<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-08T17:22:31.579218+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/334a74d2-e9e7-4c7d-b042-d43dacf08426/export</id>
    <title>334a74d2-e9e7-4c7d-b042-d43dacf08426</title>
    <updated>2026-07-08T17:22:31.607806+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "334a74d2-e9e7-4c7d-b042-d43dacf08426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4375", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq36owdt2c2w", "content": "CVE-2026-4375. CVSS 9/10. DoLeads Integrator and wp2epub let unauthenticated visitors execute code on your server. Your database. Your wp-config. Gone. No patch available. Disable both plugins immediately. Scan your WordPress site: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-07T18:00:16.493986Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/334a74d2-e9e7-4c7d-b042-d43dacf08426/export"/>
    <published>2026-07-07T18:00:16.493986+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4d815137-d658-4492-af04-9e49da3f0072/export</id>
    <title>4d815137-d658-4492-af04-9e49da3f0072</title>
    <updated>2026-07-08T17:22:31.610812+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4d815137-d658-4492-af04-9e49da3f0072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4375", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq2rwwipzw23", "content": "CVE-2026-4375 - doleads integrator\nThe DoLeads Integrator and wp2epub WordPress plugins, versions 0.65 and below, contain a security flaw that allows unauthorized users to execute malicious code on\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#doleadsintegrator #unknown #CVE #infosec", "creation_timestamp": "2026-07-07T14:12:06.787045Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4d815137-d658-4492-af04-9e49da3f0072/export"/>
    <published>2026-07-07T14:12:06.787045+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/47e8b3db-8435-46ae-b9c1-c5b8afde0df8/export</id>
    <title>47e8b3db-8435-46ae-b9c1-c5b8afde0df8</title>
    <updated>2026-07-08T17:22:31.610954+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "47e8b3db-8435-46ae-b9c1-c5b8afde0df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4375", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq23iqtn2r2u", "content": "CRITICAL code injection found in DoLeads Integrator &amp;amp; wp2epub WordPress plugins (\u22640.65). RCE possible if exploited. Avoid use, restrict plugin installs, monitor sites. https://radar.offseq.com/threat/cve-2026-4375-cwe-94-improper-control-of-generatio-71c36276dd5a5ffb #OffSeq #WordPress #Vulnerabi...", "creation_timestamp": "2026-07-07T07:30:28.859239Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/47e8b3db-8435-46ae-b9c1-c5b8afde0df8/export"/>
    <published>2026-07-07T07:30:28.859239+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/456d2b00-980c-49a8-89a3-2035b8d9534c/export</id>
    <title>456d2b00-980c-49a8-89a3-2035b8d9534c</title>
    <updated>2026-07-08T17:22:31.611062+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "456d2b00-980c-49a8-89a3-2035b8d9534c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-4375", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116877520158002101", "content": "CVE-2026-4375: CRITICAL code injection (CWE-94) in DoLeads Integrator &amp;amp; wp2epub WordPress plugins \u22640.65 allows RCE by unauthorized users. No patch yet \u2014 restrict plugin installs &amp;amp; monitor for changes. https://radar.offseq.com/threat/cve-2026-4375-cwe-94-improper-control-of-generatio-71c36276dd5a5ffb #OffSeq #WordPress #CVE20264375", "creation_timestamp": "2026-07-07T07:30:27.013372Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/456d2b00-980c-49a8-89a3-2035b8d9534c/export"/>
    <published>2026-07-07T07:30:27.013372+00:00</published>
  </entry>
</feed>
