{"vulnerability": "cve-2025-2225", "sightings": [{"uuid": "8f2ccb4e-2e69-41ff-bcff-f8a27073c3e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2225", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmtofsdijv24", "content": "", "creation_timestamp": "2025-04-15T08:38:25.983551Z"}, {"uuid": "8789e40c-d567-42dc-a36a-1f7f4157d48e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq7rdb3a6s42", "content": "", "creation_timestamp": "2025-05-28T08:19:09.602325Z"}, {"uuid": "bb0d6ac9-c749-4aa7-93da-381cebbdf528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq7ticdrge2e", "content": "", "creation_timestamp": "2025-05-28T08:56:49.676643Z"}, {"uuid": "629293b5-c236-43f7-9b6e-e30f0524261b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-d7dafa70-1252e68c99eb5fc9", "content": "", "creation_timestamp": "2025-05-14T06:13:02.545001Z"}, {"uuid": "10d4c66a-3052-4d7c-800d-96aecc00ab1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://www.fortiguard.com/psirt/FG-IR-24-472", "content": "", "creation_timestamp": "2025-05-13T21:09:34.277000Z"}, {"uuid": "0f8c4a2c-b131-4e73-91e9-cb380f2cc711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lp5sa47bdk27", "content": "", "creation_timestamp": "2025-05-14T20:03:51.275064Z"}, {"uuid": "c90470a4-6d3c-4b8a-b477-9358cbd83c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://bsky.app/profile/nopfx.bsky.social/post/3lpiukebupk2b", "content": "", "creation_timestamp": "2025-05-19T05:43:38.938979Z"}, {"uuid": "5def287f-e752-407b-801b-f451c1034eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-22252", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lp73izahi22k", "content": "", "creation_timestamp": "2025-05-15T08:22:32.619547Z"}, {"uuid": "d12101f4-27b9-4a64-b308-bf2ab05af917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3lp4rtodcts2v", "content": "", "creation_timestamp": "2025-05-14T10:24:16.441085Z"}, {"uuid": "b0e33ee3-37af-4e7c-a50e-bd8c259b5cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://chaos.social/users/christopherkunz/statuses/114506273659405787", "content": "", "creation_timestamp": "2025-05-14T12:51:18.568658Z"}, {"uuid": "93f1a4ee-727b-4c4d-9a65-2b66cabb6657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://vulnerability.circl.lu/comment/48d3bc1d-ce6b-4a0d-93f6-aec07945969d", "content": "", "creation_timestamp": "2025-05-15T12:16:29.052130Z"}, {"uuid": "35003477-f1e6-42c6-98af-72188cf61d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp7efmxmtqw2", "content": "", "creation_timestamp": "2025-05-15T11:04:03.089773Z"}, {"uuid": "5809ff2d-b7ec-4ad0-b20b-c8df5ee5ec71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-cve-2025-22252-missing-authentication-vulnerability-fortios-fortiproxy-and", "content": "", "creation_timestamp": "2025-05-14T12:00:00.000000Z"}, {"uuid": "6553a69a-826b-469e-81c1-2e368a8b87e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22254", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18043", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22254\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H/RL:W/RC:C)\n\ud83d\udd39 Description: An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16 and before 6.4.15, FortiProxy version 7.6.0 through 7.6.1 and before 7.4.7 & FortiWeb version 7.6.0 through 7.6.1 and before 7.4.6 allows an authenticated attacker with at least read-only admin permissions to gain super-admin privileges via crafted requests to\u00a0Node.js websocket module.\n\ud83d\udccf Published: 2025-06-10T16:36:17.127Z\n\ud83d\udccf Modified: 2025-06-11T04:01:44.767Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-25-006", "creation_timestamp": "2025-06-11T04:33:08.000000Z"}, {"uuid": "6145c722-6edc-4d48-aeff-19d470fdfc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-22252", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1549", "content": "", "creation_timestamp": "2025-05-14T04:00:00.000000Z"}, {"uuid": "9d1a66f5-33be-4736-bc7d-acb6054e18dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2225", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11769", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2225\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Responsive Addons for Elementor \u2013 Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018rael_title_tag' parameter in all versions up to, and including, 1.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 1.6.9.\n\ud83d\udccf Published: 2025-04-15T05:23:27.613Z\n\ud83d\udccf Modified: 2025-04-15T05:23:27.613Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/f5ace7fb-530e-4a69-bbf7-e2c66491dd75?source=cve\n2. https://plugins.trac.wordpress.org/browser/responsive-addons-for-elementor/trunk/includes/widgets-manager/widgets/class-responsive-addons-for-elementor-icon-box.php#L2499\n3. https://plugins.trac.wordpress.org/changeset/3261241/\n4. https://plugins.trac.wordpress.org/changeset/3263280/", "creation_timestamp": "2025-04-15T05:54:44.000000Z"}, {"uuid": "e94102e7-4a58-4b4e-85d4-47310d90a3cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/38423", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-22252 \u2013 Authentication Bypass in Fortinet Products\nURL\uff1ahttps://github.com/korden-c/CVE-2025-22252\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-28T13:09:36.000000Z"}, {"uuid": "c9eb1e29-1806-43b3-94c9-6c3f8c652de4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2225", "type": "seen", "source": "https://t.me/cvedetector/22923", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2225 - Elementor Responsive Addons Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2225 \nPublished : April 15, 2025, 6:15 a.m. | 42\u00a0minutes ago \nDescription : The Responsive Addons for Elementor \u2013 Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018rael_title_tag' parameter in all versions up to, and including, 1.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 1.6.9. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T09:04:45.000000Z"}]}