{"vulnerability": "cve-2025-1524", "sightings": [{"uuid": "3b61d2ec-dda7-4f3b-9273-1a08f0f92a5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1524", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmyj7hdfut2g", "content": "", "creation_timestamp": "2025-04-17T06:48:44.052121Z"}, {"uuid": "a52ee96d-26e9-4b64-8e53-109e4d0fb42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15243", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb75id7laz2y", "content": "", "creation_timestamp": "2025-12-30T10:31:25.713862Z"}, {"uuid": "5e5dfe81-7ab8-4908-961b-ad06b8044a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15242", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb75np7swe2e", "content": "", "creation_timestamp": "2025-12-30T10:34:26.162783Z"}, {"uuid": "9fdad5bb-8368-4970-8a4e-7702f0e855c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15241", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb77osrtc22e", "content": "", "creation_timestamp": "2025-12-30T11:10:51.007521Z"}, {"uuid": "5afcc1a4-7ba2-4f4d-87f7-9c526ebf9552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-15240", "type": "seen", "source": "https://www.twcert.org.tw/en/cp-139-10616-cd942-2.html", "content": "", "creation_timestamp": "2026-01-05T06:58:00.000000Z"}, {"uuid": "eef59e36-2c84-41a9-a9e6-2d2e2313ed2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1524", "type": "seen", "source": "https://t.me/cvedetector/23219", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1524 - The Ultimate Dashboard WordPress Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-1524 \nPublished : April 17, 2025, 6:15 a.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : The Ultimate Dashboard  WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T10:28:16.000000Z"}, {"uuid": "acf7c463-72d0-411f-9b3d-d290865f2413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15247", "type": "seen", "source": "Telegram/y0eQAbUKuWo3WgNQ26iaWbPj3ea5ybOv03pwHsLfPooVzvs", "content": "", "creation_timestamp": "2026-01-12T15:02:17.000000Z"}, {"uuid": "ab2d8bfb-f3f1-4b6e-8a5f-68e010a3b79e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15243", "type": "published-proof-of-concept", "source": "Telegram/iY4yZ2PFpGxByFsrgplKVch9nhT5x9DeCvqvBNZo45zgPeM", "content": "", "creation_timestamp": "2026-01-02T15:08:07.000000Z"}, {"uuid": "ea264a82-dd38-40c6-9a55-5912618a1c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15240", "type": "published-proof-of-concept", "source": "Telegram/UCM3N0VAiIL0X9q0_5DMaRnnlz6r5GWtUQVOA9u8gPZf080", "content": "", "creation_timestamp": "2026-01-05T10:02:34.000000Z"}, {"uuid": "55123c83-9568-45b4-a9bf-5ddba4e426eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1524", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12195", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1524\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Ultimate Dashboard  WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-04-17T06:00:10.239Z\n\ud83d\udccf Modified: 2025-04-17T06:00:10.239Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/36aed1e4-05cb-42d2-b835-f6336f1a82cd/", "creation_timestamp": "2025-04-17T06:57:15.000000Z"}]}