379d7903882ca8506bd3e442f9968d35d8da5cd8a7c6ae871553,2025-03-03T12:15:34.453000 +CVE-2025-1247,0,1,413d4bcd6e00b55487b15f2b541fa31d8a6169438afa6345f0107f85b8ddc727,2025-03-03T14:15:34.120000 CVE-2025-1249,0,0,f9cf8228939f75e3961b7ce63e2e103ee292f920596572fc4d2ff4b8583fc869,2025-02-26T15:15:24.470000 CVE-2025-1258,0,0,e60d49e74992453b0cd2d8b93f0bc7a60901e2447adb1d6d0cde7627e3bb44f5,2025-02-20T18:15:26.217000 CVE-2025-1262,0,0,b2387eb6dd825b4bc22b3213ef83d0e48b91556ac3dffc3cb635c9915a53a643,2025-02-28T01:30:32.830000 @@ -280788,7 +280790,7 @@ CVE-2025-1617,0,0,5699c11babf41c6523a7b468d5f93f623e40fad3886f2c2564d3fbf01bfd5a CVE-2025-1618,0,0,26805ff186a34eff816cd1df89880ebc77e7548d77ce085b3162d114680f02ff,2025-03-03T07:15:34.730000 CVE-2025-1629,0,0,98e40b68e5632eb91f4db527ca6594bcd0a0e66070641abd7d2f14eb9bdef0c3,2025-02-24T05:15:11.280000 CVE-2025-1632,0,0,28fe99b7a4053d94bf92a115fabddf2bf6f2fcf0d6264d4d013a0dc1f70735ec,2025-02-24T15:15:13.217000 -CVE-2025-1634,0,0,29f3957e0a85b3b8849afab5bb93f47350a7407e4de4941bc376da929d054d05,2025-02-27T16:15:38.500000 +CVE-2025-1634,0,1,4cd063c32518b09ae8b07ad657bad146c97cc4d931f5189e3d631a7cc1d23de7,2025-03-03T14:15:34.237000 CVE-2025-1638,0,0,73f08267213d85fae6cfc79fe8ee252b893947fe65424e2f84e6465aca895ec5,2025-03-01T08:15:34.167000 CVE-2025-1640,0,0,a0f8f210f37587375db5b38f353b81a59e9ce28e661d11d8fbd0998061d8e8e7,2025-02-28T01:55:41.530000 CVE-2025-1641,0,0,298e7bd3f12e0ff5b9a9caf6661079e526cc4d770741d969c699c4454e05db34,2025-02-28T01:55:41.530000 @@ -280892,7 +280894,14 @@ CVE-2025-1859,0,0,cec2bbe4b5d2e118568321075753819d0891b3b13ef499b00197d732171540 CVE-2025-1864,0,0,5dcde85bed1ed1221f07f6484eca3855203db58c6f1815d82cefcaf7b5c07293,2025-03-03T09:15:39.210000 CVE-2025-1866,0,0,d0afd76161369e92718a3d901fc0c2664a4a6cd4b550406fdc5521568f9355a3,2025-03-03T09:15:39.370000 CVE-2025-1867,0,0,8e365b83cef7b7a5f391f2005dcb9922258f062cedfa81b30500ba43743068fa,2025-03-03T09:15:39.520000 -CVE-2025-1868,1,1,458001b298730476004eac6d19a8af50c907ad4cd889604956695720bc492f98,2025-03-03T12:15:34.610000 +CVE-2025-1868,0,0,458001b298730476004eac6d19a8af50c907ad4cd889604956695720bc492f98,2025-03-03T12:15:34.610000 +CVE-2025-1869,1,1,df9c95b44e07458e5f9a21b8f55f38f353fc7d7464128287c3750662cc4dc984,2025-03-03T13:15:11.950000 +CVE-2025-1870,1,1,ec2447eb860d428bcdde6cc9d67768e226988e46b235314e330268beae20d39f,2025-03-03T13:15:12.113000 +CVE-2025-1871,1,1,60fb251a3f22644a12922a83e4155ca02e9ea9d7f15aaa470fc49710eceb83f1,2025-03-03T13:15:12.253000 +CVE-2025-1872,1,1,37d85e8c5e628c1acd5202959187915e2c659fa3bf0379a3a04d86d535bc5394,2025-03-03T13:15:12.400000 +CVE-2025-1873,1,1,e1c282e5ad730be363eaf77efd9ada11d8c28125c103f5c76eae6f3dc74ed906,2025-03-03T13:15:12.547000 +CVE-2025-1874,1,1,aaac5f5bbefa513f1f275c65a81e3107f76733903a225b9b994a8887fc4365fa,2025-03-03T13:15:12.693000 +CVE-2025-1875,1,1,05a3bf51a95148d04bc21a250ccef05a1148e7afa6764429679a636a04f327f8,2025-03-03T13:15:12.837000 CVE-2025-20014,0,0,f4fd1db051e4652a5d7e7863a21c37faec75062d4b5ce0e4f2c6bffc2f3ee854,2025-01-29T20:15:35.207000 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000 CVE-2025-20029,0,0,d9e3ca63dc18f9436b5043ebae0bcb543cc6452f75921963fed59e1df065c2d7,2025-02-05T18:15:29.573000 @@ -281013,12 +281022,12 @@ CVE-2025-21106,0,0,f21695bcd3dc50ebb62318d228568a1613cd20d1a89ae6dcd1f4af03df1c2 CVE-2025-21107,0,0,0827735892f4001f988a0739aad719c8ee1fb9144fe1da312da1da34f24b5ce6,2025-02-07T20:01:14.760000 CVE-2025-21111,0,0,36449c466fabe660f3fc2f10d8992e6a7d9c5e3d2cf72d3dce2cc840c6da552b,2025-01-24T19:11:42.417000 CVE-2025-21117,0,0,3c59ddab13aed7617d82cbb9fbab3c190cbfe8b424cc570d2e879fe06ca6cee2,2025-02-05T14:15:27.417000 -CVE-2025-21121,0,0,f5800ef96e6976ad9202df90509c317082025eba51c80f91a2fa94cedef5d4d4,2025-02-11T17:15:23.673000 +CVE-2025-21121,0,1,1697e078ff9a5405d9a543461696c63d50506a646e18e458652be622eb5556f4,2025-03-03T14:54:17.487000 CVE-2025-21122,0,0,969e44e0224fb47d95b87aed16b2a93d9ca09db3ac6fe7fd40cad9e935dc7db9,2025-02-11T14:47:41.453000 -CVE-2025-21123,0,0,d6524f4425bc6a077fe447a3fa20893b27ee3c37346484a9118497b66d185713,2025-02-11T17:15:23.817000 -CVE-2025-21124,0,0,57359a3e5f14a0da7ae9d3e9c2bea15db33f3c17f1425e7cf92aad9b4238cb7b,2025-02-11T17:15:23.950000 -CVE-2025-21125,0,0,fa718f46f0b263d40ba5d78dd5655c2437cbee89fbc11f2269d3e77a21b02dfd,2025-02-11T17:15:24.083000 -CVE-2025-21126,0,0,b1a68d3b050b9d60331e4c186e6b74927ffc34130ac168fe77ced33154221de9,2025-02-11T17:15:24.220000 +CVE-2025-21123,0,1,0be58033a62e1c138323b992604392193cd26a8c4f221072c6847ce8703ed4eb,2025-03-03T14:54:17.487000 +CVE-2025-21124,0,1,a1a7e83312b961c5113a27a02b70f96e57672488df57c7b254baede6bc9c75b3,2025-03-03T14:54:17.487000 +CVE-2025-21125,0,1,2085036ee88cc7dae32e85459d5d61fe33cd30061c06d49692756f74a313bf81,2025-03-03T14:54:17.487000 +CVE-2025-21126,0,1,10ba9f2eeb85ed246290b21f0c7e73660020f9c493ce656be1411dab877e2992,2025-03-03T14:54:17.487000 CVE-2025-21127,0,0,6ca3d8cc02cdac3fbe512e4c8a13fe7008821b139ef240ca0adb0f0fb4680f8f,2025-02-11T14:55:09.333000 CVE-2025-21128,0,0,40945503866b9130c6c67e813bc72623208ffdfcd3f68f3f78dadfd34ec95930,2025-01-17T20:37:35.437000 CVE-2025-21129,0,0,e461eb72d0798775b4431b992e70379c16a549ecff183ae810c30304f7444aa5,2025-01-17T20:37:33.603000 @@ -281034,8 +281043,8 @@ CVE-2025-21138,0,0,9175fd36c28710bcae9acb351f078e58c4e36962afaf9695ab07299ddfe97 CVE-2025-21139,0,0,2997f9c80c926e4a0ccbf0529ea4d9ee2a8d2178744e4927ee6a077f342903ba,2025-01-21T17:50:10.023000 CVE-2025-21155,0,0,1ee49d33bfabef78343cc7af8c527cca0e5a2529c9eaeeb2555c43789cd90432,2025-02-11T18:15:27.583000 CVE-2025-21156,0,0,3dee0f6c65f1bd094a761214b4f97ccdafcdcd8576589694bb708cf58dce07fd,2025-02-11T18:15:27.787000 -CVE-2025-21157,0,0,5cb9ad2889649961dd4489af4b0599f00866d5ffbc60c84996532ab5ac24f85b,2025-02-11T17:15:24.353000 -CVE-2025-21158,0,0,89ef7224cec3049806850c243a78799de8d87aae1f5b413021313a042f618e54,2025-02-11T17:15:24.487000 +CVE-2025-21157,0,1,dc11ff4b6b9e18e8b723fd7cd41934447880c05424133b5ef5cb6054de515224,2025-03-03T14:54:17.487000 +CVE-2025-21158,0,1,68d9b59f620ec5478dd99f17f5a82d6ee9d79b9f8dce8ee154ea0f44bd83c1b3,2025-03-03T14:54:17.487000 CVE-2025-21159,0,0,a9ac97f778d3919ed16980e049dcd2cfb997abee99305add810e8411b6f150c8,2025-02-11T18:15:27.977000 CVE-2025-21160,0,0,b298e9dead90b56d68690fe8f94f6532c5140473ae9644b8fc7d33c5fbd6d42e,2025-02-11T18:15:28.163000 CVE-2025-21161,0,0,1b902802049c73c55ff4a183777bbf90477f90dc91e3054767f24f30480cd2e1,2025-02-11T18:15:28.347000 @@ -281268,7 +281277,7 @@ CVE-2025-21417,0,0,2747c56c84381d3763059eec5080d6fa07a433b2e87fb1f1180b0a0554555 CVE-2025-21418,0,0,286c461de95fba525ffd95fe19188a97b0613df56bf1afe14ca9be4aa494d718,2025-02-12T18:14:34.870000 CVE-2025-21419,0,0,acdb4d37a32faa1cb0f65f0fbb7358475e2deb811438263e59eb8f6bcbeca8e1,2025-02-14T17:32:53.087000 CVE-2025-21420,0,0,32a7e46f27d290c0e9a5b92e079c0424752a30e3cfa9e5d424062d7af6a66d41,2025-02-14T17:36:09.683000 -CVE-2025-21424,1,1,5c9471e28234dbab18e927efd99e742958314e8bc729f87158cd8358d147a526,2025-03-03T11:15:15.810000 +CVE-2025-21424,0,0,5c9471e28234dbab18e927efd99e742958314e8bc729f87158cd8358d147a526,2025-03-03T11:15:15.810000 CVE-2025-21489,0,0,5d30c3b0acc3ddba1057df1a4f29e61d74be0ae611271efb1a2a3c05a60a8cda,2025-01-23T20:15:31.630000 CVE-2025-21490,0,0,7a3c0e9682e0e86e8a6979b8cc982eeb2dbfde70e212f3862711014520efbfca,2025-03-01T13:15:12.020000 CVE-2025-21491,0,0,6076cb457888ed12bac407cf717ae74e21970b3745c710f624ec3aea8e6322c5,2025-01-23T20:15:32.030000 @@ -282180,6 +282189,7 @@ CVE-2025-23421,0,0,00e828297d8c47e57ba7a8d1a3f41d7d51541a2cde4acbd6d1a3d704f1af2 CVE-2025-23422,0,0,02fa1caf24a4eabe3a7a82363ae4ebce4a671b3054c1ebfa03694d43e05e5f21,2025-01-24T11:15:09.987000 CVE-2025-23423,0,0,9f2a3a8c7b19b98ddcb037c2f429da3cdced4a5dd5f2091389a187de7a6bb398,2025-01-16T20:15:33.573000 CVE-2025-23424,0,0,1257350394b4c232bb2fdb6b8eb342a15971b1159fa19176ca3462575142791d,2025-01-16T20:15:33.723000 +CVE-2025-23425,1,1,776ef5cd2699d91e4c54da1588612f90cb247cc5e70e1b80bdb21610657b8c25,2025-03-03T14:15:34.600000 CVE-2025-23426,0,0,2229e7d1ff76d0c5e969c3251982ab349229fc474aaf0fa42cebd6f9eb1f7a85,2025-01-16T20:15:33.877000 CVE-2025-23427,0,0,1ab1fc81c6d9ecd522651b87bcc6522c6506303e1906de8f32583cb95508df8d,2025-01-24T11:15:10.140000 CVE-2025-23428,0,0,0933c655ffc4826ad6a9bae1408067074f41d57f71628a4f0c9688d55f588b8a,2025-02-14T13:15:43.160000 @@ -282187,14 +282197,23 @@ CVE-2025-23429,0,0,2e8256da44ff61177c4f2a5d237cc05baadd69659454e348a75499c81473e CVE-2025-23430,0,0,d6a6f32e23dfcc5842a2f98f2cef617f4db5d83551088778a76b915d16293a79,2025-01-16T20:15:34.287000 CVE-2025-23431,0,0,7bf90ba4dc8c9a49a35700f3e925d5c3fe575a48b0411f9f0ff3561fc0ae270b,2025-02-14T13:15:43.300000 CVE-2025-23432,0,0,e754a47d3de4a683f85700167b4d6315e5e70c68f0936fe6c95c5e783cb9730f,2025-01-16T20:15:34.467000 +CVE-2025-23433,1,1,859e940e5ed2a0c28c2b4a9152cdb27f3cb3e08d849db99b9876de69ee7dcd97,2025-03-03T14:15:34.750000 CVE-2025-23434,0,0,f44f7ad85e29b672c8bca7ccf3a8ff077acd5c80e8883e15c08b84c2d2d93953,2025-01-16T20:15:34.607000 CVE-2025-23435,0,0,6945949396459e98e52f3a5c95f90747ab0b3d87702a11bee1fbbbd38b17e9e7,2025-01-16T20:15:34.770000 CVE-2025-23436,0,0,08242c4461d18884c3a6e4bd2512fa98787dc7ff698cde97d27e848859dd0948,2025-01-16T20:15:34.920000 +CVE-2025-23437,1,1,1dba3f4017d14d54bc85372e3f9a2970291cdaa6036ab2d22149a1778040d687,2025-03-03T14:15:34.890000 CVE-2025-23438,0,0,d5b99d41ae258b81c318d76badc751e3c16a7fbfb5848a85ee9570d47579e418,2025-01-16T20:15:35.067000 +CVE-2025-23439,1,1,8a6105272fe8a9231d3cbd32e9e2742fbaee8e992e9c9ee023be5e59d55e724b,2025-03-03T14:15:35.047000 +CVE-2025-23440,1,1,b107a4accc82a611bc39d34fa1902f9a2b64f7bdb9fd4acff6c23a05ef368878,2025-03-03T14:15:35.217000 +CVE-2025-23441,1,1,7a8215af6b3c4481d445066d256aeb3798a416549be84ce621fd4a671e5eba9c,2025-03-03T14:15:35.360000 CVE-2025-23442,0,0,ff778f6541faf895ad64165d80b689e528bc89a7807a8adddefabde77d4edffa,2025-01-16T20:15:35.210000 CVE-2025-23444,0,0,bd139aa5f0d5452b293e56da4268a8dc616b5f5ec3a0335035b071fc8609deb1,2025-01-16T20:15:35.360000 CVE-2025-23445,0,0,641133bc0863203a2790eaa4ca8b7599bd8c7c6922be0e426f2e225feec309f9,2025-01-16T20:15:35.513000 +CVE-2025-23446,1,1,8e1f03e8ce7e99a635690667d9ce1eb994ed62ee78b58873adc50f38726c1fd8,2025-03-03T14:15:35.500000 +CVE-2025-23447,1,1,d227f79c46843b7194a6085aa00d372f650b2d1351072fa04c3d617464b938ae,2025-03-03T14:15:35.637000 CVE-2025-23449,0,0,9861de2bb02130e19fdbef202b482545d141110bfd57643033355d06e9dabdca,2025-01-22T15:15:15.650000 +CVE-2025-23450,1,1,8e79e74aad39485efe37c99e8f276cdd147b952b9b4d3411f26200daf0d82f1c,2025-03-03T14:15:35.780000 +CVE-2025-23451,1,1,61c2997ec25a5c44d3f2247f7d867750e0cd13f52958f08bc6bf0d727c03b556,2025-03-03T14:15:35.920000 CVE-2025-23452,0,0,9ae20555b511c9e710c7a052682906033b9071856145809833c544b191d171ae,2025-01-16T20:15:35.730000 CVE-2025-23453,0,0,559af2b40776602b954faf6eb051d0ee733c24375fc61f4efde0fb69b854694c,2025-01-16T20:15:35.883000 CVE-2025-23454,0,0,ace1a82fe5cff36bdca7766343683a02cd2df950eb3a0de3ea36f28eddda747b,2025-01-21T18:15:16.223000 @@ -282204,25 +282223,45 @@ CVE-2025-23457,0,0,986871805bb278c802f2d565eaf70f336dd71bac5bf52dcdc838d471378e5 CVE-2025-23461,0,0,98b2580e5c2e45a2882850561564e0c4ed549e275719c2e53782b2517aab4e0b,2025-01-21T18:15:16.387000 CVE-2025-23462,0,0,f1d946acd1b6b97ba142139f225fbf51751f08a101be4aaf7927889e6462f843,2025-01-22T15:15:15.800000 CVE-2025-23463,0,0,98d57f4a46d47d157b5ed19edc615443bfb511b5852b7cb0045c98e9789a1faf,2025-01-16T20:15:36.397000 +CVE-2025-23464,1,1,51275e059d100e8eeb35bb095aabb54f2ab1cf74895a3ada90d11d49346a29ca,2025-03-03T14:15:36.070000 +CVE-2025-23465,1,1,a24e893a8d415e3d4a72405bab4da32daf81cd1cdf1e89e4475a41bb768b0257,2025-03-03T14:15:36.213000 CVE-2025-23467,0,0,2bf367475f14e1f3924f0a4f22a4aea1a79671e1b9e87972e80793a0f370189e,2025-01-16T20:15:36.547000 +CVE-2025-23468,1,1,021e63170f574343a035a9f83f4b3bacb0e6d978549f5df13f2b7b7ac5cb8a16,2025-03-03T14:15:36.357000 CVE-2025-23470,0,0,8848375424af5ed790014076bbf48be372e428fab979e2d67fe4f034138fca32,2025-01-16T20:15:36.700000 CVE-2025-23471,0,0,8559e2ce78e3acc0fab057aadfea445292e3f0c4980827d748c143f09c30fffa,2025-01-16T20:15:36.840000 +CVE-2025-23472,1,1,d36de8d4b5fc3f88b41ab0c424997ed66584e93d282bba5f3148107452609ad6,2025-03-03T14:15:36.497000 +CVE-2025-23473,1,1,80ee5781728700cb844e63c908ff0288d1b010432d5f573abc635ae52cf731cd,2025-03-03T14:15:36.633000 CVE-2025-23474,0,0,a02808e4c68d13b02d1616048eddca8fc77a2c4ef44943542d39c6eb994f3379,2025-02-14T13:15:43.437000 CVE-2025-23475,0,0,bee00c7417c73e1b37a63fcab4cee0ea39305a10e2073977017caf018a8c6266,2025-01-22T15:15:15.950000 CVE-2025-23476,0,0,2e73d00e315595f7a053681ff301d905967319719056a5b9f811682d4d934c03,2025-01-16T20:15:36.990000 CVE-2025-23477,0,0,5c6098808319de4505951baebf1a586e4793ae0be4627c3cf65438e22beac475,2025-01-21T18:15:16.570000 +CVE-2025-23478,1,1,28404eaf90a198352782f14695a607dd56ce6fff7fdeaf7f59f269bc7ee9e022,2025-03-03T14:15:36.777000 +CVE-2025-23479,1,1,0cee4dc76a1a131d5be29ad339cc849c04ded1fcde4663831f1b232293ff4b71,2025-03-03T14:15:36.920000 +CVE-2025-23480,1,1,0edfc246655fab231ff561c54ff3810b8403f4ae865e4f60d98a084bced56671,2025-03-03T14:15:37.060000 +CVE-2025-23481,1,1,6337cf0e0bee41261fa6fab7e6dc6d0985c31984e401f62a13750d94f439d57d,2025-03-03T14:15:37.207000 +CVE-2025-23482,1,1,031725e3e6a371e698fd503678e379913ef813dcf0d0061fbe350d946a2cfa6a,2025-03-03T14:15:37.367000 CVE-2025-23483,0,0,4bc6ad2f14d9de9a0797c4da2efee9475ed740963c9329c34f76f07dc090372d,2025-01-16T20:15:37.133000 +CVE-2025-23484,1,1,7b4eefdf5d05168d8b9202303a976bbc03aae78101bd1b787055f419973df825,2025-03-03T14:15:37.507000 +CVE-2025-23485,1,1,d718690a709e48da13eb0f78f78144f120d95c456b0fe72d6e2676784c5233ab,2025-03-03T14:15:37.647000 CVE-2025-23486,0,0,db15fe8e353e3dbb641397d86d33ed6d64f36b2de802bd430384278f6b43f617,2025-01-22T15:15:16.093000 +CVE-2025-23487,1,1,3803ff4c3e9d5b0fc23ad0a571b40c9e9b7e8a9b85989b4f2d386948a14ca28f,2025-03-03T14:15:37.787000 +CVE-2025-23488,1,1,420329744a3c03e031d46b9cfd3e8fac65a6ec0c08f29ba6183d1334eb8af38c,2025-03-03T14:15:37.930000 CVE-2025-23489,0,0,a8502fb4e83bb7ba28297e2543a85c84c18f12fcd380f120406bbfcdc0815675,2025-01-21T18:15:16.740000 +CVE-2025-23490,1,1,05cc7d73facbc0155b65e66b857d679feb2a92fc93155630e71e8d1225a1f7d8,2025-03-03T14:15:38.077000 CVE-2025-23491,0,0,b6e04909bb37731409bf7190d1070864f039d5a61566e683ba212ff3dd649d05,2025-02-03T15:15:20.640000 CVE-2025-23492,0,0,acff49799bed9b05d17cef1cd5fc93691c99856666ac52115fd66570fdfffd16,2025-02-14T13:15:43.573000 +CVE-2025-23493,1,1,dde86509a03016b635d6349083e602831d193cdcfbede15cafed2eaac6c88e83,2025-03-03T14:15:38.213000 +CVE-2025-23494,1,1,e6827600b96471245e97b6a2c41a235a0a7ed51ebc11a27e5b1b1ac10c0e1584,2025-03-03T14:15:38.353000 CVE-2025-23495,0,0,d9a0cdbb453046f78521503adb7f92c01ed64245a1eea664c6e0347d070f697f,2025-01-22T15:15:16.230000 +CVE-2025-23496,1,1,96a139c7901e37fff7ad92b3a4c105313d054312033d4732b97941c055afde82,2025-03-03T14:15:38.497000 CVE-2025-23497,0,0,e94acfea44c4d198d5a805782578eef8be632de6ca980583b81a625d10980e86,2025-01-16T20:15:37.293000 CVE-2025-23498,0,0,636b120a74cbfb3524538ea103d8fb93424975cb4826227d74647c0da497f2d4,2025-01-22T15:15:16.370000 CVE-2025-23499,0,0,18de021795ada6e9003ac109fee0e567e9be54c39a2e050c169b423a62e8fca7,2025-01-16T20:15:37.440000 CVE-2025-23500,0,0,194d70a41828aed88d1340c39622c2eea4fe93a355a56d82c66d50fb6a7ee75a,2025-01-22T15:15:16.500000 CVE-2025-23501,0,0,2ca3004ea38a2bebeea912643e9114dc05292b671294dc56e8b3bf1f4edc5f4c,2025-01-16T20:15:37.593000 +CVE-2025-23502,1,1,57210c137bd00a4d8992b795277f9fdfc995f1b161fcaf6308ccf7861c508e12,2025-03-03T14:15:38.633000 CVE-2025-23503,0,0,a685c9c4f4927638af5f76c715cedef873e7bce61122e0cbd7eb951b30bf668b,2025-01-22T15:15:16.633000 +CVE-2025-23505,1,1,16479f29363a7a3bc51bcd828cf2876b659d18d041a115a945609df3d96ca313,2025-03-03T14:15:38.777000 CVE-2025-23506,0,0,c9be5e900dced29876558d61ddea6e32ebbb9837210e04e3dd647c22153b41cc,2025-01-22T15:15:16.777000 CVE-2025-23507,0,0,0a853cedf08af37edfc3da70bdfadfbb2e39c9a98cf9dd3c61a677732671878f,2025-01-22T15:15:16.910000 CVE-2025-23508,0,0,790c1f1efcbcf318bf4001598b0da1f3fe803cd0e7ef29b63714b6cf9d49876c,2025-01-16T20:15:37.737000 @@ -282232,9 +282271,18 @@ CVE-2025-23511,0,0,996d3c261b7453d558ae9e3bf08bfd98e9228b013a71ca7506bf459ee4c52 CVE-2025-23512,0,0,e86f11dc0e50a02bdc0d99b58f1ba83ef676ca0586a75df06c6165a1959d5ab0,2025-01-22T15:15:17.160000 CVE-2025-23513,0,0,b49e0ef03f655c5857bfec7a9b723b31c64932dc8261d0e026a3117175ad4f06,2025-01-16T20:15:38.193000 CVE-2025-23514,0,0,34e07e624b89702dfcb5b7bfffc35f3e8691ecd3b879348a43ce40f20c111b68,2025-01-16T20:15:38.337000 +CVE-2025-23515,1,1,fe6d287120ad0cb188646d0f0839423cb0e43dbe8feb1859185a14a633362a41,2025-03-03T14:15:38.920000 +CVE-2025-23516,1,1,a229db43ffc0cd6bba919f1ede5efa9ed55384409e7e64c99869f0da4562dcec,2025-03-03T14:15:39.057000 +CVE-2025-23517,1,1,31e399fa5b5893537ca3a9c9f6cd97aee184eeeb15461d71d8d3a89122ad1c7b,2025-03-03T14:15:39.200000 +CVE-2025-23518,1,1,f47212f95df7cf1432b4d31f6bf53417148934b240b3f5e13f1f7e7224663633,2025-03-03T14:15:39.347000 +CVE-2025-23519,1,1,cd5226645f1061eb52d93a137d0e6ade79a5c5edd1a54587d2ef491bb9b55a11,2025-03-03T14:15:39.487000 +CVE-2025-23520,1,1,aaee63397f060d2a32ee69d64b6bdc97d138d2e01a27c178de74e9cea91e5c37,2025-03-03T14:15:39.630000 +CVE-2025-23521,1,1,3366c51bee7f83232d0088707c4975d9044ceb7e53c96466c829afb3ebc3a909,2025-03-03T14:15:39.767000 CVE-2025-23522,0,0,5852e7950af307e368eaa84dbad2a68c2fcedda8bde1f4b6e5689bc8014fb4d2,2025-01-24T11:15:10.290000 CVE-2025-23523,0,0,3182753044790694a251a399f6c27271978feff5b7992ca7831b3cc9ed976dda,2025-02-14T13:15:43.703000 +CVE-2025-23524,1,1,d215b4a502c5532289b76f024819f85fa0c5f686cf68dc85f2959c1757e5d43f,2025-03-03T14:15:39.900000 CVE-2025-23525,0,0,11d096f9acc047ed466a27477b08ef538eb7233eb59544741a419c468fe20c80,2025-02-14T13:15:43.840000 +CVE-2025-23526,1,1,433401119f55d7169d86f762b2acd9a87f6c34d352c3f8f05677f0c9e280bd4e,2025-03-03T14:15:40.043000 CVE-2025-23527,0,0,2616a2828036793cafecf099ff69e00f486a89855e414df730486d37d346642d,2025-02-03T15:15:20.807000 CVE-2025-23528,0,0,12168907b0864434d8a4020bcee1f63e4e5adfac10d77e79ea19c426fc40d9ce,2025-01-16T20:15:38.480000 CVE-2025-23529,0,0,b38c5bcca5430635b24ab570fbf9d55781bea0bd4a1b3b85f466b119ace5bddf,2025-01-27T15:15:11.813000 @@ -282244,34 +282292,53 @@ CVE-2025-23532,0,0,deffa93a5742d05598342f489a5313af6567bbdcc8641635c5652a151952e CVE-2025-23533,0,0,2feaf795f1df273221ac6faa2b92c08d09ccb79103144b0efc3eedd5b4158baa,2025-01-16T20:15:38.930000 CVE-2025-23534,0,0,88cd0535228a3872a7f2afe91715d13ee88adf4da45dd7ccb84fc0b2164e48f7,2025-02-14T13:15:43.980000 CVE-2025-23535,0,0,c4c4e7b4c3cb9320eaf3f6bf1ebb93064af87ea92072de8b0d212ee5158c55d2,2025-01-22T15:15:17.290000 +CVE-2025-23536,1,1,da84362109a9757d3d8e6e0fcf57b81bd74307bd67a4456669c394b58bb9e191,2025-03-03T14:15:40.187000 CVE-2025-23537,0,0,79e57ef42623bfacf08bcf48f182a917b206d07a7014897deba86aa5721ba1be,2025-01-16T20:15:39.070000 +CVE-2025-23538,1,1,eac0017601d71eb5f0e1f5f27df8c53345c83326e5228d8b84082777f18712e3,2025-03-03T14:15:40.327000 +CVE-2025-23539,1,1,2ddf234c0ebe439db2abc4da0776fc159d9a68695cfb165cd1cde4d4974d637f,2025-03-03T14:15:40.470000 CVE-2025-23540,0,0,575604080a7e41dafefd577008aef472e583d091e6d52248a1f21517385238a3,2025-01-23T16:15:37.577000 CVE-2025-23541,0,0,a1bc5006e3c889ba7c285bf5fa18384216ad56e7a9867f658d1b550cc20b4769,2025-01-23T16:15:37.737000 CVE-2025-23544,0,0,4ed653671a235a9aa2508fedc1a9b552630d378203557455d39060521497ae62,2025-01-23T16:15:37.897000 CVE-2025-23545,0,0,a51f95b294effe458db270d2606087be8df680dcb349024e6c23e9e2892cfe53,2025-01-23T16:15:38.070000 CVE-2025-23547,0,0,6f6ff07f3f424280073fce42bfdec78cd39e7aff8dc91e913640e544d32ed50a,2025-01-16T20:15:39.220000 CVE-2025-23548,0,0,e905040ef039a1c5ad85c3aa19f245ea1e7bac617283c354a7559da726c93724,2025-01-22T15:15:17.423000 +CVE-2025-23549,1,1,acffed497da37a07f5e7caf819d05355996e07afcfb9b6f545f3d8a5337215d9,2025-03-03T14:15:40.613000 CVE-2025-23551,0,0,e7126fb359d3cea65f3db6ed81dd450c90fcbee9b0dcd4eb99275aedc003ef05,2025-01-21T18:15:16.927000 +CVE-2025-23552,1,1,1bc4356567d261353e4d025cd70ef3ac00b81769f4afaf050903f6befd4c07e3,2025-03-03T14:15:40.760000 +CVE-2025-23553,1,1,e5bfd149325424aeee4a48bfdef7e05e1adae689b7e5ae5ccd3e4f8a96a6dcf5,2025-03-03T14:15:40.900000 +CVE-2025-23555,1,1,d7554dca3578a0661b61efd76e259ad4f0c153dc48a59729dae42069882b1022,2025-03-03T14:15:41.040000 +CVE-2025-23556,1,1,032b593f6c73c5ea0cc8280db0293ea41236fede98356ce5f8dbbdfccf696897,2025-03-03T14:15:41.180000 CVE-2025-23557,0,0,4948e4f74dc87131949549d056234a4050a760fc1ac3fba66738bd84c832aa2e,2025-01-16T20:15:39.363000 CVE-2025-23558,0,0,4291468aaa8c22c74e0bbb0da124051b4e99d0d01c1849f5de31eebeb38c94a6,2025-01-16T20:15:39.503000 CVE-2025-23559,0,0,f107280d0e32fb23f5905ab5f11f98c3b724795adfc26ea0537d5d8ff93e33a0,2025-01-16T20:15:39.650000 CVE-2025-23560,0,0,19b166e58f91145a20070e52b1a91deda6a79a11328a651eb2f155e7b5e396b0,2025-01-16T20:15:39.797000 CVE-2025-23561,0,0,dab2762c1dcf37050b4bf31dc30aa603b8a241d893f00d9a37f79c0f4ffda778,2025-02-03T15:15:20.957000 CVE-2025-23562,0,0,6516913ed80f1c2cc88fcb4ddf0a4ad7854ee1cade6aaf482ce8507c93182fe7,2025-01-22T15:15:17.557000 +CVE-2025-23563,1,1,e629bff27047ea8794be26c83e13bf4b4da1c5489e68f523eb37ce81d790de61,2025-03-03T14:15:41.330000 +CVE-2025-23564,1,1,68c232271bbedbf670ec90017b17d251cfe3f5490d28404b175cbdb5101c6153,2025-03-03T14:15:41.470000 +CVE-2025-23565,1,1,4743f5e4395637bed4805ce5f7a8284bc18263ebca93d4dae9328762d97d698c,2025-03-03T14:15:41.617000 CVE-2025-23566,0,0,88ff034c0930eb7962346da8f31a94b9eca19a480252f7930366050551ebf8fd,2025-01-16T20:15:39.947000 CVE-2025-23567,0,0,a5334e3a1104d1d3b6196126e4f57ba74f8e92384c039079a9ba04e3f6d27982,2025-01-16T20:15:40.090000 CVE-2025-23568,0,0,541d6e4ad43f8dba765299393aac14407144d095e5c8f6fed5ce69f6ad16e1ea,2025-02-14T13:15:44.123000 CVE-2025-23569,0,0,e1a856fd806178c29488dac0d174aee24c02bc663bf84b5b8e41189ca4debaaf,2025-01-16T20:15:40.230000 +CVE-2025-23570,1,1,ca0ce94e7c8465d0446c544895307aa53561fb5c84097fd9a25b24c0f1ec5dc0,2025-03-03T14:15:42.437000 CVE-2025-23571,0,0,3c56bf3d57cf36665f942829237cdd5ae4a799e329add61ae4a156fa2555e187,2025-02-14T13:15:44.330000 CVE-2025-23572,0,0,de6082afe4a128b0f4da24928b9919e3a956306fd340d20a91397a5cf127b9da,2025-01-16T20:15:40.403000 CVE-2025-23573,0,0,47a2bcb665ab1e714c4b6c92d3ce819a124f5bc1e2f376db1bb99620f62cdb15,2025-01-16T20:15:40.740000 CVE-2025-23574,0,0,693be34be21aa389e45f03519c1745c4eff22d58bf3f0cdd7ea8e91da34e3735,2025-01-27T15:15:12.123000 +CVE-2025-23575,1,1,a7035a5d332f1f8748762d43d71a8894880494c3768533a40bcdf92f8909a820,2025-03-03T14:15:42.583000 +CVE-2025-23576,1,1,387867185296d8ce21db4b977516d686563e9e63b7fe349b99670c19a24faf36,2025-03-03T14:15:42.723000 CVE-2025-23577,0,0,3b4af4e716479b74840f3095c9fd247d1229a5054ee21299e6427c4aa395d98c,2025-01-16T20:15:40.877000 CVE-2025-23578,0,0,ee4ac9c3f52bf3e6828c8c864df14edec5078c7df3f3b76d6589f390ffa3203c,2025-01-22T15:15:17.687000 +CVE-2025-23579,1,1,c104acf041e129106f4acd3689a26ba7d78d4d81b35dd4c8481fb47420853b66,2025-03-03T14:15:42.870000 CVE-2025-23580,0,0,59e55d87bb1152c0b33f0e647e86e7e0bf5bdb957c7b17144cb4b97c87ffc264,2025-01-21T18:15:17.133000 CVE-2025-23581,0,0,bc35ed047d5786198f6e128d27e7b196ca682c0b368829b214432cb7ace93e7e,2025-02-03T15:15:21.107000 CVE-2025-23582,0,0,bcf56c1128fe5fb16f6f62e87cab58a793b9ab7e1fa5b5a80aac7c3d8e216d4e,2025-02-03T15:15:21.247000 CVE-2025-23583,0,0,e21f7ebc8eadc98fa31158db089c466226187c1b0b465dd4d4999f0dc6169f33,2025-01-22T15:15:17.820000 +CVE-2025-23584,1,1,4910a2b8b1b6aa4f797e55681d0c14de0699cfba3e4eace7b7cb2c635f03fc46,2025-03-03T14:15:43.010000 +CVE-2025-23585,1,1,5f1f18cc3603b4a0e8e8d65bbef0949c7d09daf389aaedb4af3efe0df5529865,2025-03-03T14:15:43.153000 +CVE-2025-23586,1,1,517f8bd089415e5aa845e36c9134315425142115e952e2c4ef0aaf9f7531f0bc,2025-03-03T14:15:43.293000 +CVE-2025-23587,1,1,0fa0855ea9516df92d85dc94726b8f09b0ac04b43df608cd3c831e725486aede,2025-03-03T14:15:43.437000 CVE-2025-23588,0,0,1af785b53f96b533dd98e54c9538faf12bf881f9e8326bbe76cebae0df2f2322,2025-02-03T15:15:21.387000 CVE-2025-23589,0,0,d3031a8ecc47da689c7d4aa40556ddad0607753b3fab7ef3ba59900b081a00b0,2025-01-22T15:15:17.950000 CVE-2025-23590,0,0,a1b29954928b913e5e1f3b7417373cb35c52e2e53f225fb77d38e3813eec7e4d,2025-02-03T15:15:21.530000 @@ -282279,10 +282346,12 @@ CVE-2025-23591,0,0,57144ee3b3111be5ef28bb855d873168905d6e4b6236127ce8be58efe5330 CVE-2025-23592,0,0,72113ec191c460928b32408598ed5488110be2a104138ddeee61c6f405231b43,2025-01-22T15:15:18.097000 CVE-2025-23593,0,0,aaa3e68323492fd453c38c81980209bbeabeeeb1c6f76a55c668815c2570b7d8,2025-02-03T15:15:21.827000 CVE-2025-23594,0,0,cf7f1fa31ac3cd50b92d1b9320d9426ae367e4be88f52e990dc79ec7fc8b6b6e,2025-02-03T15:15:21.980000 +CVE-2025-23595,1,1,15fea72e6fcb1e12b271fa77df3b57b43b86ed9a25a14d612a55519ab97497d4,2025-03-03T14:15:43.580000 CVE-2025-23596,0,0,c0c87db7b414295d6b37258b125c64c14eac275967c68ddf6e89f0af7a37c04d,2025-01-31T09:15:08.060000 CVE-2025-23597,0,0,cea463851f9e84dc4dd23a6193771cbf7bfb7af0f728bfc9f3248f50d515c2f7,2025-01-22T15:15:18.230000 CVE-2025-23598,0,0,87481f230259bf6caff4cdd796ec6a829051223d809c1dd41ebae2488d0f51a0,2025-02-14T13:15:44.483000 CVE-2025-23599,0,0,d05df5cc8092b2ef3ad2303b9842c8e30b1f9b745e52850641df822505ef2a9a,2025-02-03T15:15:22.127000 +CVE-2025-23600,1,1,da19dba1f4515668b580937d182a2c248e97288ea57adc733bd4172051294eb3,2025-03-03T14:15:43.717000 CVE-2025-23601,0,0,46c1fdfdf28a66086beaafaaeea851de5230b874b48166effa2de17c132d6628,2025-01-22T15:15:18.363000 CVE-2025-23602,0,0,d30be2a2699442d6075f3ffc9305b161d70bfc2cca96a60dac61452b8d1a5a89,2025-01-22T15:15:18.503000 CVE-2025-23603,0,0,03b3dfe62fdddd69f8d3397c21e27be44f84664445f86ebffe6e93d45ccfdd9f,2025-01-22T15:15:18.667000 @@ -282293,9 +282362,13 @@ CVE-2025-23607,0,0,644891006442e903fbf179ad53f57553b3ae1706983005c3775a2cd73265c CVE-2025-23609,0,0,2d1ae51d827307d5688ebafc347a4adf6cd78f47bdcd33d55e01a23dfca2ac4a,2025-01-22T15:15:19.343000 CVE-2025-23610,0,0,0bcb81d57261851ef09d1ff4eef60d378fd3132dcc27872e262fb4f82499c82e,2025-01-22T15:15:19.473000 CVE-2025-23611,0,0,d85c3eaa2a359ab1dd0cf8fc2d813b125c4ab2ba5978c80ec826f8303b177a52,2025-01-22T15:15:19.610000 +CVE-2025-23613,1,1,09d4284c8d6475423b01c4ebdeeeb05db9f5293ee2ed8410398c5d9f402e198a,2025-03-03T14:15:43.860000 CVE-2025-23614,0,0,36691364b676964b65f6a3791ab255bbea85c7108423915a116f27407f31bc3a,2025-02-03T15:15:22.270000 +CVE-2025-23615,1,1,feaf6f854425cbddcdd30a3812aaee70f6441f1fb90174ab9993a34c1ac955a6,2025-03-03T14:15:43.997000 +CVE-2025-23616,1,1,cdfcb89939f719a8008cefb9aac6a5f424291262dd784af1e434035cd7a9cfc6,2025-03-03T14:15:44.140000 CVE-2025-23617,0,0,87ef3623aa25e2331adb93f67250ff54cd8c0a9d97a9df407392635eb142408e,2025-01-16T20:15:41.027000 CVE-2025-23618,0,0,2b70f46c9d14af7d7f45645689d4bdb93fcf0d60e0c8dbeddd3d561041eb97d6,2025-01-16T20:15:41.193000 +CVE-2025-23619,1,1,4be0325bf27002e8379bbf92b516495e56cba250ce104afb34b15be3e25ab2bf,2025-03-03T14:15:44.280000 CVE-2025-23620,0,0,09647c5f995fa9db6ccd9597829259959bc90db907c440ccec24baf4752a0b99,2025-01-16T20:15:41.340000 CVE-2025-23621,0,0,76c56932aa480b0fc9415f2edd066f133dc916597ec40062485884ecf9f068be,2025-01-24T11:15:10.473000 CVE-2025-23622,0,0,b75f71cfcaa0f43b25d0e7f5273a3ee797d4eb0107e9ade598483efbf15f330b,2025-01-24T11:15:10.660000 @@ -282309,7 +282382,9 @@ CVE-2025-23629,0,0,01b9b5cb6314ff066c0384dbc296f566c2de494bce7708202e96de9eafd12 CVE-2025-23630,0,0,eeae9b548f90cb80fe09928d6af68398fad99a026c84c09866f64bbbceca5e8f,2025-01-22T15:15:19.877000 CVE-2025-23631,0,0,486c44b1477ef022b6afd511bfe7371c7a5e1239049e868a97d94bc96c8d247a,2025-01-22T15:15:20.013000 CVE-2025-23634,0,0,48e783563d53ec984be5a175a9f79a779ede5638e8c7f47318c460f317ddeb1f,2025-01-23T16:15:38.840000 +CVE-2025-23635,1,1,a5450bfd63ee5a9c819485bc47e43e408137ffbf1a5b7bb58dd41bc85c0e5120,2025-03-03T14:15:44.413000 CVE-2025-23636,0,0,e471135e103e9f1102462023b0c8331f734cc9749182a76b579e62c7d60e2121,2025-01-23T16:15:38.983000 +CVE-2025-23637,1,1,dd01fb91b404fb83a25fa639041a94047db6a32609a81831e07f2768eb83f296,2025-03-03T14:15:44.553000 CVE-2025-23639,0,0,b5e6c8257038b7490893c42ae7e3121aaccdfc060b9557b2c3eb27b9ad45934a,2025-01-16T20:15:41.763000 CVE-2025-23640,0,0,118e59034a736b15100f4213d9ad0026082135513d4f080af852d559dd80b4a0,2025-01-16T20:15:41.900000 CVE-2025-23641,0,0,7d997794a239066a0b1939bc772f48c377254fbba43ec4f01793fcc89efd7a16,2025-01-16T20:15:42.037000 @@ -282334,9 +282409,12 @@ CVE-2025-23659,0,0,dcc772503bf7bc48b2053f59e0fd1354f6d6525325330e2053b738a9e72bb CVE-2025-23660,0,0,2cc733431a94cdb8a648f8f3373a33c06d517783298c1f87affd6dd6af956d0c,2025-01-16T20:15:42.893000 CVE-2025-23661,0,0,1f7f57e7bde62e643387dd0bb1448a0354f6c08b04d2c093fc9523e9645f79aa,2025-01-16T20:15:43.037000 CVE-2025-23662,0,0,551ab5d2ddda20a665b042bd77267fd330911bfdaae473af13983770c49d1a4c,2025-01-16T20:15:43.167000 +CVE-2025-23663,1,1,678aed84cf5d961ed046ade58b89d44f4a75e137cba69bd82a02ac850a3540cc,2025-03-03T14:15:44.693000 CVE-2025-23664,0,0,5eaae3d9bb9680e71179473e67178d8041daabfe633ea61ccf7a551976bb9be7,2025-01-16T20:15:43.320000 CVE-2025-23665,0,0,df3a85fb9b6ff519cb09c58b53e0bb17cb58cc0d047b57ae4c9ab7778577a02d,2025-01-16T20:15:43.460000 +CVE-2025-23668,1,1,86e348c6ba5475e67c0dcd7151b45682c0abf0eca4cf9072e9d9ecc052e94b48,2025-03-03T14:15:44.833000 CVE-2025-23669,0,0,d1bc630e712a78731f318fb10d255700aeb84fda668fd5568dd1716510645cc3,2025-01-27T15:15:12.423000 +CVE-2025-23670,1,1,1a1d9ddf71a3af23c0fcf9e6980398b7178713815ba4d2b9609baaedd4b237d0,2025-03-03T14:15:44.970000 CVE-2025-23671,0,0,e807509054aea4938a91cc46517fc530776db152688d3d7e9ff4404f8050a084,2025-01-31T09:15:08.210000 CVE-2025-23672,0,0,ed0b60a87316bc71dff66c00e07e06614733370adc17528a90f1f5ea0631e03a,2025-01-22T15:15:20.287000 CVE-2025-23673,0,0,29cefcd5e33b42efd9dd838456a4202e1ca110aefe8c270bd5abccdd213d0d3b,2025-01-16T20:15:43.620000 @@ -282353,6 +282431,7 @@ CVE-2025-23684,0,0,529ecfa4f2d7884c1c74d4451718ec8edc46df51f82091b8eeba652ef3799 CVE-2025-23685,0,0,0ae9c880b577c05bd221b5d47c19ae7f8930d7d9f3014e4cbcee69e11cc74cc0,2025-02-03T15:15:22.420000 CVE-2025-23686,0,0,3faeff7525d93cc6d2031f95de86c7e21308c8342ae317b9dc855fcb527afe0f,2025-02-18T20:15:28.090000 CVE-2025-23687,0,0,a062d47601c72b96a7b0ac661d6c70b2b4782e624ea753b9ec1d07c4535e69c5,2025-02-27T17:15:16.623000 +CVE-2025-23688,1,1,aa2e74157a39542e9e5d11ad8ba6dd45d0a354373bdf490df0d106f90376aeaf,2025-03-03T14:15:45.110000 CVE-2025-23689,0,0,3a077a022662cdd0d4798ac2d9b9685961bbdf05d3a8d2e748b53124c3ed929b,2025-01-16T20:15:44.040000 CVE-2025-23690,0,0,b9e8b4ce7cf418df7c2c552d6aa61f7715b27609fc2dbb370252e45d7528a647,2025-01-16T20:15:44.197000 CVE-2025-23691,0,0,8bccb2407b1830314e082c5ccc8a74914d5f3fb937895330615769bfb1ba0062,2025-01-16T20:15:44.353000 @@ -282376,19 +282455,29 @@ CVE-2025-23711,0,0,2fcdef9ca63b638205dcb9063506c231a8c0b85956b4bdb5e0ed4971a8368 CVE-2025-23712,0,0,94aa96484213156f9d49bbdc6963c4fd02ab0d8cdee27a020eca5b412a516f8b,2025-01-16T20:15:45.800000 CVE-2025-23713,0,0,e91ea4a4691cd6ea54cef5c014a380cbfb6e447d22416c2178d1e94d8d5e41a9,2025-01-16T20:15:45.940000 CVE-2025-23715,0,0,0640be33a6d521fa9ce6237978250a0e811e0054ca0a5799459a317b8874e4f3,2025-01-16T20:15:46.083000 +CVE-2025-23716,1,1,d016056c99079551abf6ed6c53c11468349496bd1e91f9fde5f489851a77be1c,2025-03-03T14:15:45.270000 CVE-2025-23717,0,0,79ec33c46c47146faede274dbb2e9b9df8747f6c2068f93e33c80d094e53ab2c,2025-01-16T20:15:46.247000 +CVE-2025-23718,1,1,f36762b75141a88ad0b9783f94bcc4f146c3498eecce8fa774a11016754ed15b,2025-03-03T14:15:45.440000 CVE-2025-23720,0,0,4f4258f5d82ee9a1c0adeb945db0c0e48cfc2254164386bb711744a2792e3be7,2025-01-16T20:15:46.397000 +CVE-2025-23721,1,1,59f6c1ecf004b932005d6828653d280864e2bd9c4719f1601a520d393f51a961,2025-03-03T14:15:45.580000 CVE-2025-23722,0,0,c0bdf2b829d7a8bd43085e02d4e7e056c0d0ffd37b99bda77519f55464471ced,2025-01-23T16:15:39.117000 CVE-2025-23723,0,0,327ff890c66bc4f6304f57f95f2945f2096ccacf1bac80331923afdca5553d32,2025-01-23T16:15:39.260000 CVE-2025-23724,0,0,85759521dcceb6293655a1d413ae191700de02fc83895c480951d54c5ee558aa,2025-01-23T16:15:39.387000 CVE-2025-23725,0,0,b40e5b6eb6e24477dabcc116432421fc90ad60ce2752a67c8fd0c42466cd8176,2025-01-23T16:15:39.530000 +CVE-2025-23726,1,1,f80c067b07f21ef5153d90d1acf66cbd821b0b372a7e8e4ed1d798d6647bfc48,2025-03-03T14:15:45.723000 CVE-2025-23727,0,0,06939e0ba718c2d1654b535cb4acdd19bc47301ebc0414aba09b8f3cba82ca80,2025-01-23T16:15:39.660000 CVE-2025-23729,0,0,cf1c2fd2efceda0b2319b0d4ce7dee8c6bda7b3cf825d2b54b8fdeafbe7c4d3c,2025-01-23T16:15:39.790000 CVE-2025-23730,0,0,6a3d7db8e71ff2248054b5e3980c0318785193417fad4c6b63c6b17ed4394eb7,2025-01-23T16:15:39.933000 +CVE-2025-23731,1,1,39ef42f7084553ea2dbfd30259a75dd23c120645791c3651bc23bc918ffa132d,2025-03-03T14:15:45.863000 CVE-2025-23732,0,0,a319b2653140b4341d08717a159e17e281e96faa4531ef7eaf2b0aebc3064bd0,2025-01-22T15:15:22.640000 CVE-2025-23733,0,0,ba14d7b711147bcf408bf8e6bd2e361fbeeaf786be070e9273bee40e739e6a4d,2025-01-23T16:15:40.073000 CVE-2025-23734,0,0,d08399ebf6e8fdb4054e549d4b1f5dfafe09daa5e675446b005341c5933da542,2025-01-24T11:15:10.967000 +CVE-2025-23736,1,1,9131d7dcfcb97d0ae961a3a3097ae60a78fab64df4dca2364283395b564ae2c4,2025-03-03T14:15:46.003000 CVE-2025-23737,0,0,607d60dbc000683cdb744c3f8a0ff459baac89a608490796576d67926bb66926,2025-01-24T11:15:11.103000 +CVE-2025-23738,1,1,f885f04b22320649373fe828cbe1e38b6411cb2a758056a6949863d8f78937f5,2025-03-03T14:15:46.157000 +CVE-2025-23739,1,1,a40abb4cc5ed4e40d3965b29fd408eea76b83ec28b89a7c72f12c0bf33697e92,2025-03-03T14:15:46.300000 +CVE-2025-23740,1,1,29d542b0f53faaef4eded198e5f7a55b8b37dd6000c3360cb9fa81ba839be310,2025-03-03T14:15:46.443000 +CVE-2025-23741,1,1,e73754a948bc07e600ba59dcfd31fef3bcbffc40b80f117ba180c8ce677acf97,2025-03-03T14:15:46.580000 CVE-2025-23742,0,0,b201c2107bf925baad36a640efc91a7c932130b1fa30126bc2ac8036c1e569f4,2025-02-14T13:15:46.033000 CVE-2025-23743,0,0,803f800009872449a18217dc53667bf2ed09ca71991d264f6860698994827cf0,2025-01-16T20:15:46.550000 CVE-2025-23745,0,0,09ea8b53d4365edcfe38eb3fcbe51bfbcfdfed88a9df4c2f4d1f35c6770b51bd,2025-01-16T20:15:46.687000 @@ -282399,6 +282488,7 @@ CVE-2025-23749,0,0,6aa13db4e4c786d5dfaed7476f7ecb15c17aa377119bb300a3e3bb269b753 CVE-2025-23750,0,0,6ea37f4f9522ca2e0280209c27b390eeef98a740a6b7dd025e33315154a79c4d,2025-02-14T13:15:46.313000 CVE-2025-23751,0,0,7cf5b5e2bcbd02d848667bb01cc756fab7e385c1a81149116d1dac297dcb5b22,2025-02-14T13:15:46.450000 CVE-2025-23752,0,0,2500631a89072de355d82cd9d0c12e88188eee2a9b43146cab8ef211fe41e0db,2025-01-27T15:15:12.570000 +CVE-2025-23753,1,1,a761fc6ddde3499da4543d00111e08d8f8091b2ee9b02127de8a14670e69701a,2025-03-03T14:15:46.720000 CVE-2025-23754,0,0,a8976bb97c2ae00c11653e47f47011f7edf0df2e28ad66f466282475f032adde,2025-01-27T15:15:12.727000 CVE-2025-23755,0,0,25f04dc206db1f71f9a2018ea14d136fcdb89733c2fde78659dbf54e9d738404,2025-02-03T15:15:22.697000 CVE-2025-23756,0,0,16f0545268cdd6fe2d0ba6c79450b1cdbe855a937348abdf7b97b7019cbf9e0b,2025-01-27T15:15:12.877000 @@ -282406,6 +282496,8 @@ CVE-2025-23758,0,0,883e63d47bc45719a96ecb50615a8b44169717013146e3d5a21d6bf8acc18 CVE-2025-23759,0,0,44cf985abe1790da5a65f21e2773ee03c2d5bf51b4f98d8aa88b9f240167db9f,2025-01-31T09:15:08.357000 CVE-2025-23760,0,0,c926328276013ba4c92054487020a2c00b6299d54746739ff21a4a2b0e4582aa,2025-01-16T21:15:18.257000 CVE-2025-23761,0,0,54955953ddba7da6b8dc6db7af99134b4479d6ff349ea65bc12f9e3c7ac517a4,2025-01-16T21:15:18.410000 +CVE-2025-23762,1,1,c5fd9de47a8ca0156402a968e52ba355b045e688cd33187a2d9414a72f9c60b4,2025-03-03T14:15:46.860000 +CVE-2025-23763,1,1,1375025b12efcb46e40594c1a809d93606976cd57b25d04791175cb724766fdc,2025-03-03T14:15:47 CVE-2025-23764,0,0,7f32d20a1e65ecaa3e33bea3553398156868c7ff8731a49a86f2b21b51701ff3,2025-01-16T21:15:18.550000 CVE-2025-23765,0,0,2796d242b4e694c96282a5c8ffeecba3b80388403b475a6ae706c6a35a37e943,2025-01-16T21:15:18.700000 CVE-2025-23766,0,0,6f8788466ea1e979883e67d78e53062fd0f4dadf013cf2e27f44d7bfd409f335,2025-02-14T13:15:46.583000 @@ -282453,6 +282545,8 @@ CVE-2025-23809,0,0,e4d8ab24925754ce1ceb1aac20374346938ff78ccd5ebe9cba6a3cb39ad59 CVE-2025-23810,0,0,3d886969fb81b13e95f7725e8aa5117b9c91c9b06310f0521237e64ca9eef400,2025-01-16T21:15:22.107000 CVE-2025-23811,0,0,aeb0bca809888e8a2f8b0c81b6ebd8caf62a27a7e7c72a06995d8ae53ef2be67,2025-01-22T15:15:24.297000 CVE-2025-23812,0,0,797de7752c23e203568847ac02c79ce570616871d6f8a90a6d5cabd8571ade96,2025-01-22T15:15:24.437000 +CVE-2025-23813,1,1,4d7577beeaa62e358290c0c2be22e725ccaf6d63c0b92256c7e3b15d59e03213,2025-03-03T14:15:47.140000 +CVE-2025-23814,1,1,69e541a6b2b57e97986bfa2631f5f14573ad97d8a05b7fa803863e783bd22f2b,2025-03-03T14:15:47.280000 CVE-2025-23815,0,0,4a53eeb2a80c868296a8df4afc48475dd10d854a2810a22ebcb90f3a1fb7faf3,2025-01-16T21:15:22.257000 CVE-2025-23816,0,0,99e7a2982284cfe1c4b342546ab2ac7819e99932258e5aada2c1a28f9b0c569b,2025-01-16T21:15:22.407000 CVE-2025-23817,0,0,64c5a2eba1c8283bdb068da6e45257681009c02912f79237808c3a614cc30aa9,2025-01-16T21:15:22.560000 @@ -282467,6 +282561,7 @@ CVE-2025-23825,0,0,071b5ab2f842a4dac9b41a43284e1d60e4dd4711f28bd3ba85186d4acb27b CVE-2025-23826,0,0,31cc4f889fe54c4f547abb60cc2ead671f3ef1f0e15ebb2f69c4ac4c9eb9f183,2025-01-16T21:15:23.720000 CVE-2025-23827,0,0,2ba64e27ab682dd5ec54367bbedbdcbbff79cebacb1bc86ea6bb734008f4861b,2025-01-16T21:15:23.873000 CVE-2025-23828,0,0,5cbd4d2f58506793d3df94a0bc780e8d14ab5e4da9eff853b88189304863a098,2025-01-16T21:15:24.047000 +CVE-2025-23829,1,1,8f0c5d710512be5f21e943c4f0563e6ea867db53e1de13143a7550b9d4cf0b19,2025-03-03T14:15:47.417000 CVE-2025-23830,0,0,b29c1dbb724e30118134483053c6856e5726b7a86f2f6d719fdcfca154e0a8a7,2025-01-16T21:15:24.213000 CVE-2025-23831,0,0,5197c9bfacc7e149482a79695ac12aead57f227753093688448b8bbc9868aa27,2025-01-16T21:15:24.360000 CVE-2025-23832,0,0,2679ff496b3a637ccd709dc676c5ecac70472f75fa8b558e60904410452695ff,2025-01-16T21:15:24.510000 @@ -282480,12 +282575,16 @@ CVE-2025-23839,0,0,c711cdfd3a6cd8df3981e46ebebb623db7f4f50ebcbba001c1ca48594578b CVE-2025-23840,0,0,f0f7548a18e4cfedb3688e9fbc7414acc68ef02d31e6af775d6a7349c3921d9c,2025-02-17T12:15:27.973000 CVE-2025-23841,0,0,c097c459c2277c131514a3ea078b91eba98a25a334eaa639de34719734a5222a,2025-01-16T21:15:24.793000 CVE-2025-23842,0,0,2b0139d7daa7e9dee90c237d483621e8535d39bd8efb9a3ce143d2d5a6b0d36f,2025-01-16T21:15:24.940000 +CVE-2025-23843,1,1,29d2796343475cde388af0477385302e8f99db7121c72aeba030f5a872191576,2025-03-03T14:15:47.583000 CVE-2025-23844,0,0,86105cb76b38d6ea0728b9c1232799c3e34ea63adb94598d263dfa4f4d3924ce,2025-01-16T21:15:25.080000 CVE-2025-23845,0,0,704388ad9715a6095e5c19469c8d6736ddabb3114c3d928fbe8cb9a12e65b295,2025-02-17T12:15:28.127000 CVE-2025-23846,0,0,ea1add75e4166af75969247fd7072cf309971d9564e41b3b3aa5ab3aed42b97c,2025-01-22T15:15:24.570000 +CVE-2025-23847,1,1,543531e94e152d732bb86cfd38fe6b8a60f31a1639aa21988c1400a991303437,2025-03-03T14:15:47.730000 CVE-2025-23848,0,0,89a987df9d0bbdbc45b1ea1fdc383b4ea7fa77b656809c9e88d08eb1cb2905d0,2025-01-16T21:15:25.220000 CVE-2025-23849,0,0,7076f9fcf4e7216b0f5ca136c4ea4a88f8fc78bd3d3c6b722ad7847e399fd28f,2025-01-27T15:15:13.087000 +CVE-2025-23850,1,1,ca2089fdc52da0f4841e4dcbc1f0d2ee728fa0eb84085fa7f4d8f3b2783002b6,2025-03-03T14:15:47.870000 CVE-2025-23851,0,0,45cd563fd26573e18f7597f8a91796eb4d7bea4673dae9c99c4f2ca6dc5dfd24,2025-02-14T13:15:47.550000 +CVE-2025-23852,1,1,be7b7af6559b099f8899470cb6cd40f9cc676209a0cca05f5d08d0086ba90a27,2025-03-03T14:15:48.013000 CVE-2025-23853,0,0,ef0cda26dc0e79d1c47dc7e28d69e1254f0dace4fced367382184e4831286f9c,2025-02-14T13:15:47.700000 CVE-2025-23854,0,0,d260b02665c562e6c59db554faa1d37d019f8ad115df9a55a6f95eb87b662a62,2025-01-16T21:15:25.357000 CVE-2025-23856,0,0,a5c5728227279c4b26e1b13f4ba8f4d185c4e16a374fd50014963dfe066d3a3b,2025-01-16T21:15:25.507000 @@ -282510,8 +282609,11 @@ CVE-2025-23875,0,0,16f54e792dc7d4a56ea38d4496bd3b79642a5531dd27f8c7625708b8f8972 CVE-2025-23876,0,0,f11fbcf0ce95bac97cefd73d61ac714e53732fcd35e4b468f025890b159066c2,2025-01-16T21:15:28.763000 CVE-2025-23877,0,0,67025350455285a68998b55a0ec477bcc912252817d20c216ea4c1dcc27f2fb9,2025-01-16T21:15:28.963000 CVE-2025-23878,0,0,807177fe8c69371ec7b74f4303cca26584dc822ecc32e3bde8ff81af05f082df,2025-01-16T21:15:29.140000 +CVE-2025-23879,1,1,87518c93f6f7e42391cfa41185300d2090149ee367c5f8c67af8a3d9d24104d2,2025-03-03T14:15:48.157000 CVE-2025-23880,0,0,71a75ff3204104210dc427f5d046fe7419ca87cd3fedcae98d2508e2784497e7,2025-01-16T21:15:29.310000 +CVE-2025-23881,1,1,535b4bdb5304b6854adefa2b25cdaf84a0c2d3023805271f932708856656a523,2025-03-03T14:15:48.290000 CVE-2025-23882,0,0,8e318f93a2e3087a84cc639e5bee8fad1331e5d359fbd4910e1c30d70a6cee6f,2025-01-22T15:15:25.123000 +CVE-2025-23883,1,1,a3aded4ba7382a9ef49b463ae9c7b7ff3e68aff75af1cb09d3716b44f91071a3,2025-03-03T14:15:48.430000 CVE-2025-23884,0,0,2def982b7cbe8992747b18233289c0f945bb92c66265a1e1ac9f76f2473c47c3,2025-01-16T21:15:29.730000 CVE-2025-23885,0,0,093c1d452b83446d22ae9a842c82320a89ffdbec7ad459f32fc079a07cbe06ff,2025-01-24T11:15:11.660000 CVE-2025-23886,0,0,5adc366069b87d101e00a6524456b5154407eae636225dee1ada8aae236060c3,2025-01-16T21:15:29.927000 @@ -282531,6 +282633,8 @@ CVE-2025-23899,0,0,598182d1621caa24bf3c481ede2ce2b83897d5764a80f40ca9f00a668f077 CVE-2025-23900,0,0,68aba21ddce77b08fbaa0dad71c040e65c232f030b0b325ddea5744be386b9b2,2025-01-16T21:15:31.857000 CVE-2025-23901,0,0,bf3c3b7205ed6fc1b684ded669be915dd1c9b905481743bdf15fb28a8c514c0e,2025-01-16T21:15:32.027000 CVE-2025-23902,0,0,991c47a865a929869add2c8c1b94dc787e70c9818f90cecd06fc91fb7023083e,2025-01-16T21:15:32.173000 +CVE-2025-23903,1,1,9df018cfc6f909d32ac14192cabe32d92189655b30c0b2563327ab7c86d41d06,2025-03-03T14:15:48.573000 +CVE-2025-23904,1,1,e1b77993b871845d4b1589f5de75445e92913d5b3a0a17a4275b6a736bf63039,2025-03-03T14:15:48.720000 CVE-2025-23905,0,0,e6df51fd666e2c8113ce848afa63ebc2d7c3d50c4fb01b44668236357fa834a0,2025-02-14T13:15:47.973000 CVE-2025-23907,0,0,62f2d830555983225c93d67a33766339f0b5f5b8104b470ef809680dd862709a,2025-01-16T21:15:32.333000 CVE-2025-23908,0,0,4b396a8852131d43d79fe1137cb49df2e0d52a86fdb32e54e4afe34ce1d8d3d5,2025-01-16T21:15:32.480000 @@ -282569,6 +282673,7 @@ CVE-2025-23941,0,0,1c0020dfccb64dc56163de9642fbb38130446635c08bc70e04e868e60ee25 CVE-2025-23942,0,0,fcd7834ddd5fcf9c8adda6d596de5dbab6d454234546c07da702feb6e1ca2a9e,2025-01-22T15:15:26.103000 CVE-2025-23943,0,0,b11e5fd30a25f84e994f31d10cb8bcc269623009eb1bca3cbe37db51ed9b30fe,2025-01-16T21:15:36.373000 CVE-2025-23944,0,0,6784fbc128279e298d8489399d1bf90d39ae34198f44be1ea34d2e37df5c705b,2025-01-22T15:15:26.240000 +CVE-2025-23945,1,1,3e4d472da12049ed59bb3026de90c4f221c8886bbc477764f20ba5e4539aeaf5,2025-03-03T14:15:48.863000 CVE-2025-23946,0,0,9de3ccf4350f51c6d8e67eab9fdaace2b0128c36302335bbd7ddc29cf4115806,2025-01-16T21:15:36.520000 CVE-2025-23947,0,0,b918dd9018ba545f112604d29f16795478738d9868aa76eb24c352a7a4e3c4ec,2025-01-16T21:15:36.670000 CVE-2025-23948,0,0,fa217fc33fb3c65287110150a4613d620cf18c0fe66132ab121eab1307585f10,2025-01-22T15:15:26.383000 @@ -282578,6 +282683,7 @@ CVE-2025-23951,0,0,2d32c1931f285be8ff0de2b01cdf7652c918f38bc79b845ac3d321ee8c1bb CVE-2025-23953,0,0,f6f03bfe88f28bb6450de0d0a10e28b0ddc76002765b30baa9464de96156821e,2025-01-22T15:15:26.670000 CVE-2025-23954,0,0,c0b532e328dfa85d7de261ede6d898c1c93d187c5ff87f67c3d88a90ff144287,2025-01-16T21:15:37.133000 CVE-2025-23955,0,0,b35ff47ed4400b2edb51393bc234d7c4ad9797e847fec68985488245984a054d,2025-01-16T21:15:37.277000 +CVE-2025-23956,1,1,49b33ed056e081448aae8d99df9bd71034f0c97669a6a06730170a8c6033197f,2025-03-03T14:15:49.010000 CVE-2025-23957,0,0,40b759ae20a341b30b3caf9db81dbe00398828638d81ba3346ad7f7cf25fc424,2025-01-16T21:15:37.420000 CVE-2025-23959,0,0,4d3ba4ca608a53eb6870e6e5b2be4b542170ae3caec5feb8a182291e655509aa,2025-01-22T15:15:26.810000 CVE-2025-23960,0,0,fef5413834349b73f28bcc0fec0108a4368773674c1a2ae5d7728e978b8298e8,2025-01-23T16:15:40.777000 @@ -282881,7 +282987,7 @@ CVE-2025-24629,0,0,1b996853d2c7901ff914da013767c286dd2f21bcd3a4e8ccfaa7c6c0734e0 CVE-2025-24630,0,0,09bf3aedb5b7ade6055d43730746097c9d9041653d5721ff426ad0e89db99ea5,2025-02-03T15:15:27.730000 CVE-2025-24631,0,0,274bf2d20308ac2cfb90f5764c400587fb2fd5748efb61091439c4651fd721d6,2025-02-03T15:15:28.023000 CVE-2025-24632,0,0,d410a816951967f2c5c6839e9cac3ebfa14d6561cc4e8d7f6e1f8e092d630c79,2025-01-31T09:15:11.040000 -CVE-2025-24633,0,0,64f8f21e259a75f0dde07c07b00cbb1d9212420586bfe05a4e4346e61befca4f,2025-01-24T18:15:38.200000 +CVE-2025-24633,0,1,702993d0a68d37905531a12131b16c43d90468fbd9d9758548b378011c530eb7,2025-03-03T13:15:12.980000 CVE-2025-24634,0,0,ad1ea2729993b18260176b082a1fdbbd1b40c6cd43264561203160f131678a79,2025-01-24T18:15:38.350000 CVE-2025-24635,0,0,8e4daee5d6abd4b07f5297619a43f9752ba41f45d1919dad64440f82e4b51154,2025-01-31T09:15:11.190000 CVE-2025-24636,0,0,725d94dc13d3e626545af0422430a59e8b7442528fd0fd9293d44daee9239f59,2025-01-24T18:15:38.507000 @@ -282935,6 +283041,7 @@ CVE-2025-24689,0,0,70a27061e8b0633b0958a705695b21ab3e50470132d440b4823f73ecd6b6d CVE-2025-24691,0,0,a9ecb50c9c5d82c8ecfc70917b5c56e667dfa57f33c8e4cb10ee7b326b2f95b1,2025-01-24T18:15:42.433000 CVE-2025-24692,0,0,4f3862dd5d5dfdfb8e9ec9276452e566888a0246b5bd370541ff930cf3e495a6,2025-02-14T13:15:50.050000 CVE-2025-24693,0,0,c7bef0dbde3fa8449c3a078a65549f5280577af242006cc996d29313a11fb18f,2025-01-24T18:15:42.597000 +CVE-2025-24694,1,1,7552269c8c3359090281460d70b6607cce8bb494f597ad67c1ae5b0211f65094,2025-03-03T14:15:49.157000 CVE-2025-24695,0,0,f61c171f77cef62d0dd2aede8b4b5d725bd7ea8ff8a025771bdf23d5a72f8ca4,2025-01-24T18:15:42.740000 CVE-2025-24696,0,0,3f05e52259d3b900a80613c5b1e8b568819cf706464f6128c6614eb8c2149632,2025-01-24T18:15:42.900000 CVE-2025-24697,0,0,524ece83a68382cbbf9bfb8b326769c1433565110882c970ecb2d390f56fd66b,2025-02-03T15:15:30.090000 @@ -282992,6 +283099,7 @@ CVE-2025-24753,0,0,a2c1331499f1ee93474d032a5492134141c22dfbef3d88782211f0652176f CVE-2025-24754,0,0,df5b30a971ad3afa753fa5100ea4ce4a8eeffe0cded00f62df24aa224b1825d8,2025-01-27T14:15:29.477000 CVE-2025-24755,0,0,817a6f4676c47a1165c3ef71cf774d5099a4b3fffe7ab21f2fd661b2cbf35fed,2025-01-24T18:15:49.160000 CVE-2025-24756,0,0,00090c21b036cb18f500635475c1d0d07432c00656603d0706e690db1dac0d4c,2025-01-24T18:15:49.307000 +CVE-2025-24758,1,1,7cefb6fa6313acf51ca2fb8223b31fb14d96fc92645f40e75130e31a4762ce87,2025-03-03T14:15:49.300000 CVE-2025-24781,0,0,ea0dd1f1efc338a8190531ba4028569aeff4169f4687c401bac25279a2c35633,2025-02-03T15:15:30.410000 CVE-2025-24782,0,0,17788acb91d6c67508456b6c6bdb11b91003536a6622098710e8b2b3540b27e3,2025-01-27T15:15:17.450000 CVE-2025-24783,0,0,16acaefd8445952b553e27b44c44e73c798d385c295acd08deef74497b7f723b,2025-01-28T16:15:44.880000 @@ -283099,6 +283207,7 @@ CVE-2025-25065,0,0,45484afbd03efe60cdfc0e8025f2d7de171ad9fb0eea11f3663a654375185 CVE-2025-25066,0,0,bfac3442efe119c58d1253bccaa4b523ef1872eec5be8616734787a2e6e2eb4f,2025-02-03T06:15:11.373000 CVE-2025-25067,0,0,610ce24421f83ef05e153edca72928571f3ca60dd422f89edc58c3887f9223e9,2025-02-13T22:15:12.780000 CVE-2025-25069,0,0,3ac7d43aa5f66d76ca4f47d340594454f3b8efd5492158fbebd7f38cfb3d56c4,2025-02-13T22:15:12.930000 +CVE-2025-25070,1,1,5327ab05edcb8e3afa82526bab4bc859623c1daaa376383bc1e52985f02ea43d,2025-03-03T14:15:49.490000 CVE-2025-25071,0,0,1629f669e71655c3fde13bbe5cdd27b1092b6fb208e43d4e7d5ad171118f64db,2025-02-07T10:15:11.840000 CVE-2025-25072,0,0,b2f1001fba6b0792cc732077ea2e226df66672da745a56dd97c913a535040448,2025-02-07T10:15:12.023000 CVE-2025-25073,0,0,ae247888df9b0a0f02c26fb56226f6f772bcd6d701eac54b2e26221f7762b06a,2025-02-07T10:15:12.197000 @@ -283111,36 +283220,63 @@ CVE-2025-25079,0,0,43fc907c6f7f8abacf15501eee12dd84e65f7bf34c2b4b035c7998a7325a8 CVE-2025-25080,0,0,861ac78288703f786a1258aee4ebc09899b5ccd5f4cd1e0d5d938308ab9cee21,2025-02-07T10:15:13.440000 CVE-2025-25081,0,0,a942a5f18339f333bcf99d8684bd359dbcef14580612543671b3d6d082e9fd47,2025-02-07T10:15:13.613000 CVE-2025-25082,0,0,8fbcb284df10f74ea677343321a609e9989fdcc51f391e47c600626a4578b446,2025-02-07T10:15:13.793000 +CVE-2025-25083,1,1,9e3fc46160501f67c6c5d0fcd474cf23c8788b226adcd496d83723a9cdb1e886,2025-03-03T14:15:49.633000 +CVE-2025-25084,1,1,22ebeb4189de5f1e695fac38cc65353e5d578ca84eeef2155c2a83cea4229a8d,2025-03-03T14:15:49.777000 CVE-2025-25085,0,0,48e8d3fd3144ff3e43021324e6671af7f1230fba8a05033bc5b135fd7d20d9ce,2025-02-07T10:15:13.980000 +CVE-2025-25087,1,1,adb9ca264fa23eee904e111b3b6e1e77904e37c0c1a2fb294dfda7d0a9e5cd65,2025-03-03T14:15:49.920000 CVE-2025-25088,0,0,19b513c75a563bafc3fa8ff6ccee8059f648de42a915840688d58d3b8fa92301,2025-02-07T10:15:14.260000 +CVE-2025-25089,1,1,a8bef62dcd1d749a38ebccd69557e5c7041506550959a126098b61e8f9b00e58,2025-03-03T14:15:50.053000 +CVE-2025-25090,1,1,5d8dc7954bc6c19111eae14414de0a3b0221bb55d4ec6a7dc24d57f9c2560b72,2025-03-03T14:15:50.197000 CVE-2025-25091,0,0,a542fd0c75799894cefcaf1b68ae91e64f2b423e9db55a3bbe6c17b8ea764d64,2025-02-07T10:15:14.440000 +CVE-2025-25092,1,1,cb0fc70813c01d664fd28d9c00fb5e02da5fb9c53946650f9fed7a24a4197bcc,2025-03-03T14:15:50.343000 CVE-2025-25093,0,0,47e022609a66eb732cb5607ad69dacadc0e3206330883066d0fbd2217b126818,2025-02-07T10:15:14.623000 CVE-2025-25094,0,0,46628609542d4456cffd07ed0405aedfb34ecda58a73ab49cd592d59afb4d089,2025-02-07T10:15:14.797000 CVE-2025-25095,0,0,3aa0fcd4e44ffa77e526aaa9572752fe51307ed32741a755783c3ce59d4acf78,2025-02-07T10:15:14.977000 CVE-2025-25096,0,0,236222022f87a86e77bd8ba463e844df698349f963210d6765a3437ea99cd5f4,2025-02-07T10:15:15.143000 CVE-2025-25097,0,0,e516102cedda1395b6abdb8786b776f94af95ec136f76e62dc90cc8ba092528b,2025-02-07T10:15:15.327000 CVE-2025-25098,0,0,d51cf54051461684fbfbca4232445e97f072cd7fa5f46b19018d123dcd09d044,2025-02-07T10:15:15.500000 +CVE-2025-25099,1,1,b6ad7cb8a02b7bb74aeb070d48d43ecf31e22a281e17692ec2db7e801e05df4f,2025-03-03T14:15:50.490000 CVE-2025-25101,0,0,b55978e51ad28a269a135a73512b84912bf7da148b6e45135907e1256d3b35de,2025-02-07T10:15:15.670000 +CVE-2025-25102,1,1,6fa6569eedf6590931934190443f4239a817b446024286f09cf28fb86a53b35b,2025-03-03T14:15:50.630000 CVE-2025-25103,0,0,8f0bbbc68659bdd6583cb7a4bc5992aad3b30e946386462de20a44c10a02c12a,2025-02-07T10:15:15.850000 CVE-2025-25104,0,0,e4c9d78af0197f942e0524c34497df5047d8f0a28faa9fd982f2bf0c823696ea,2025-02-07T10:15:16.027000 CVE-2025-25105,0,0,87183f79828bf4be3e65d98936975061f302492ba9a4f03a8503cd4599e018bd,2025-02-07T10:15:16.217000 CVE-2025-25106,0,0,5adf6027f92cb35d0099585e7a65f3fb0596ff1c0a8b0759d2eee782d9073237,2025-02-07T10:15:16.397000 CVE-2025-25107,0,0,e2af2faa3c90d7cdee713a48892bd288f889534c19b4e3defad819e99fdaf327,2025-02-07T10:15:16.570000 +CVE-2025-25108,1,1,b8176f599dc222a1c0960674e0cef78e3ad0802451c5772b955ac71eaa14babd,2025-03-03T14:15:50.767000 +CVE-2025-25109,1,1,9b704f5faa8081bb06099b5adce9d8eec44ea6f5cd7c53d7c0dde275bcf099e1,2025-03-03T14:15:50.907000 CVE-2025-25110,0,0,4041c70c5aea0a8415f9f6d363010815ba5afaf620d0b4cbccab698ef7bc642a,2025-02-07T10:15:16.747000 CVE-2025-25111,0,0,94fd198f7a55281e7e3f3a1093ff63f49472757f065ea1d6a6e9b48f0d5e39ef,2025-02-07T10:15:16.910000 +CVE-2025-25112,1,1,4fb18260a24599f2be2d8c9ab1f96d1d3c5846f6579cf91502d7d0fa1ffe1f94,2025-03-03T14:15:51.050000 +CVE-2025-25113,1,1,fb694159fc67aa5bff6264f4ec6a8fdb74975e93889b331bb122ba61a089789a,2025-03-03T14:15:51.193000 +CVE-2025-25114,1,1,db47ceb13222d04f70a13bb49afcead2122103a9769ec81b2aef4d51c93ad548,2025-03-03T14:15:51.333000 +CVE-2025-25115,1,1,8338b2b9f4b7a5857fc6a08dff366a204b1f1bde65b0b4e2cba1ddce67064dd5,2025-03-03T14:15:51.477000 CVE-2025-25116,0,0,bcf37afc318f5e9ac3f628960ea4fa413ee951eab0cc5618b7981803189350d2,2025-02-07T10:15:17.083000 CVE-2025-25117,0,0,315c56cbaf5ff1e3498f8b9cf6b2965e180d3e2a738da99a953fe4b2580fbd4a,2025-02-07T10:15:17.267000 +CVE-2025-25118,1,1,075dbb3aeec37548e9399526109d87ff4bf6a34a63d838fb2591e560bef4aaee,2025-03-03T14:15:51.610000 +CVE-2025-25119,1,1,7b0b2807f2361bb5fdca889f6b96228fbbcd4113400b50585a489d7ad137eb50,2025-03-03T14:15:51.750000 CVE-2025-25120,0,0,37d7efddee9451cb8bdde13d5063d3355ce365b4be1738cfe09d05a928d650ba,2025-02-07T10:15:17.453000 +CVE-2025-25121,1,1,b13bde3789938d9ac0e9b4c710e75965493d97ce0949ad71567bf9d72bb8b958,2025-03-03T14:15:51.887000 +CVE-2025-25122,1,1,a24d56ee5d5c127d5566762a6b500f497c10054c8940ad873353d0a392ca8f89,2025-03-03T14:15:52.033000 CVE-2025-25123,0,0,39da03858edd407e6c09775c068b65e8a6da718955d1af67b46f995b12dfb1ab,2025-02-07T10:15:17.640000 +CVE-2025-25124,1,1,4023ed897268ec8f0837676ffc606ee4629a6948eaaf262a8e03365d21cd05a7,2025-03-03T14:15:52.183000 CVE-2025-25125,0,0,d72d623d3ad39f3c37d3909bb3698bc55eee1f38ede5a07ce403181faa4e4d78,2025-02-07T10:15:17.813000 CVE-2025-25126,0,0,8d61804086754e48af89e8567f3989101452037c2ce395ff80341319a100b21c,2025-02-07T10:15:17.980000 +CVE-2025-25127,1,1,bfe95daa619a960e84a583281c93d16dd53dfa06d1a4716e2fffc4b77b42eaf3,2025-03-03T14:15:52.320000 CVE-2025-25128,0,0,a1be1b60af41d9f59ae264bf030c7f9da67afc0036052f5ee24681007473a137,2025-02-07T10:15:18.140000 +CVE-2025-25129,1,1,8e5da7e6fd00554b65473412a7abd54bf29eaf42d6b3974479b00336ca2042de,2025-03-03T14:15:52.460000 +CVE-2025-25130,1,1,01fa182f2666b6173d40728fb96aa872846c59a6db55a56e8d165ffce860b4fc,2025-03-03T14:15:52.613000 +CVE-2025-25131,1,1,7255eac0e2fbeb9e678b61376423a8cc79febaea3a3a65dd99d17a979ac72177,2025-03-03T14:15:52.777000 +CVE-2025-25132,1,1,1e6c8c91c92157e1bca70e44bbaf2c524d29b882919da113ca023f80cf431bab,2025-03-03T14:15:52.917000 +CVE-2025-25133,1,1,5c542a8600dbba48776b6fccd7ea9175530b1625c210b6043f77b95ed6463e68,2025-03-03T14:15:53.060000 CVE-2025-25135,0,0,238a7464065012476597d7378a7ce292977f12606cd0a077568b6ceec8b00845,2025-02-07T10:15:18.320000 CVE-2025-25136,0,0,42c0c261cf9eb8be4dc24ad7ec4abc766f8d93d01752ada40296d4ffa1184d99,2025-02-07T10:15:18.497000 +CVE-2025-25137,1,1,fc9d70ed9599f1cdfcc8e397fa6a4784715b7f2ba1be85951c2b998f1ad887a5,2025-03-03T14:15:53.200000 CVE-2025-25138,0,0,62d82d9fa013175354f3ea0d4e19c0285c2715dd0fa111fd44954532b1adf0e3,2025-02-07T10:15:18.663000 CVE-2025-25139,0,0,fa14652e102be794a3e0af0bb9d14992eed595fc0a3190cdce8b043807376320,2025-02-07T10:15:18.837000 CVE-2025-25140,0,0,374227d3c660510b64513d59d78c8f882ca05a4da83388b27738f7367599633c,2025-02-07T10:15:19.020000 CVE-2025-25141,0,0,f1bd5fae1f027e6426c8a2568cea6792a0d4eed24199068cede2f66a267de8df,2025-02-07T10:15:19.200000 +CVE-2025-25142,1,1,415d0aa618e86721e98589ed39f03704a5b1c2c62b94fea86f1ec187193ddd58,2025-03-03T14:15:53.337000 CVE-2025-25143,0,0,e4f64a7000db26d7295c554498abb3a0e8d7d93ab88d323d72f7d817a03c369d,2025-02-07T10:15:19.383000 CVE-2025-25144,0,0,c23f429ee74bdac005324112ac24332b4076e14b539deab35919f49edda6ad4e,2025-02-07T10:15:19.553000 CVE-2025-25145,0,0,b4a198401379fa6c111f7dbbc979899498f276925009d0e624b600a5d321077c,2025-02-07T10:15:19.730000 @@ -283148,18 +283284,27 @@ CVE-2025-25146,0,0,8cf6209a46b44b06b2ccd5c1c7e8ebdc3f8ffea4dd4aac4b546297068385f CVE-2025-25147,0,0,8becf73efc80f713db1dcf90c9a60e246e06cd5106d3c39388577437a75c73ec,2025-02-07T10:15:20.063000 CVE-2025-25148,0,0,e75aa4aa374ce5c3506ec0aec90e7c3883709d635a4ed1bf876603c867ae1a92,2025-02-07T10:15:20.233000 CVE-2025-25149,0,0,c6ae2b5481fb286fc9000fcaba20092f415781ddd5932a3ec3a446ade703e6e3,2025-02-07T10:15:20.420000 +CVE-2025-25150,1,1,93f3a7d917c83bb70091c80dbaaf5fefdb86a6d63d2f2ff457a11d0128543482,2025-03-03T14:15:53.477000 CVE-2025-25151,0,0,07d995688df73514690b1246cc5f82518185dd07fded4938b2d6c2df7cd3a2e6,2025-02-07T10:15:20.593000 CVE-2025-25152,0,0,937b6e0bc1ed0d26ac1442a1ab58b7bbfe5cda83c6da9168e1aca6e3fe25b8c2,2025-02-07T10:15:20.770000 CVE-2025-25153,0,0,e897fcce67b06244f49678e3dfb381a0213ac0f5cbd95b07c1760d0dcf84f71d,2025-02-07T10:15:20.953000 CVE-2025-25154,0,0,e0fe38d9547026402a61df8e4d235a791a658ca2456347f94c0c76d661f9d9b5,2025-02-07T10:15:21.120000 CVE-2025-25155,0,0,25463116677bb5b1e5eede9e10b405a5bfaefa58e87937c57e4c507fe21ceaac,2025-02-07T10:15:21.287000 CVE-2025-25156,0,0,392795b0610ac1fd5d03e67dde364abfeac5df7cd4b13d93620eb6cc4404df15,2025-02-07T10:15:21.457000 +CVE-2025-25157,1,1,853b44e28b6934b0fc93eb8a1414ec67f2b2e35e19e79087efe932600c31ab18,2025-03-03T14:15:53.617000 +CVE-2025-25158,1,1,47cd86dca4815a57374be2a504a855213ef7e6b47ab940cce6de576d53368119,2025-03-03T14:15:53.760000 CVE-2025-25159,0,0,025a2bd3e6b558bdfff1d7d43ed8378b0ae9f5037837ff20f11b16e15e74370a,2025-02-07T10:15:21.627000 CVE-2025-25160,0,0,c867ea52ba2964998bd24138dfba1ca85a51e3af0334809fe322a505256dec50,2025-02-11T19:28:40.520000 +CVE-2025-25161,1,1,937b69e55f094eb57d0b1520cc723ae5d9b70e1c439bd02ca04586f7338ce22f,2025-03-03T14:15:53.900000 +CVE-2025-25162,1,1,f69710bfdd309ca7e1ac1c5699c71d0cc3bb70b9168fbc0cbaf76970d266c9e7,2025-03-03T14:15:54.040000 CVE-2025-25163,0,0,df7178d297cc829e76e2bf99edce3f1cbda6db4f0013a6f708bca9205b7f3698,2025-02-11T18:42:09.117000 +CVE-2025-25164,1,1,de1ccc19e14617a50f3106b759b3347a4b76e4c38626f7d1343b89d7d260bca2,2025-03-03T14:15:54.190000 +CVE-2025-25165,1,1,41e8eea8ce871093494c4d23e05e88b7bf73298979efe99671602825cb71cc37,2025-03-03T14:15:54.330000 CVE-2025-25166,0,0,f5428199d8b191f5ec9fa7a05ec98d82647ebea96576afd260370950cb5142c0,2025-02-11T18:25:01.633000 CVE-2025-25167,0,0,e14b9eb6e466e19d148bb81d5cb2df8f805c1241e9a9e8cd6260db11c719e980,2025-02-11T18:22:46.253000 CVE-2025-25168,0,0,93fb1477ac0fd147322a0beee26e3b74949bd1187f727ff11033ff5c839391ea,2025-02-11T18:21:01.407000 +CVE-2025-25169,1,1,ac8afa6ab5756020c58b68a7c9c3e968500fd7fbcfdbe12913b2afdc72bbd451,2025-03-03T14:15:54.477000 +CVE-2025-25170,1,1,5fc159b81b03b8b96394e6682ff7b0696712f10b233cb4eab66d5f088243486a,2025-03-03T14:15:54.613000 CVE-2025-25181,0,0,d93e6c4eee13ffa168372e2c7e46bbc0128edff1659cd70737de5b3c44664eea,2025-02-18T19:15:28.613000 CVE-2025-25182,0,0,6fd347398e5cc83c7bcf9c93dfa3366f2e8e0aced29c81495217dd5d01f504cd,2025-02-12T17:15:23.857000 CVE-2025-25183,0,0,9f610c42840d8f1123d400fa738e85280ed4290b29d92e2aa642daf493197632,2025-02-07T20:15:34.083000 @@ -283461,8 +283606,11 @@ CVE-2025-26530,0,0,09a0748455bc659d6989e31e327b5989db76ac7924c30a95a554cde861ed3 CVE-2025-26531,0,0,fc0f4e77d1c1071bba686eb2017d32fa454189d0419ad72aaf9c7f4e2b6e442f,2025-02-24T20:15:33.933000 CVE-2025-26532,0,0,5e501a7d3709b2aa8c5be9125b3a76235831b0b4b3b67ef6bc1a6c982c27eef2,2025-02-24T20:15:34.053000 CVE-2025-26533,0,0,a18d4f4a5a0ac1e162dfff41acb3a5f496590937464ceb83e8fe84ab406903e7,2025-02-24T21:15:11.057000 +CVE-2025-26534,1,1,6fc053c5ae01a8badbbaec51325a6329c073f97602adb14a02d554110cdb41ae,2025-03-03T14:15:54.757000 +CVE-2025-26535,1,1,10bf1d3b4fd8855382114c974e895976efa527d78196d8edb6a9f26eeba26f4f,2025-03-03T14:15:54.900000 CVE-2025-26538,0,0,1b562cf933ca4f85387b9ad113a7e0bff6d82f6dfd74192b752d3543af30d3f6,2025-02-13T14:16:19.100000 CVE-2025-26539,0,0,276f32835753e35ddba03e434efdb4b7cdb02fdf3cdfcf4922e56feaff65d802,2025-02-13T14:16:19.383000 +CVE-2025-26540,1,1,ed3070be48d00a76e88c10251c8e991ed8714bee460ed7a12da5751f7d5c31c1,2025-03-03T14:15:55.037000 CVE-2025-26543,0,0,b3dbce2448f1125de716ecbc885f7a4be61adfbd3d23eb6c2c769d8219c9a560,2025-02-18T18:15:36.597000 CVE-2025-26545,0,0,671b62b3ebd6109c7d444305b7bdaf6b06c56d8b40b26f4862f918f454077764,2025-02-13T14:16:20.043000 CVE-2025-26547,0,0,e08dcb76a1a156827a53523cfc389ec01817f240b8063496d38b458c276a6d4a,2025-02-13T14:16:20.347000 @@ -283470,9 +283618,11 @@ CVE-2025-26549,0,0,a91c3170bbcc373aaf39cde5374b44949bf89c60e7eb9052278e26cc0b4c7 CVE-2025-26550,0,0,11ffa180d12636b1f76387bc0c94d3286af647f36111bf953b554aa472cf9302,2025-02-13T14:16:20.993000 CVE-2025-26551,0,0,7dba4004c8c5ac4b8233012e2b2938b33f182bd977f21f4fcded6f08beb26471,2025-02-13T14:16:21.450000 CVE-2025-26552,0,0,16d07aca1b11958070d4074738ec0200053b71a2d60f0b27a550d9209c196d6d,2025-02-13T14:16:21.787000 +CVE-2025-26557,1,1,d385ed145fbb4f8d815d25d06045454beb6305459538025233079fe8d87676e9,2025-03-03T14:15:55.173000 CVE-2025-26558,0,0,a062ee3114c1fd8a9a3b12a23d155f52de34c21e7fb6b719fabc3bfc4229ad95,2025-02-13T14:16:22.130000 CVE-2025-26561,0,0,9db6fc955870504ffcf58626e676807e01c595a1a1593cd3c1cecbb59b4da31a,2025-02-13T14:16:22.450000 CVE-2025-26562,0,0,78c3ae54a6c695c17d29fde5c9737279cebca6b65324878f65a4af2921bdd7d5,2025-02-13T14:16:22.607000 +CVE-2025-26563,1,1,8980540b2b19cd1958ec1f2f791aa899eefc90f63022f10bd43a73920718b428,2025-03-03T14:15:55.310000 CVE-2025-26567,0,0,9c52f3fc1e49f60743513ba1ed12dcbfda98a9640ff0dad0a481c93829413d86,2025-02-13T14:16:22.763000 CVE-2025-26568,0,0,6a192b29369c6b3335433454f2c2e808bd01940f79d2fba0874a491ae58acee8,2025-02-13T14:16:22.910000 CVE-2025-26569,0,0,9a179d6db4962531369c0769d72d435114b34b89fbe8cbd8217294dfd6d060d0,2025-02-13T14:16:23.070000 @@ -283484,6 +283634,11 @@ CVE-2025-26577,0,0,1471b9d6e9fec6c623a663e5500ad54800d22aa03d3125ea0ff8be8b0728f CVE-2025-26578,0,0,1ba1d37a5d1af1d2f76239a6f2ed820c7ad94689f9ccc172f7eecaa56fe90e3f,2025-02-13T14:16:23.990000 CVE-2025-26580,0,0,c808557e22a6d83e87ce5992c6ff2cdddda2d2aa66f5a321875aca0441d9569c,2025-02-13T14:16:24.250000 CVE-2025-26582,0,0,00823840b86fea4d98d4ba8da828de8ef859573fc8d1e89f9ae001b9d6f9a267,2025-02-13T14:16:24.407000 +CVE-2025-26585,1,1,9ac38f3a065cada74e53eb756be42cd5cc9e7d81f5a7067757b2f87cb299348a,2025-03-03T14:15:55.470000 +CVE-2025-26586,1,1,9de798772bcf8b69e1f9d59046278061df5835cbaf2bec86432fb70a5b0e047a,2025-03-03T14:15:55.640000 +CVE-2025-26587,1,1,9dc6f2a7bb360069e4b8cc02514cde74f4a8d2bcaac5ee6bdad13028e58f561e,2025-03-03T14:15:55.780000 +CVE-2025-26588,1,1,3d48a24eb2502fc6c90773e5ff07df46aea0a78afc7299ab4e2317fbf1b71d2c,2025-03-03T14:15:55.920000 +CVE-2025-26589,1,1,944d5104a3821c549e39415555e5cac14ff0ae961ea607176bbfcada777b7096,2025-03-03T14:15:56.067000 CVE-2025-26594,0,0,f52622e90ba02322fe54e5494c4e427cc87f99b4ddf1ffa95d2c6287b6ff03d2,2025-02-25T16:15:38.227000 CVE-2025-26595,0,0,faa3621d427daf06dcbd4c84b0455d0d377f52d455439a7d523a5b271ab6f5b9,2025-02-25T16:15:38.390000 CVE-2025-26596,0,0,5a229b8b2590f44710dba6a8a132ba9f956796cb0a5f60f3f2e0b0397b6e33eb,2025-02-25T16:15:38.603000 @@ -283555,10 +283710,12 @@ CVE-2025-26871,0,0,ab850536250644e42a3ba5d883350c3eff02f87d1e660abd32733c03a6449 CVE-2025-26876,0,0,951eb7449b154de578d3128a59b04224fb75a7c7aa4bcfeca0a4c24d809c64ec,2025-02-25T15:15:24.180000 CVE-2025-26877,0,0,b1fb1271cf45d4f78b6f005e3e24f2bb5a70e11b2fe017c5fa8de04fa1174cda,2025-02-25T15:15:24.380000 CVE-2025-26878,0,0,b83c78001aed3b72257afa473beed64325520c746080d9d4c55fc0721207cb83,2025-02-25T15:15:24.560000 +CVE-2025-26879,1,1,ee3d3c367f382999f7c131659c188d29259a67959865aa261444c0890da811b1,2025-03-03T14:15:56.213000 CVE-2025-26881,0,0,921429dd5a0c5a1101d4da691445afee44c665c84de754602fbf841d0217b94b,2025-02-25T15:15:24.690000 CVE-2025-26882,0,0,7062fd0c75af34ccf6b6ec2ff75c922493b57ba8fdc01187594aa2fa72d319c7,2025-02-25T15:15:24.837000 CVE-2025-26883,0,0,922ad8d066f9e08d920e6020bb5edb414ef495b7a7f4fba5c400a5b716452883,2025-02-24T15:15:14.007000 CVE-2025-26884,0,0,1d074e2084c12e5387b24bf69656649d494667e7bb4c2438392c9dd96d466434,2025-02-25T15:15:24.977000 +CVE-2025-26885,1,1,aaeeeb7523d3ad23a8905509f21778a495219afcfd8e2f3597d8ce85f8c015d7,2025-03-03T14:15:56.360000 CVE-2025-26887,0,0,d620956d3ea5625abfbc4595a1a19c4cbaf27ed3b93aec2afc55fa2fa354983d,2025-02-25T15:15:25.117000 CVE-2025-26891,0,0,20d9b98fa953b2c2ae1876c761e770a063cad8d8555cb8705b5f8d6ebece6625,2025-02-25T15:15:25.253000 CVE-2025-26893,0,0,1e55e8031dea60b355f7bfdcd2784f0b2b9ad5afec3a445aae3078ebb5e3718e,2025-02-25T15:15:25.390000 @@ -283571,7 +283728,10 @@ CVE-2025-26907,0,0,12cbcc5c8b9c8102e25a8b6b26b7cf51a11f16a102e0d9c393e6b591cd646 CVE-2025-26911,0,0,69bc9028618de684f0fd93e47f869e941f72b06df9e8d8d5b5d7c83ef9d05729,2025-02-25T15:15:26.393000 CVE-2025-26912,0,0,e79b24db34788e23307e263a850245edf07e94d4a7f854cf9650116a3ca5b4f5,2025-02-25T15:15:26.530000 CVE-2025-26913,0,0,6404f4027080b1b189a02d4823943b3cde1c26a6a1695b9a80537c5a912ca3cc,2025-02-25T15:15:26.663000 +CVE-2025-26914,1,1,226881c0e7104d164f16fb899b4d54831bbb9313d069f9649f0bd17e480b43ed,2025-03-03T14:15:56.500000 CVE-2025-26915,0,0,e63561d7adcf992fc96846addce01208e0fc68636cda02f3f3ede272653e6e46,2025-02-25T15:15:26.793000 +CVE-2025-26917,1,1,31cc21cc9072306585f69514f61f2e960ec855b1681b400f7e8f49a88e62c0af,2025-03-03T14:15:56.640000 +CVE-2025-26918,1,1,98eec19d324c288ebb7a445776d639c4e1c856c42b6d8f891272eb5a03cd771d,2025-03-03T14:15:56.787000 CVE-2025-26925,0,0,8946eee7a39194c4afd7076d624fb421e6dcd2fade2681e6dbc0c8990bd1c992,2025-02-26T14:15:11.743000 CVE-2025-26926,0,0,46670274056f543a2d8d831b8a506aef43cfadd1396d409b955b63f1e76e669c,2025-02-25T15:15:26.930000 CVE-2025-26928,0,0,861f1ddc85c79a1a8d63021b4a752a7980136fff79059fb765bfdd66a75382c5,2025-02-25T15:15:27.067000 @@ -283595,6 +283755,8 @@ CVE-2025-26963,0,0,54f00e4fea41b88956fdb0f9291bf51c02378bde0a947585b962f5bdc1cc3 CVE-2025-26964,0,0,ea0080d8ce2ecb3373a085eceb32e90ea95cb761f82deb76b39a1124e96a2b84,2025-02-25T15:15:29.557000 CVE-2025-26965,0,0,93c337cc3eb3f8fc92e5ddc9ffc0898aaa0f0aad24f5399c878678a39f5616ad,2025-02-25T15:15:29.703000 CVE-2025-26966,0,0,684880e8c3573c6260a708640641c019d80d69ea6fd25ee44630d6bbd77dd883,2025-02-25T15:15:29.870000 +CVE-2025-26967,1,1,2cae9a5ea0d13b0819f134b63dbd07e03b6937014242e21d306c74a74ba6e150,2025-03-03T14:15:56.927000 +CVE-2025-26970,1,1,3fcdcd39b757ef90c65ee65cbf95ffeab429f7b7293b199e99fda40f9f84ac67,2025-03-03T14:15:57.077000 CVE-2025-26971,0,0,e0eab267b5fe828b40a07ebbc4ca96ca688836c7dc0a336c224f3b128e48119a,2025-02-25T15:15:30.017000 CVE-2025-26973,0,0,dfc2b4d3fdbe9f7b9fc4015477cd2b76bd1f2004f6502405d65906b3259ef418,2025-02-22T16:15:32.347000 CVE-2025-26974,0,0,087b2068688c855d65bcc9dc5a6b0a9d8b357bc70b730524b9e5919cb0ee5a69,2025-02-25T15:15:30.153000 @@ -283604,11 +283766,16 @@ CVE-2025-26979,0,0,3430c3c7589910c0ce9812da83cd3b1e3a2f205c2786e4db026732f56da42 CVE-2025-26980,0,0,dde475827d98f921adf627fe3afe81e813ccdfcae63ecbed9473027c0ab62abe,2025-02-25T15:15:30.730000 CVE-2025-26981,0,0,3c198cc5da3d6f650a9e99b4d0dde322351720ee3c085612f1fbc577072a1976,2025-02-25T15:15:30.873000 CVE-2025-26983,0,0,d6a859f29d624b201143fae24b6b474b6dfa136735775ba5e00cc884a212ebed,2025-02-25T15:15:31.043000 +CVE-2025-26984,1,1,4af481fba67a57e18808ad20a88c959b47075f6264737d9388e840426e3aa494,2025-03-03T14:15:57.217000 CVE-2025-26985,0,0,5fb0ce30a005f045393ce6a9e4877e64e68127385c508c29b67962ad383bc902,2025-02-25T15:15:31.183000 CVE-2025-26987,0,0,597d2628b42a4a65165e807aa9eb7e16ab56b0bee51783965b846b2753d560be,2025-02-25T15:15:31.313000 +CVE-2025-26988,1,1,f07429d9e9de45ae5ff17f5b203ad2f18c3aee33f0acefc7843fd5db7f125e42,2025-03-03T14:15:57.370000 +CVE-2025-26989,1,1,4e5cd6fb4f0c7e1d0912bb798a58543425f1f8f05cc1ac6eeeae0c6bfaeb1aae,2025-03-03T14:15:57.520000 CVE-2025-26991,0,0,84217b1c95797f5f6a3434460f887fd28027f10e4a2535fce5046994c53e0aac,2025-02-25T15:15:31.460000 CVE-2025-26993,0,0,25d916d390de90b80a1e84bf0243f302c32b655919eea97f6f91c9f96aa389dc,2025-02-25T15:15:31.590000 +CVE-2025-26994,1,1,9167a3bc8aedacd7f9d21545cdcbb07687b72ee1dab9358d1d90ddcbd450f665,2025-03-03T14:15:57.667000 CVE-2025-26995,0,0,9f9fd1cf4c78a39e37c563908ec2c351a2e202019a39ae0f35b6be53c49be04b,2025-02-25T15:15:31.720000 +CVE-2025-26999,1,1,8c64a91161ab0aa5bf793f758186e5ed0408fbb3bed66a569dd53652259b21a0,2025-03-03T14:15:57.830000 CVE-2025-27000,0,0,1ac554f083699af2e8a7ca7e5b9fee0cf63423d6e7b9eac2cf80407f8bbcfb4d,2025-02-25T15:15:31.853000 CVE-2025-27012,0,0,3a1893682864e642f849034c4092180dc7a4b18b7a6ad2f7375bac0e9841b34a,2025-02-22T16:15:32.497000 CVE-2025-27013,0,0,9b9378b18f13319340e1f24d5072a99db201f1036e2a63d2b47d9e89c2a36e2e,2025-02-18T20:15:33.880000 @@ -283645,11 +283812,22 @@ CVE-2025-27148,0,0,0963513cfe4fd138a7cc371ff6c5e28b249af6b11e474f931c82fde41391b CVE-2025-27154,0,0,179e806bf6fd7e259a7a47a7d31c5b4ce46022e5303dc73a51a2119984531a3e,2025-02-27T15:15:41.937000 CVE-2025-27157,0,0,d1dc9b4dc7f892f66b40d5a59eaf35f745dad910762a74c52136c3d66f64265b,2025-02-27T17:15:16.867000 CVE-2025-27218,0,0,a1f84aab7c20671025069586dc6eda2e424af576b61d56df1ec2458e5aa40a25,2025-02-20T21:15:26.510000 +CVE-2025-27263,1,1,bb2fb5fbdd50586632b45bcd28ca8d1b94cc0c3d678d9350164209de7a3a7d9c,2025-03-03T14:15:57.980000 +CVE-2025-27264,1,1,3266982b454bfda336470c942e22fa435d9ddfb60b41319a7c42000b556f0d3c,2025-03-03T14:15:58.123000 CVE-2025-27265,0,0,064ce13be3b2caa339c06df0a9bbd275da3bf393870e4191cf15429558044c93,2025-02-24T15:15:14.310000 CVE-2025-27266,0,0,0b43dda3510df1a6caf90e315ec8e9c1ba742b051a50a212ca0413260e31120b,2025-02-24T15:15:14.443000 +CVE-2025-27268,1,1,e64be4188771dad6a15e59495b3da70ccafc47140d11055147f480507c09fd52,2025-03-03T14:15:58.260000 +CVE-2025-27269,1,1,8ff5830914d2e85e7b2b2251b9b4e6c22853d6a932cada44a8898fea487a3055,2025-03-03T14:15:58.403000 +CVE-2025-27270,1,1,62ce7ae39552dcf98e74a929da94c122901033843d659e740e76ce886f88b137,2025-03-03T14:15:58.540000 +CVE-2025-27271,1,1,a51dd779d1e01c42ca782189b1a6be007e4b2ddcd153553426551dce64779f7c,2025-03-03T14:15:58.677000 CVE-2025-27272,0,0,031cb0c5a5ee5c0d99c125c8cfce6477a55151f9e350ba83c3bb825eb8b36e1c,2025-02-24T15:15:14.587000 +CVE-2025-27273,1,1,986adc4105f3b5d942d000deb3102d4e3205c4be20cd32374cc7b1b5bae346dd,2025-03-03T14:15:58.817000 +CVE-2025-27274,1,1,842d87aaf06cdd60469bc880e3837fd7461b958f513a3d834bc643ba6b7b56ed,2025-03-03T14:15:58.960000 +CVE-2025-27275,1,1,ffedf4deb1e1963ad3f8692ee23ead4a75a895038be801e42551de90045582bc,2025-03-03T14:15:59.097000 CVE-2025-27276,0,0,38d755ee9b6acb225b7f449b7a5baa0e000c60dcb53715f6dc4116b6d4e4c37a,2025-02-24T15:15:14.730000 CVE-2025-27277,0,0,1e3db72458897ceab2ba68afe91afc155436af173199d9b5d9a959fd815e4da9,2025-02-24T15:15:14.867000 +CVE-2025-27278,1,1,6b9f7737396b4f81c685357d8b78d34b8232b3b2177ca75760834123edb62046,2025-03-03T14:15:59.237000 +CVE-2025-27279,1,1,2ed308b24a8b12b77d4ffde2c8673af3dd0bc257ae3107361374c36be0f1e141,2025-03-03T14:15:59.373000 CVE-2025-27280,0,0,8676dde15db79bd7dff4cf239425e3f3d950b17aa3701d636d0a7bd0e166a35e,2025-02-24T15:15:15.007000 CVE-2025-27290,0,0,aa628d5cea07d5d297c7ccfde23ff70de2a1958791da61d5415ca3597f031c14,2025-02-24T15:15:15.153000 CVE-2025-27294,0,0,c0b6fc5af6ea72ce95deb09b1966be2a148292fc28e45c7d495dbcb943cd9ee4,2025-02-24T15:15:15.287000