{"vulnerability": "cve-2025-2368", "sightings": [{"uuid": "951eb3c3-3c9d-40a9-b078-b627d7a78fd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23689", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv42ysss42f", "content": "", "creation_timestamp": "2025-01-16T20:19:13.721534Z"}, {"uuid": "84ea4d94-2e6f-4ef4-ad65-b5d6c4ffc15f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23689", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113840842424512264", "content": "", "creation_timestamp": "2025-01-17T00:23:21.694678Z"}, {"uuid": "72218e91-4d49-410f-a902-724c9f89ceeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23685", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbtm73p2s2e", "content": "", "creation_timestamp": "2025-02-03T15:17:35.163855Z"}, {"uuid": "ec52e8fc-c091-4575-becb-f04c81ba35b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23685", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113940885544310245", "content": "", "creation_timestamp": "2025-02-03T16:25:38.720015Z"}, {"uuid": "fd4b72e0-ef76-4193-a076-234c734d6087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23682", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5jet2z2j", "content": "", "creation_timestamp": "2025-01-22T15:20:01.814667Z"}, {"uuid": "e4f7245d-956f-40bb-9427-c30ef9580f7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23681", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5h3jiw2f", "content": "", "creation_timestamp": "2025-01-22T15:19:59.782473Z"}, {"uuid": "d759f4d6-af0f-44b4-9b4c-2156f5fdb033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23683", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5mm44d2t", "content": "", "creation_timestamp": "2025-01-22T15:20:05.562771Z"}, {"uuid": "5b0e1313-ed28-4621-8c41-dad8ce8d33eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23684", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5pr54e2j", "content": "", "creation_timestamp": "2025-01-22T15:20:08.464722Z"}, {"uuid": "f45b03ca-556c-4c66-a095-25ed542933cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23686", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5s5fwt2t", "content": "", "creation_timestamp": "2025-01-22T15:20:10.917288Z"}, {"uuid": "08f6a28b-17cb-4226-983b-4fe96c048738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23687", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:22.000000Z"}, {"uuid": "410d3f09-f831-4160-a0e3-2e30b4703cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2368", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkkuolyecv2w", "content": "", "creation_timestamp": "2025-03-17T09:46:24.167972Z"}, {"uuid": "ee2b4e98-f4fe-4f09-901e-c4933dafd442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23684", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2561", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23684\n\ud83d\udd39 Description: Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Debug Tool: from n/a through 2.2.\n\ud83d\udccf Published: 2025-01-22T14:29:19.227Z\n\ud83d\udccf Modified: 2025-01-22T15:25:50.571Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/debug-tool/vulnerability/wordpress-debug-tool-plugin-2-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:49.000000Z"}, {"uuid": "bac6c044-ce1e-4b8f-91c6-3b44b16980f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23687", "type": "seen", "source": "https://bsky.app/profile/qwanjk.bsky.social/post/3mb77r2nk5223", "content": "", "creation_timestamp": "2025-12-30T11:12:07.174078Z"}, {"uuid": "d85c4689-50a4-4115-a24c-78a1cc7550e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2368", "type": "seen", "source": "Telegram/NtgdGeZWqROuFZ2INFVI_F7wbiZX6L2oMH79jCDcZlZLsnY", "content": "", "creation_timestamp": "2026-01-06T17:06:07.000000Z"}, {"uuid": "ea071809-6d34-49e7-b847-235591fe06b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23687", "type": "seen", "source": "https://t.me/cvedetector/19049", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23687 - Woo Store Mode Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-23687 \nPublished : Feb. 27, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in simonhunter Woo Store Mode allows Reflected XSS. This issue affects Woo Store Mode: from n/a through 1.0.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T19:15:37.000000Z"}, {"uuid": "da1b2f69-0cb1-4b67-b759-111563154fc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2368", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7746", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2368\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.\n\ud83d\udccf Published: 2025-03-17T08:00:05.922Z\n\ud83d\udccf Modified: 2025-03-17T08:00:05.922Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299867\n2. https://vuldb.com/?ctiid.299867\n3. https://vuldb.com/?submit.515327\n4. https://github.com/WebAssembly/wabt/issues/2556\n5. https://github.com/WebAssembly/wabt/issues/2537\n6. https://github.com/WebAssembly/wabt/issues/2556#issue-2899598349\n7. https://github.com/WebAssembly/wabt/pull/2541", "creation_timestamp": "2025-03-17T08:46:47.000000Z"}, {"uuid": "6ad1a48e-84ac-43c9-bb11-e978c951399f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6458", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23688\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Cobwebo URL Plugin allows Reflected XSS. This issue affects Cobwebo URL Plugin: from n/a through 1.0.\n\ud83d\udccf Published: 2025-03-03T13:30:16.191Z\n\ud83d\udccf Modified: 2025-03-04T21:46:49.742Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cobwebo-url/vulnerability/wordpress-cobwebo-url-plugin-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-04T22:33:33.000000Z"}, {"uuid": "4331fa16-0749-4726-8118-172cfccd0973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23686", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2566", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23686\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Callum Richards Admin Menu Organizer allows Reflected XSS. This issue affects Admin Menu Organizer: from n/a through 1.0.1.\n\ud83d\udccf Published: 2025-01-22T14:29:19.490Z\n\ud83d\udccf Modified: 2025-01-22T15:23:33.865Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/admin-menu-organizer/vulnerability/wordpress-admin-menu-organizer-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:53.000000Z"}, {"uuid": "02a776e4-54a6-4aa2-b1e5-6272cf10783e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23687", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5704", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23687\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in simonhunter Woo Store Mode allows Reflected XSS. This issue affects Woo Store Mode: from n/a through 1.0.1.\n\ud83d\udccf Published: 2025-02-27T16:16:24.125Z\n\ud83d\udccf Modified: 2025-02-27T16:16:24.125Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/woo-store-mode/vulnerability/wordpress-woo-store-mode-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-27T16:25:56.000000Z"}, {"uuid": "6079652a-4495-4485-9cd3-42d2824e6ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2368", "type": "seen", "source": "https://t.me/cvedetector/20446", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2368 - Apache Wabt WebAssembly Malformed File Handler Heap Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2368 \nPublished : March 17, 2025, 8:15 a.m. | 1\u00a0hour, 22\u00a0minutes ago \nDescription : A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T10:46:32.000000Z"}, {"uuid": "5455847c-eb39-4067-8088-6c6c5ba3ae82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23689", "type": "seen", "source": "https://t.me/cvedetector/15632", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23689 - Poco Blogger Image Import Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23689 \nPublished : Jan. 16, 2025, 8:15 p.m. | 36\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Poco Blogger Image Import allows Stored XSS.This issue affects Blogger Image Import: from 2.1 through n/a. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-16T22:05:50.000000Z"}, {"uuid": "36700266-ae0d-4c6a-b8e3-0df33af15039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2368", "type": "published-proof-of-concept", "source": "Telegram/h4JSjUpylzfjLwjMiOpavbn4mOJdWDzZHA7u2M7GqTRudSU", "content": "", "creation_timestamp": "2025-03-17T10:00:31.000000Z"}]}