{"vulnerability": "cve-2025-2231", "sightings": [{"uuid": "4dfe592c-2905-44ec-8fa0-d296dc36323a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22316", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jmgx33b2k", "content": "", "creation_timestamp": "2025-01-07T11:17:43.834906Z"}, {"uuid": "d47253db-ccbd-425e-9133-518ed9b42023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22313", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfd3b5lcqp2d", "content": "", "creation_timestamp": "2025-01-09T16:16:50.901274Z"}, {"uuid": "f274ec4a-340e-4433-96a9-4c5b96a06f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22317", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113833063043098673", "content": "", "creation_timestamp": "2025-01-15T15:24:57.804777Z"}, {"uuid": "1ea60c66-45f7-4cea-8185-3c2875a0631f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22312", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787412331465969", "content": "", "creation_timestamp": "2025-01-07T13:55:23.383489Z"}, {"uuid": "67c0a5d5-daa4-4cc1-a85e-32f3110e287a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22310", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787412317565249", "content": "", "creation_timestamp": "2025-01-07T13:55:23.027431Z"}, {"uuid": "98b55cf1-06a3-4006-807d-e59de5a51765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22315", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787471329902294", "content": "", "creation_timestamp": "2025-01-07T14:10:23.461377Z"}, {"uuid": "d51850db-3d1f-45ac-82b8-33a47a893b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22316", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787471344130305", "content": "", "creation_timestamp": "2025-01-07T14:10:23.792177Z"}, {"uuid": "45ed9762-16b7-42a2-8f93-4c369f4f3e09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22310", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jm7y7iw2c", "content": "", "creation_timestamp": "2025-01-07T11:17:36.855575Z"}, {"uuid": "2c770ff7-2597-4b4f-9dae-93bd7bb96a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22316", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jmgx33b2k", "content": "", "creation_timestamp": "2025-01-07T11:17:43.836277Z"}, {"uuid": "f0f99fb7-9c1f-4f95-b3ab-334661b94982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22319", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65nuss3o2a", "content": "", "creation_timestamp": "2025-01-07T17:16:26.659466Z"}, {"uuid": "8753fbcb-317c-44b7-845a-bf5fd79c8c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22315", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jmevv5b2k", "content": "", "creation_timestamp": "2025-01-07T11:17:41.729944Z"}, {"uuid": "c7818b57-e513-46fe-974f-8e4b415acb14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22317", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfs5zajgl52n", "content": "", "creation_timestamp": "2025-01-15T16:16:03.340082Z"}, {"uuid": "f751e38d-f645-4540-9e61-30653ec9c22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22314", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfmwdr45u62c", "content": "", "creation_timestamp": "2025-01-13T14:15:27.253354Z"}, {"uuid": "fac97dff-eda7-4008-95e0-1b52fed5b850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22312", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jmcpwhy2l", "content": "", "creation_timestamp": "2025-01-07T11:17:39.375586Z"}, {"uuid": "ce7e5a0a-8f74-4129-b434-098df363eaee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22315", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jmevv5b2k", "content": "", "creation_timestamp": "2025-01-07T11:17:41.747235Z"}, {"uuid": "f7e4f78f-82e0-45f8-bc96-595cfcbc78c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24s6b6j2r", "content": "", "creation_timestamp": "2025-01-21T14:16:23.319868Z"}, {"uuid": "d7e65475-ac38-4fe7-a278-db5d2ef83bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24ufyq62j", "content": "", "creation_timestamp": "2025-01-21T14:16:25.462580Z"}, {"uuid": "8c25e5f4-bbdf-4663-8614-49cac93741a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820118163627", "content": "", "creation_timestamp": "2025-01-21T14:29:49.938831Z"}, {"uuid": "31218120-07f8-4d4c-b04b-e9097e2480a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820132800743", "content": "", "creation_timestamp": "2025-01-21T14:29:50.158830Z"}, {"uuid": "a450072a-e466-4ab6-9d26-cd173de70f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-129/", "content": "", "creation_timestamp": "2025-03-12T04:00:00.000000Z"}, {"uuid": "f5dabbec-b133-4bd6-a526-4995bca0535f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll5t67fkg52m", "content": "", "creation_timestamp": "2025-03-24T22:39:55.082808Z"}, {"uuid": "9da89b1b-eb97-4539-b046-3c7a61b7e0ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22315", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/448", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22315\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through 1.2.7.\n\ud83d\udccf Published: 2025-01-07T10:48:54.174Z\n\ud83d\udccf Modified: 2025-01-07T15:00:11.954Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/typing-text/vulnerability/wordpress-typing-text-plugin-1-2-7-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T15:39:38.000000Z"}, {"uuid": "fca4a147-3db6-4eef-a476-a5254e16ea1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22311\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Private Messages for UserPro. This issue affects Private Messages for UserPro: from n/a through 4.10.0.\n\ud83d\udccf Published: 2025-01-21T13:40:34.218Z\n\ud83d\udccf Modified: 2025-01-21T13:40:34.218Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/userpro-messaging/vulnerability/wordpress-private-messages-for-userpro-plugin-4-10-0-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:42.000000Z"}, {"uuid": "80c35471-7376-4368-931f-0a92d371e78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://t.me/cvedetector/20992", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2231 - PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2231 \nPublished : March 24, 2025, 8:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  \n  \nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T22:35:04.000000Z"}, {"uuid": "0dea4efb-9749-4bf7-a689-3225d57cf744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22318\n\ud83d\udd39 Description: Missing Authorization vulnerability in Eniture Technology Standard Box Sizes \u2013 for WooCommerce. This issue affects Standard Box Sizes \u2013 for WooCommerce: from n/a through 1.6.13.\n\ud83d\udccf Published: 2025-01-21T13:40:34.367Z\n\ud83d\udccf Modified: 2025-01-21T13:40:34.367Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/standard-box-sizes/vulnerability/wordpress-standard-box-sizes-plugin-1-6-12-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:38.000000Z"}, {"uuid": "d19d1bb9-9148-4c37-a50f-ca7f4fd5d830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2231\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473.\n\ud83d\udccf Published: 2025-03-24T19:45:42.198Z\n\ud83d\udccf Modified: 2025-03-24T20:05:31.236Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-129/\n2. https://www.pdf-xchange.com/support/security-bulletins.html", "creation_timestamp": "2025-03-24T20:23:40.000000Z"}, {"uuid": "7df703a6-8301-4275-8aa9-fe30b1bdd47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://t.me/cvedetector/15968", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22318 - Eniture Technology Standard Box Sizes WooCommerce Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22318 \nPublished : Jan. 21, 2025, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Eniture Technology Standard Box Sizes \u2013 for WooCommerce. This issue affects Standard Box Sizes \u2013 for WooCommerce: from n/a through 1.6.13. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T16:08:07.000000Z"}, {"uuid": "07fd7667-e6f6-4e35-8b4d-88f0c9f0192a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22314", "type": "seen", "source": "https://t.me/cvedetector/15150", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22314 - Food Store Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22314 \nPublished : Jan. 13, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Scripts Food Store \u2013 Online Food Delivery & Pickup allows Reflected XSS.This issue affects Food Store \u2013 Online Food Delivery & Pickup: from n/a through 1.5.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T16:14:27.000000Z"}, {"uuid": "5914beeb-6db2-4ec9-ad90-cdb469ef987c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22319", "type": "seen", "source": "https://t.me/cvedetector/14576", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22319 - DearHive Social Media Share Buttons MashShare Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22319 \nPublished : Jan. 7, 2025, 5:15 p.m. | 31\u00a0minutes ago \nDescription : Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:54:00.000000Z"}]}