{"vulnerability": "CVE-2025-3144", "sightings": [{"uuid": "6140b0ab-7322-4b67-b4f9-590fb1a67744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31444", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9329", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31444\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in youtag ShowTime Slideshow allows Stored XSS. This issue affects ShowTime Slideshow: from n/a through 1.6.\n\ud83d\udccf Published: 2025-03-28T11:54:16.432Z\n\ud83d\udccf Modified: 2025-03-28T11:54:16.432Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/showtime-slideshow/vulnerability/wordpress-showtime-slideshow-plugin-1-6-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T12:27:44.000000Z"}, {"uuid": "cd71b838-b8a4-420d-8dee-a52195a099ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3144", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llvdotogbl2z", "content": "", "creation_timestamp": "2025-04-03T07:06:47.815452Z"}, {"uuid": "b735ac5b-fe87-46cd-bd69-980a64793d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31446", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31446\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jiangmiao WP Cleaner allows Reflected XSS. This issue affects WP Cleaner: from n/a through 1.1.5.\n\ud83d\udccf Published: 2025-04-01T20:58:10.295Z\n\ud83d\udccf Modified: 2025-04-02T16:13:54.398Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wpcleaner/vulnerability/wordpress-wp-cleaner-plugin-1-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-02T16:35:03.000000Z"}, {"uuid": "81d8a256-90f7-490f-98f8-e71af1fea4cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31440", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9327", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31440\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Terms of Use allows Stored XSS. This issue affects Terms of Use: from n/a through 2.0.\n\ud83d\udccf Published: 2025-03-28T11:54:17.694Z\n\ud83d\udccf Modified: 2025-03-28T11:54:17.694Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/terms-of-use-2/vulnerability/wordpress-terms-of-use-plugin-2-0-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T12:27:40.000000Z"}, {"uuid": "2ed595d1-6b69-46c7-aab4-c6b32ccdf9ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31449", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9332", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31449\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in EricH The Visitor Counter allows Stored XSS. This issue affects The Visitor Counter: from n/a through 1.4.3.\n\ud83d\udccf Published: 2025-03-28T11:54:14.548Z\n\ud83d\udccf Modified: 2025-03-28T11:54:14.548Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/the-visitor-counter/vulnerability/wordpress-the-visitor-counter-plugin-1-4-3-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T12:27:47.000000Z"}, {"uuid": "1cc9ad59-4c41-4f66-b126-b1223f7d88e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31448", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31448\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in misteraon Simple Trackback Disabler allows Cross Site Request Forgery. This issue affects Simple Trackback Disabler: from n/a through 1.4.\n\ud83d\udccf Published: 2025-03-28T11:54:15.160Z\n\ud83d\udccf Modified: 2025-03-28T11:54:15.160Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/simple-trackback-disabler/vulnerability/wordpress-simple-trackback-disabler-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T12:27:46.000000Z"}, {"uuid": "5b68fa52-28e8-4e82-89de-8a1e4570cd03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31447", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9330", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31447\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in nertworks NertWorks All in One Social Share Tools allows Cross Site Request Forgery. This issue affects NertWorks All in One Social Share Tools: from n/a through 1.26.\n\ud83d\udccf Published: 2025-03-28T11:54:15.810Z\n\ud83d\udccf Modified: 2025-03-28T11:54:15.810Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/nertworks-all-in-one-social-share-tools/vulnerability/wordpress-nertworks-all-in-one-social-share-tools-1-26-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T12:27:45.000000Z"}, {"uuid": "49165345-d5da-4656-b3f6-db6e5c1af3f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31443", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9328", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31443\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Furtak KK I Like It allows Stored XSS. This issue affects KK I Like It: from n/a through 1.7.5.3.\n\ud83d\udccf Published: 2025-03-28T11:54:17.030Z\n\ud83d\udccf Modified: 2025-03-28T11:54:17.030Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/kk-i-like-it/vulnerability/wordpress-kk-i-like-it-plugin-1-7-5-3-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T12:27:41.000000Z"}, {"uuid": "434b42b4-b967-42e8-ac9d-18c241f03a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31445", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11228", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31445\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pages Order allows Reflected XSS. This issue affects Pages Order: from n/a through 1.1.3.\n\ud83d\udccf Published: 2025-04-01T20:58:10.085Z\n\ud83d\udccf Modified: 2025-04-10T14:47:22.818Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/pages-order/vulnerability/wordpress-pages-order-plugin-1-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T14:50:06.000000Z"}, {"uuid": "de4d21c2-a613-4e36-bd9c-d71416c77e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3144", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10168", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3144\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in MindSpore 2.5.0. Affected by this vulnerability is the function mindspore.numpy.fft.hfftn. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T06:00:19.126Z\n\ud83d\udccf Modified: 2025-04-03T06:00:19.126Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303049\n2. https://vuldb.com/?ctiid.303049\n3. https://vuldb.com/?submit.525333\n4. https://gitee.com/mindspore/mindspore/issues/IBVKM8", "creation_timestamp": "2025-04-03T06:34:12.000000Z"}, {"uuid": "82924fa3-245d-4635-8a35-b6c7187ce728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3144", "type": "seen", "source": "https://t.me/cvedetector/21944", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3144 - MindSpore Local Memory Corruption (FFT)\", \n  \"Content\": \"CVE ID : CVE-2025-3144 \nPublished : April 3, 2025, 6:15 a.m. | 36\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in MindSpore 2.5.0. Affected by this vulnerability is the function mindspore.numpy.fft.hfftn. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T09:22:45.000000Z"}]}