{"vulnerability": "cve-2025-2262", "sightings": [{"uuid": "482765fc-0ee4-4b04-8e2a-824b84149451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65ogaip72f", "content": "", "creation_timestamp": "2025-01-07T17:16:45.075728Z"}, {"uuid": "19ca5c4b-ba57-4320-883e-3e91cd20dd8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113788238955581046", "content": "", "creation_timestamp": "2025-01-07T17:25:37.025413Z"}, {"uuid": "6c4d9550-5567-4a3a-b4bf-cf2feb4ac0bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113788247636966235", "content": "", "creation_timestamp": "2025-01-07T17:27:49.158689Z"}, {"uuid": "416f5569-3aff-4804-98c8-259542947c8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113788280902206171", "content": "", "creation_timestamp": "2025-01-07T17:36:18.207028Z"}, {"uuid": "399180e5-ac23-464c-998a-82c7178a2e64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://gist.github.com/EliahKagan/0be3efbf0c9e6bebe115036caa457bbf", "content": "", "creation_timestamp": "2025-01-19T21:32:55.000000Z"}, {"uuid": "2c361cb5-1d58-4096-841e-714748f95aa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://gist.github.com/EliahKagan/06aa52d6ef3161c3af704e7e7c181fe8", "content": "", "creation_timestamp": "2025-01-20T05:45:01.000000Z"}, {"uuid": "9d9b5c13-fb1f-4344-b361-3ebcaa833bfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861447618986432", "content": "", "creation_timestamp": "2025-01-20T15:43:32.072316Z"}, {"uuid": "36b02e2c-8221-4b77-965d-20e06de2587c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6qdlipbh2e", "content": "", "creation_timestamp": "2025-01-20T16:15:54.136487Z"}, {"uuid": "49836a65-d746-4482-91f3-d1218cd5bd12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6sih7zur2k", "content": "", "creation_timestamp": "2025-01-20T16:54:29.083535Z"}, {"uuid": "4a81dba8-3e2f-4222-ac72-39bdd88d4ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/511", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22621\n\ud83d\udd39 Description: In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the \u201cadmin\u201c  Splunk roles.\n\ud83d\udccf Published: 2025-01-07T16:48:32.866Z\n\ud83d\udccf Modified: 2025-01-07T18:20:09.220Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2025-0101", "creation_timestamp": "2025-01-07T18:38:48.000000Z"}, {"uuid": "9a16de33-42ce-4b13-a8c9-29b2afc85a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22622", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liiwbyg2qc2n", "content": "", "creation_timestamp": "2025-02-19T04:19:23.964569Z"}, {"uuid": "8f3d3a33-06ca-45c2-8f9c-9e325ce62e34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22622", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijcz5kt642a", "content": "", "creation_timestamp": "2025-02-19T08:07:08.397373Z"}, {"uuid": "be9c9825-9e99-47e8-a2c2-8a8b04384983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2262", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkngedvb3r26", "content": "", "creation_timestamp": "2025-03-18T10:08:06.328313Z"}, {"uuid": "ea97a093-d16e-4fad-8d44-a7b14654ad12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22623", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljorizi7t62u", "content": "", "creation_timestamp": "2025-03-06T05:35:06.415352Z"}, {"uuid": "0a36ea9f-f4de-44f6-ba54-e717f1defe2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22622", "type": "seen", "source": "https://t.me/cvedetector/18403", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22622 - MyApp Age Verification XSS\", \n  \"Content\": \"CVE ID : CVE-2025-22622 \nPublished : Feb. 19, 2025, 4:15 a.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Age Verification for your checkout page. Verify your customer's identity 1.20.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/class-wc-integration-agechecker-integration.php. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T07:52:22.000000Z"}, {"uuid": "585828d2-85ba-464e-8b40-aabc06f79c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22624", "type": "seen", "source": "https://t.me/cvedetector/19067", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22624 - FooGallery Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22624 \nPublished : Feb. 27, 2025, 7:15 p.m. | 21\u00a0minutes ago \nDescription : FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T20:56:13.000000Z"}, {"uuid": "5b143ac8-c0b6-430a-b7ca-6280eb330aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2262", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "b769b0af-1ff5-4b38-b859-60b626293f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2262", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:29.000000Z"}, {"uuid": "e848afdc-defa-42da-a486-7cef08b10de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22624", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:22.000000Z"}, {"uuid": "96df7aa9-0dc9-47c9-9c65-725018665b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2367", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22620\n\ud83d\udd39 Description: gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0.\n\ud83d\udccf Published: 2025-01-20T15:38:32.388Z\n\ud83d\udccf Modified: 2025-01-20T15:38:32.388Z\n\ud83d\udd17 References:\n1. https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-fqmf-w4xh-33rh", "creation_timestamp": "2025-01-20T16:01:48.000000Z"}, {"uuid": "5784d778-a2c8-49cb-a724-612beb6a1843", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22624", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5767", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22624\n\ud83d\udd25 CVSS Score: 6.4 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php.\n\ud83d\udccf Published: 2025-02-27T18:26:27.030Z\n\ud83d\udccf Modified: 2025-02-27T18:59:21.413Z\n\ud83d\udd17 References:\n1. https://fluidattacks.com/advisories/skims-10/\n2. https://wordpress.org/plugins/foogallery/", "creation_timestamp": "2025-02-27T19:26:11.000000Z"}, {"uuid": "378905ab-623d-48e3-8010-433cbff8b59f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2262", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7895", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2262\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: The The Logo Slider \u2013 Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.7.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.\n\ud83d\udccf Published: 2025-03-18T06:36:25.233Z\n\ud83d\udccf Modified: 2025-03-18T06:36:25.233Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/3c7cc2d2-8de4-453b-b4dc-48f75b151078?source=cve\n2. https://plugins.trac.wordpress.org/browser/gs-logo-slider/trunk/includes/shortcode-builder/builder.php#L31\n3. https://plugins.trac.wordpress.org/browser/gs-logo-slider/trunk/includes/shortcode-builder/builder.php#L51\n4. https://plugins.trac.wordpress.org/browser/gs-logo-slider/trunk/includes/shortcode-builder/builder.php#L65\n5. https://plugins.trac.wordpress.org/changeset/3256441/", "creation_timestamp": "2025-03-18T06:52:22.000000Z"}, {"uuid": "ecbc782c-cc0d-4f9e-aeff-dfcaf11664f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5876", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22621\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the \"admin\"  Splunk roles.\n\ud83d\udccf Published: 2025-01-07T16:48:32.866Z\n\ud83d\udccf Modified: 2025-02-28T11:03:57.914Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2025-0101", "creation_timestamp": "2025-02-28T11:26:11.000000Z"}, {"uuid": "4842803e-3d66-4208-baa0-3dcbd97538d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22623", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6635", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22623\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/includes/dst/dst.php.\n\ud83d\udccf Published: 2025-03-06T05:08:55.161Z\n\ud83d\udccf Modified: 2025-03-06T05:08:55.161Z\n\ud83d\udd17 References:\n1. https://fluidattacks.com/advisories/skims-8/\n2. https://wordpress.org/plugins/ad-inserter/#developers", "creation_timestamp": "2025-03-06T05:36:31.000000Z"}, {"uuid": "24f59b93-4794-4672-9dcc-c49129a609b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22628", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9131", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22628\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision Filled In allows Stored XSS.This issue affects Filled In: from n/a through 1.9.2.\n\ud83d\udccf Published: 2025-03-27T15:30:24.693Z\n\ud83d\udccf Modified: 2025-03-27T16:13:59.379Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/filled-in/vulnerability/wordpress-filled-in-plugin-1-9-1-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T16:26:55.000000Z"}, {"uuid": "e77e421d-a89c-4a60-a678-944c38c347c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22629", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9130", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22629\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in iNET iNET Webkit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iNET Webkit: from n/a through 1.2.2.\n\ud83d\udccf Published: 2025-03-27T15:29:06.104Z\n\ud83d\udccf Modified: 2025-03-27T16:14:16.643Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/inet-webkit/vulnerability/wordpress-inet-webkit-plugin-1-2-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T16:26:52.000000Z"}, {"uuid": "ebd28c0c-b939-4138-9b65-042d13cd2e45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2262", "type": "seen", "source": "https://t.me/cvedetector/20556", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2262 - WordPress Logo Slider - Unauthenticated Shortcode Execution\", \n  \"Content\": \"CVE ID : CVE-2025-2262 \nPublished : March 18, 2025, 7:15 a.m. | 59\u00a0minutes ago \nDescription : The The Logo Slider \u2013 Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.7.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T09:22:49.000000Z"}, {"uuid": "a7504e9a-f0db-49b6-af0b-576098b08805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22624", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/20025", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22624\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: FooGallery \u2013 Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensions/albums/admin/class-meta boxes.php.\n\ud83d\udccf Published: 2025-02-27T18:26:27.030Z\n\ud83d\udccf Modified: 2025-07-01T12:07:49.818Z\n\ud83d\udd17 References:\n1. https://fluidattacks.com/advisories/skims-10/\n2. https://wordpress.org/plugins/foogallery/", "creation_timestamp": "2025-07-01T13:11:01.000000Z"}, {"uuid": "6ad2614d-366d-40f9-9e00-10193d505bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10816", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aReproducer for CVE-2025-22620\nURL\uff1ahttps://github.com/EliahKagan/checkout-index\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-01-19T05:36:54.000000Z"}, {"uuid": "afe5c839-e26c-4671-9c42-3490fc8d311a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "seen", "source": "https://t.me/cvedetector/15891", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22620 - Gitoxide World-Writable File Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22620 \nPublished : Jan. 20, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0. \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T18:23:15.000000Z"}, {"uuid": "4fb7afc8-9c53-4c55-aaae-b1388fcb14e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22623", "type": "seen", "source": "https://t.me/cvedetector/19673", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22623 - Ad Inserter Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22623 \nPublished : March 6, 2025, 5:15 a.m. | 33\u00a0minutes ago \nDescription : Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/includes/dst/dst.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T07:09:13.000000Z"}, {"uuid": "fcf936ea-8e2a-4262-bdd2-0788ee5be072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2262", "type": "published-proof-of-concept", "source": "Telegram/UVQjc4SiwKYbHISzpLSbOWAvgTBqOWKvIl-W9tejZt2xfoI", "content": "", "creation_timestamp": "2025-03-18T09:00:30.000000Z"}, {"uuid": "c3e41c6d-e5d6-4a8e-8e58-ab326b944287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22622", "type": "seen", "source": "Telegram/mxBippL2VoOHKXBOwKdlD7_MlJmh0Mn8r0vAUua-vfUP4abf", "content": "", "creation_timestamp": "2025-02-19T15:39:49.000000Z"}, {"uuid": "d39737f4-bee5-48d1-8c8e-41966b8c9918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22620", "type": "published-proof-of-concept", "source": "Telegram/ItKcBCOC3nvl-67eorLNQKHsFJ11xElA8cMwfDM6t9Nmi-k", "content": "", "creation_timestamp": "2025-01-19T10:00:06.000000Z"}, {"uuid": "a9490ff7-54ee-4195-ad7f-a0d2bc716a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22621", "type": "seen", "source": "https://t.me/cvedetector/14567", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22621 - Splunk App for SOAR Unauthorized Access Control\", \n  \"Content\": \"CVE ID : CVE-2025-22621 \nPublished : Jan. 7, 2025, 5:15 p.m. | 31\u00a0minutes ago \nDescription : In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the \u201cadmin\u201c  Splunk roles. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:53:50.000000Z"}, {"uuid": "b985b2fe-2392-4429-9e73-1e3b08ec42bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-22620", "type": "published-proof-of-concept", "source": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-fqmf-w4xh-33rh", "content": "", "creation_timestamp": "2025-01-18T18:08:51.000000Z"}]}