<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T19:45:40.419586+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ca1c0953-fdb5-47f4-aec2-7809e1587334/export</id>
    <title>ca1c0953-fdb5-47f4-aec2-7809e1587334</title>
    <updated>2026-07-14T19:45:40.444489+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ca1c0953-fdb5-47f4-aec2-7809e1587334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-15298", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mqcdablfyd2v", "content": "CVE-2026-15298 - DOM-Based XSS in Telsender WordPress plugin up to 1.14.14. Unauthenticated attackers can inject scripts via Telegram chat titles, executing when admin clicks \"Tested\". CVSS 7.2. No patch available. Disable plugin until fixe...\n\nhttps://www.valtersit.com/cve/CVE-2026-15298/", "creation_timestamp": "2026-07-10T14:10:12.242159Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ca1c0953-fdb5-47f4-aec2-7809e1587334/export"/>
    <published>2026-07-10T14:10:12.242159+00:00</published>
  </entry>
</feed>
