{"vulnerability": "cve-2025-2388", "sightings": [{"uuid": "b5ae9238-40e9-4fa4-b6ad-b443feb9a067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23884", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7fxgamb2r", "content": "", "creation_timestamp": "2025-01-16T21:19:02.614191Z"}, {"uuid": "95f75d06-e7eb-4b8a-9404-45cca32ce998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23880", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7fuxi3z2r", "content": "", "creation_timestamp": "2025-01-16T21:19:00.060669Z"}, {"uuid": "21fffaca-03a0-4f72-a0de-731c874f3b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23886", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7fzsybt2n", "content": "", "creation_timestamp": "2025-01-16T21:19:04.971799Z"}, {"uuid": "76fb3471-3c87-453b-8f5c-5419c2c138c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23887", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7g4s2bl2n", "content": "", "creation_timestamp": "2025-01-16T21:19:08.137054Z"}, {"uuid": "e14f1aad-0cfd-4147-a19e-dac82eb89f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23885", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113883142051100099", "content": "", "creation_timestamp": "2025-01-24T11:40:42.875513Z"}, {"uuid": "f108f4a7-ded2-4553-948d-6fc751946bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23888", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113883142065872513", "content": "", "creation_timestamp": "2025-01-24T11:40:43.024550Z"}, {"uuid": "55e7322c-f61d-4fc7-837a-44ad0b99dfca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23889", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113883142080051584", "content": "", "creation_timestamp": "2025-01-24T11:40:43.379211Z"}, {"uuid": "7e013583-9664-4408-af5b-2d708327ca01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23882", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo7r6ni62f", "content": "", "creation_timestamp": "2025-01-22T15:21:17.040968Z"}, {"uuid": "2f64023f-a4ba-4f2a-a2fc-9027a08debf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkm5q7c45m26", "content": "", "creation_timestamp": "2025-03-17T22:01:02.228222Z"}, {"uuid": "54895811-da47-489c-b71c-963a322c98e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "2bb8ac00-6d6c-44c7-8e30-629d2d1a75c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:31.000000Z"}, {"uuid": "f8d65863-e1a6-401b-9986-47faddc1105d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23887", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2218", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23887\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Allan Wallick Blog Summary allows Stored XSS.This issue affects Blog Summary: from n/a through 0.1.2 \u03b2.\n\ud83d\udccf Published: 2025-01-16T20:07:42.099Z\n\ud83d\udccf Modified: 2025-01-17T21:50:00.490Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/blog-summary/vulnerability/wordpress-blog-summary-plugin-0-1-2-v-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-17T21:56:51.000000Z"}, {"uuid": "19ea6a9d-fbfb-42f2-8455-7870dd3ddd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23884", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2216", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23884\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Chris Roberts Annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through 2.1.1.\n\ud83d\udccf Published: 2025-01-16T20:07:40.841Z\n\ud83d\udccf Modified: 2025-01-17T21:51:47.811Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/annie/vulnerability/wordpress-annie-plugin-2-1-1-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-17T21:56:50.000000Z"}, {"uuid": "38358ea0-05a7-456a-be7a-81919e76a09b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2889", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23889\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FooGallery Captions allows Reflected XSS. This issue affects FooGallery Captions: from n/a through 1.0.2.\n\ud83d\udccf Published: 2025-01-24T10:52:57.673Z\n\ud83d\udccf Modified: 2025-01-24T10:52:57.673Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/foogallery-captions/vulnerability/wordpress-foogallery-captions-plugin-1-0-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-24T11:04:51.000000Z"}, {"uuid": "49fe7f33-3f5f-4a7b-99d4-fd55ab26dd72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23888", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2890", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23888\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Page Extensions allows Reflected XSS. This issue affects Custom Page Extensions: from n/a through 0.6.\n\ud83d\udccf Published: 2025-01-24T10:52:57.422Z\n\ud83d\udccf Modified: 2025-01-24T10:52:57.422Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/custom-page-extensions/vulnerability/wordpress-custom-page-extensions-plugin-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-24T11:04:52.000000Z"}, {"uuid": "72b9569f-e02d-4885-adb3-b9a9282d7c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7829", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2388\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Keytop \u8def\u5185\u505c\u8f66\u6536\u8d39\u7cfb\u7edf 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T18:00:05.264Z\n\ud83d\udccf Modified: 2025-03-17T18:34:14.455Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299887\n2. https://vuldb.com/?ctiid.299887\n3. https://vuldb.com/?submit.516710\n4. https://github.com/K-mxredo/MXdocument/wiki", "creation_timestamp": "2025-03-17T19:34:24.000000Z"}, {"uuid": "324c11fb-f022-4d55-9aac-6113973b9637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "https://t.me/cvedetector/20510", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2388 - Keytop Parking System API Improper Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2388 \nPublished : March 17, 2025, 6:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : A vulnerability was found in Keytop \u8def\u5185\u505c\u8f66\u6536\u8d39\u7cfb\u7edf 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T21:39:40.000000Z"}, {"uuid": "13aee9c1-f1dd-46fd-b422-2096bcc9b4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23889", "type": "seen", "source": "https://t.me/cvedetector/16263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23889 - Apache FooGallery Captions Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-23889 \nPublished : Jan. 24, 2025, 11:15 a.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FooGallery Captions allows Reflected XSS. This issue affects FooGallery Captions: from n/a through 1.0.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T12:43:54.000000Z"}, {"uuid": "cb06d70c-91fc-46cf-b9e2-870fab771300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23888", "type": "seen", "source": "https://t.me/cvedetector/16262", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23888 - Acunetix NotFound Custom Page Extensions Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23888 \nPublished : Jan. 24, 2025, 11:15 a.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Page Extensions allows Reflected XSS. This issue affects Custom Page Extensions: from n/a through 0.6. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T12:43:53.000000Z"}, {"uuid": "f87ae977-41b3-466f-b18f-3981db1d9f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23885", "type": "seen", "source": "https://t.me/cvedetector/16261", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23885 - \"NotFound MJ Contact us Cross-site Scripting (XSS)\"\", \n  \"Content\": \"CVE ID : CVE-2025-23885 \nPublished : Jan. 24, 2025, 11:15 a.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound MJ Contact us allows Reflected XSS. This issue affects MJ Contact us: from n/a through 5.2.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T12:43:50.000000Z"}, {"uuid": "5594e716-ea2d-486d-b90e-867838c1cf9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23882", "type": "seen", "source": "https://t.me/cvedetector/16105", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23882 - WordPress Download Codes Remote Cross Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-23882 \nPublished : Jan. 22, 2025, 3:15 p.m. | 44\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Download Codes allows Reflected XSS. This issue affects WP Download Codes: from n/a through 2.5.4. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T17:13:43.000000Z"}, {"uuid": "048e064d-7f4b-4746-b6a2-adbaa9ae8e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "Telegram/r8ru_SAfyv0cYfCWQL2RY3M8WbLJE6isd6j6oFDTTV3tTy4", "content": "", "creation_timestamp": "2025-03-17T19:32:25.000000Z"}]}