Auto-Update: 2025-04-17T10:00:19.653668+00:00

CVE-2025/CVE-2025-36xx/CVE-2025-3615.json

@@ -0,0 +1,68 @@
+{
+  "id": "CVE-2025-3615",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-04-17T08:15:12.730",
+  "lastModified": "2025-04-17T08:15:12.730",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form-submission.js script in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/fluentform/tags/6.0.2/assets/js/form-submission.js",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3274693/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/fluentform/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f31bd18e-57d4-4c87-8a7c-a168e7e70061?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-04-17T08:00:19.771825+00:00
+2025-04-17T10:00:19.653668+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-04-17T07:15:43.790000+00:00
+2025-04-17T08:15:12.730000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,22 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-290492
+290493
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `9`
+Recently added CVEs: `1`
 
-- [CVE-2024-11924](CVE-2024/CVE-2024-119xx/CVE-2024-11924.json) (`2025-04-17T06:15:42.460`)
-- [CVE-2024-13925](CVE-2024/CVE-2024-139xx/CVE-2024-13925.json) (`2025-04-17T06:15:43.590`)
-- [CVE-2025-1523](CVE-2025/CVE-2025-15xx/CVE-2025-1523.json) (`2025-04-17T06:15:43.697`)
-- [CVE-2025-1524](CVE-2025/CVE-2025-15xx/CVE-2025-1524.json) (`2025-04-17T06:15:43.793`)
-- [CVE-2025-1525](CVE-2025/CVE-2025-15xx/CVE-2025-1525.json) (`2025-04-17T06:15:43.890`)
-- [CVE-2025-2903](CVE-2025/CVE-2025-29xx/CVE-2025-2903.json) (`2025-04-17T07:15:42.520`)
-- [CVE-2025-3113](CVE-2025/CVE-2025-31xx/CVE-2025-3113.json) (`2025-04-17T07:15:43.790`)
-- [CVE-2025-3294](CVE-2025/CVE-2025-32xx/CVE-2025-3294.json) (`2025-04-17T06:15:43.977`)
-- [CVE-2025-3295](CVE-2025/CVE-2025-32xx/CVE-2025-3295.json) (`2025-04-17T06:15:44.257`)
+- [CVE-2025-3615](CVE-2025/CVE-2025-36xx/CVE-2025-3615.json) (`2025-04-17T08:15:12.730`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -246433,7 +246433,7 @@ CVE-2024-11918,0,0,f7031582b21494aaa2ccab4dd4ab92d52bf9f67c1445d9fb72b363b717cfc
 CVE-2024-1192,0,0,5063d16699b3db058d0f99170ded601d82fcfc6f39ec66d01e8a7cebfd42903d,2025-01-08T14:35:22.633000
 CVE-2024-11921,0,0,8d14fd5ac89466ae906ad741ca0367246b772d6837be889940ee25bf6694b61d,2024-12-27T19:15:07.850000
 CVE-2024-11923,0,0,4d6a80e3f288fbe3ed1bd4a1feabd18394fd01e27066d6fff1deb3858322387f,2025-01-18T00:15:25.823000
-CVE-2024-11924,1,1,3cb63d7102a51f351af80ac973c3bf0a577e40162dfeabcbc4fecbf2598ae88b,2025-04-17T06:15:42.460000
+CVE-2024-11924,0,0,3cb63d7102a51f351af80ac973c3bf0a577e40162dfeabcbc4fecbf2598ae88b,2025-04-17T06:15:42.460000
 CVE-2024-11925,0,0,77043a2dc07077ec38aa584033543217cc9fb39ce00751159aa83ba0aa54cc6b,2024-11-28T07:15:05.267000
 CVE-2024-11926,0,0,12ad1d9fc49995c8eb92feee3b52ec9fafd14557b209a764d700401682560722,2024-12-18T12:15:09.107000
 CVE-2024-11928,0,0,4eb81c3b991253e17b093831750d2f60d8030675796e16e7e29cc29429037a0b,2024-12-10T11:15:07.220000
@@ -248405,7 +248405,7 @@ CVE-2024-13921,0,0,4f6aa92e6d61c437236e3bf955f7529ab092cd9f34d6302d281427daa117d
 CVE-2024-13922,0,0,6cd484021b2a9356da4dab3938017878db2ce098f796a1ee0313bd1e4dc9d7cb,2025-03-26T18:05:29.983000
 CVE-2024-13923,0,0,a528ee5b51622639984378ce5c82c5f3996bc4ee38135a9723b678cb2485bd4f,2025-03-26T18:18:32.280000
 CVE-2024-13924,0,0,6771f2a575eb9b234ba437c9c60a2d5807f8aded376287df6e1ca4c3782207e4,2025-03-12T16:23:39.567000
-CVE-2024-13925,1,1,6f9266b52e195cf14c4b5615ca9d55e17fdb97eee96ea329f30eba76593c887a,2025-04-17T06:15:43.590000
+CVE-2024-13925,0,0,6f9266b52e195cf14c4b5615ca9d55e17fdb97eee96ea329f30eba76593c887a,2025-04-17T06:15:43.590000
 CVE-2024-1393,0,0,807d9a3a72d3c227cf073d19ae4d043ce29012d9a81f19ad09766963a4531e84,2025-01-17T19:54:07.350000
 CVE-2024-13933,0,0,6c1d1592227807572b59c7607e13d58cd1b568936f1ec0b9bb42956c7610a4b0,2025-03-19T12:15:14.003000
 CVE-2024-13939,0,0,921141b59fb64caa413d175858785c8fecf23c4615e123e5aadc58ca56a65359,2025-04-11T18:10:56.160000
@@ -282326,9 +282326,9 @@ CVE-2025-1513,0,0,ce3139c624bf0aef8e367fe572f1b2e77a39780d5752c990d66c97a9a157ed
 CVE-2025-1514,0,0,c380acc87f967f8bd432c9c7527813044f99f9dd9766e01548adcd3d3b59da8a,2025-03-27T16:45:46.410000
 CVE-2025-1515,0,0,96efd86c5199277c649db9d3a44020b0cf7829d395d3a3db8805b6323baa5417,2025-03-05T10:15:19.850000
 CVE-2025-1517,0,0,59f92391aff92edb8f0e2c5d447824bc758e9021eff4b28d2fd46f3db7241347,2025-03-24T17:56:06.763000
-CVE-2025-1523,1,1,29f159fe485086724a313c0257f3e30e8e27f993ddc3853ade3817570e00d788,2025-04-17T06:15:43.697000
-CVE-2025-1524,1,1,826952da060f71942798f481ac740b90db29b52889e89e39923f4ca26e81330f,2025-04-17T06:15:43.793000
-CVE-2025-1525,1,1,564d2c653a0edadd0e1a193042051407318b5d53ebf8f6f7ca9d5aaae0eb7d37,2025-04-17T06:15:43.890000
+CVE-2025-1523,0,0,29f159fe485086724a313c0257f3e30e8e27f993ddc3853ade3817570e00d788,2025-04-17T06:15:43.697000
+CVE-2025-1524,0,0,826952da060f71942798f481ac740b90db29b52889e89e39923f4ca26e81330f,2025-04-17T06:15:43.793000
+CVE-2025-1525,0,0,564d2c653a0edadd0e1a193042051407318b5d53ebf8f6f7ca9d5aaae0eb7d37,2025-04-17T06:15:43.890000
 CVE-2025-1526,0,0,6ccdbe928ef24ca526e4b1e5e42bcc074377bcc67cdebc47d468f5396b2349da,2025-03-24T18:04:40.790000
 CVE-2025-1527,0,0,ed274a04b6ad0457d200f338a2994672af54e52d41647b0116177bb8ea442a0d,2025-03-24T17:50:57.550000
 CVE-2025-1528,0,0,7b51d848bb252c8d2ce8faab7faf50aeaf0b47cac9c6975607b632c5e9c036f9,2025-03-14T05:15:42.170000
@@ -288013,7 +288013,7 @@ CVE-2025-2901,0,0,0f9760d041f8cccc36ccbc275a992ee13e955e366948eb261a1d4c80f42918
 CVE-2025-29017,0,0,91377a5dec7f4c859977641f157a48185a056d6868f195347a73b619d0d865de,2025-04-11T15:39:52.920000
 CVE-2025-29018,0,0,bd72c59170866522bd5f75aaac840c425073014b0df106adab360beabfb9c791,2025-04-11T15:40:10.277000
 CVE-2025-29029,0,0,39541c2aec3ae7c63f9d62e0a3860448d6ebc46233cbb2f267704a4d9534c15a,2025-03-18T18:15:28.817000
-CVE-2025-2903,1,1,9048f98409e3f70400e89704a20236285b352be99fc8ef955efd9b8928092c91,2025-04-17T07:15:42.520000
+CVE-2025-2903,0,0,9048f98409e3f70400e89704a20236285b352be99fc8ef955efd9b8928092c91,2025-04-17T07:15:42.520000
 CVE-2025-29030,0,0,5c6a6bbb988d8463666139df5df874e45be8a953aa025e17f70aff541e298642,2025-03-19T19:15:47.790000
 CVE-2025-29031,0,0,fc79f4214f85e8c2dc7f22a3d332d338110c9a0fc6645f125dc5ea2077bdeb39,2025-03-19T19:15:47.940000
 CVE-2025-29032,0,0,12b1441dc9358c5c16def012730045c4192ae6bcec0473634ec29643cb1836c3,2025-04-03T15:46:23.280000
@@ -289025,7 +289025,7 @@ CVE-2025-31126,0,0,594a8e94f07ff895f7cdb73c7c326c792c6e32e5456100ad6de0f2cd956e2
 CVE-2025-31127,0,0,c3c69120067218a710205eeaac6e6acc7d4fd14fcb0d51ffd70e82dc0689d86a,2025-04-07T14:18:34.453000
 CVE-2025-31128,0,0,992ee51c7a18646791d426aa64d2b0202893c5a61a5ad55fec4ea4f70b592f53,2025-04-01T20:26:22.890000
 CVE-2025-31129,0,0,dff9fc2be964a820fb8cb151749bedd1a6b1b0feb654fb5f4f13b274250615b8,2025-04-01T20:26:22.890000
-CVE-2025-3113,1,1,1325e5780d365227cae8a58fe9213fbd1e15decd3071672d6c844396c5275b5d,2025-04-17T07:15:43.790000
+CVE-2025-3113,0,0,1325e5780d365227cae8a58fe9213fbd1e15decd3071672d6c844396c5275b5d,2025-04-17T07:15:43.790000
 CVE-2025-31130,0,0,acf3990daefd59c21fd5a299f504c7568622322ae9d561fcc713ae7aa1c998a6,2025-04-07T14:18:15.560000
 CVE-2025-31131,0,0,b120cc94994cd9a3758fcba4bd13dbbd6f72eb85270e760ef840141e21464949,2025-04-01T20:26:11.547000
 CVE-2025-31132,0,0,529f4cea3faea434883eda729fc063219493e8e091a7f2f10b391b34138f5f80,2025-04-01T20:26:11.547000
@@ -290171,7 +290171,7 @@ CVE-2025-32936,0,0,29dc2f3c00eb89673847afae248d9df90a25a39aabce36309a5ac98a67125
 CVE-2025-32937,0,0,381dd7391e5a6da69a0fa237d6545f019b5768b7465ef78efcb247c3d7d53fce,2025-04-15T03:15:17.850000
 CVE-2025-32938,0,0,d97032ba2fb62d85b0fd781b1a847fc87e2cde9e5de8598412a81c2f7b235dad,2025-04-15T03:15:17.910000
 CVE-2025-32939,0,0,6d0ae9200a7976c683c740ee0295d246f733a1e3dbef51e2eacbe3ae7efb8a4d,2025-04-15T03:15:17.957000
-CVE-2025-3294,1,1,3bd8860df0723cb07cdaa0e039a3f3f4f71896f4e58d34972f24be10522cc2b5,2025-04-17T06:15:43.977000
+CVE-2025-3294,0,0,3bd8860df0723cb07cdaa0e039a3f3f4f71896f4e58d34972f24be10522cc2b5,2025-04-17T06:15:43.977000
 CVE-2025-32940,0,0,ef492180fd67c205ba6c2e08604b15b7b05288970e18fade437210606e359428,2025-04-15T03:15:18.013000
 CVE-2025-32941,0,0,7b47b38d71f23645464b8e8efcb34f5cd92a1b50b5494bf228368f472d5e5710,2025-04-15T03:15:18.077000
 CVE-2025-32943,0,0,8da80cfe2534c19b706545f146442699c19028eec95686cadadb83d78172a33c,2025-04-15T18:39:27.967000
@@ -290181,7 +290181,7 @@ CVE-2025-32946,0,0,e502d8257a0e54b07a9a15a77196ba5f219fb0f7dfbe64bb96996d1195659
 CVE-2025-32947,0,0,9770822acefd8a91f7f92b12f4afc9c6d40ba8a370784108c08acb9b87dd4e36,2025-04-15T18:39:27.967000
 CVE-2025-32948,0,0,e7b1322f9dca2c3d94e7071e5958f64377666146936a54c3970c1112cf430167,2025-04-15T18:39:27.967000
 CVE-2025-32949,0,0,dd1479aa4f6a7efdeed71347534e296fcef6b322436f826e6348b41beb2527ff,2025-04-15T18:39:27.967000
-CVE-2025-3295,1,1,1e1ae4adb3f25ced64a54aa02b07cddbf85ac00f38cbd279b96703a29dc38b50,2025-04-17T06:15:44.257000
+CVE-2025-3295,0,0,1e1ae4adb3f25ced64a54aa02b07cddbf85ac00f38cbd279b96703a29dc38b50,2025-04-17T06:15:44.257000
 CVE-2025-3296,0,0,604544c60030717a0b7298a4216c2cee6c0b09dc746101c73c6d715c2da17326,2025-04-08T16:49:21.037000
 CVE-2025-3297,0,0,450f027df383ac012c0d670b8246ab459ec83da0d22f33695d8eb8051ee5200e,2025-04-08T16:49:12.910000
 CVE-2025-3298,0,0,289613560130dabe199eea55128a1bdfe9eecd882e62238f3674c43e858ef0bc,2025-04-08T16:49:00.290000
@@ -290377,6 +290377,7 @@ CVE-2025-3593,0,0,a01f66982e63d1a9077a22fb9d3bb17c3788e9968a5ce8acfaa25734a95588
 CVE-2025-3608,0,0,838aedee297b1dbbe0afe512560041feff5effbe5ceac80b2ec5ed3a6d143565,2025-04-15T18:39:27.967000
 CVE-2025-3612,0,0,b3e7e1fd46c9147c27f3feb15d1a5ba8eabce3f8bab41f1f78e6d74dff7b1b50,2025-04-15T18:39:27.967000
 CVE-2025-3613,0,0,9c314abbc6473987a4462c7f86d0ede7026d1a1d89f3e10127913343b31eedd8,2025-04-15T18:39:27.967000
+CVE-2025-3615,1,1,55402eb8103671fbd8944245d79b71856cd518c10c14e38bcdbc92d383752b13,2025-04-17T08:15:12.730000
 CVE-2025-3617,0,0,8b166380afe19241854c65e4319a7a4bf7fa4a3b21b435fec16e6239c6e67cc8,2025-04-15T18:39:27.967000
 CVE-2025-3618,0,0,eda45473138c6808735db2df162e6171a422dd9195142056b67b3d52202066c7,2025-04-15T18:39:27.967000
 CVE-2025-3619,0,0,53be325581dce300b9e806b9d83ff7fe2c4e86a07254b58c0415f8bff201f32e,2025-04-16T21:15:47.920000