{"vulnerability": "cve-2025-2516", "sightings": [{"uuid": "d5879f9a-4001-4cf1-875c-6c149d540ec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleqjxgfm24", "content": "", "creation_timestamp": "2025-02-07T10:18:12.151811Z"}, {"uuid": "4583e328-a191-4c9a-9862-48d529c62f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25166", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleqmb4v22t", "content": "", "creation_timestamp": "2025-02-07T10:18:15.040722Z"}, {"uuid": "bd56a20b-a9f4-42d5-b6c2-20cece981c0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhlngwfemi2o", "content": "", "creation_timestamp": "2025-02-07T12:54:00.396287Z"}, {"uuid": "e64788ab-38e8-4143-a8ed-12f02186e3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25166", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhlngwiroj2w", "content": "", "creation_timestamp": "2025-02-07T12:54:01.002891Z"}, {"uuid": "f067ac0c-21f9-4f93-8e2d-b45e66c853d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25160", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113962906911436375", "content": "", "creation_timestamp": "2025-02-07T13:45:58.116046Z"}, {"uuid": "ce78ff2a-cc20-45f0-b542-d30ddd464ec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113962906925504079", "content": "", "creation_timestamp": "2025-02-07T13:45:58.463055Z"}, {"uuid": "5672ef36-543e-47af-a5cc-c39d78f0dc91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25160", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleqhlgtl2v", "content": "", "creation_timestamp": "2025-02-07T10:18:09.727069Z"}, {"uuid": "2ab93417-85da-461f-ae0d-f6ea2d97d508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25166", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113962906944309809", "content": "", "creation_timestamp": "2025-02-07T13:45:58.663916Z"}, {"uuid": "a0235401-e0a1-4b7e-b374-242f58327a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113962208465179836", "content": "", "creation_timestamp": "2025-02-07T10:48:21.785357Z"}, {"uuid": "9157ffd4-905a-4156-b0e9-3d9524029eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113962906958439951", "content": "", "creation_timestamp": "2025-02-07T13:45:58.781908Z"}, {"uuid": "bf7ab040-77e2-47ad-bf53-e6e0729eb9ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25168", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleqrewt72q", "content": "", "creation_timestamp": "2025-02-07T10:18:20.198691Z"}, {"uuid": "f59dcc30-46e5-425f-9fa6-0cec8694d4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25168", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113962965955626019", "content": "", "creation_timestamp": "2025-02-07T14:00:58.994211Z"}, {"uuid": "0d454e69-5ac4-4955-95df-feba45482fef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2516", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llen4racb62g", "content": "", "creation_timestamp": "2025-03-27T15:40:20.677477Z"}, {"uuid": "83cf9888-43cb-4bce-9af3-22ffe9e5cd5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhleqow75z23", "content": "", "creation_timestamp": "2025-02-07T10:18:17.405253Z"}, {"uuid": "767f940b-39cc-4a1b-bedc-615212cfd163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059631838679660", "content": "", "creation_timestamp": "2025-02-24T15:44:23.039497Z"}, {"uuid": "44ed6ad4-2bb6-4341-84b7-1be46f8209af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "Telegram/uVzfu-Fjnbs-4AmfjjumtZTIGvEZepB3bI9F9_pI5TJkXUM", "content": "", "creation_timestamp": "2026-04-01T21:28:09.000000Z"}, {"uuid": "d2a39ef6-55a9-4268-9e4b-fd945b44e64e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "Telegram/uVzfu-Fjnbs-4AmfjjumtZTIGvEZepB3bI9F9_pI5TJkXUM", "content": "", "creation_timestamp": "2026-04-01T21:28:09.000000Z"}, {"uuid": "2fbbe4fe-8cde-4433-95c8-dcac061df9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "Telegram/EgY-3dooiREg-dALgS8idmo8jFkn1Hp5AACRbJP7ZYbsQN4", "content": "", "creation_timestamp": "2026-04-01T21:28:26.000000Z"}, {"uuid": "f1167f1a-e911-4fd9-80a0-ed67d212b1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "https://t.me/cvedetector/17478", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25163 - Zach Swetz Plugin A/B Image Optimizer Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2025-25163 \nPublished : Feb. 7, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. This issue affects Plugin A/B Image Optimizer: from n/a through 3.3. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T12:08:38.000000Z"}, {"uuid": "372491c1-14c0-4c7f-8e4b-8346fa191d60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2516", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9120", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2516\n\ud83d\udd25 CVSS Score: 9.5 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/U:Amber)\n\ud83d\udd39 Description: The use of a weak cryptographic key pair in the signature verification process in WPS Office (Kingsoft) on Windows allows an attacker who successfully recovered the private key to sign components.\n\nAs older versions of WPS Office did not validate the update server's certificate, an Adversary-In-The-Middle attack was possible allowing updates to be hijacked.\n\ud83d\udccf Published: 2025-03-27T14:29:22.907Z\n\ud83d\udccf Modified: 2025-03-27T15:15:56.127Z\n\ud83d\udd17 References:\n1. https://www.welivesecurity.com/en/eset-research/nspx30-sophisticated-aitm-enabled-implant-evolving-since-2005/", "creation_timestamp": "2025-03-27T15:26:54.000000Z"}, {"uuid": "a1c5757b-0761-40be-89bf-98fa6f83b180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25160", "type": "seen", "source": "https://t.me/cvedetector/17477", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25160 - \"Mark Barnes Style Tweaker CSRF Stored XSS\"\", \n  \"Content\": \"CVE ID : CVE-2025-25160 \nPublished : Feb. 7, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS. This issue affects Style Tweaker: from n/a through 0.11. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T12:08:37.000000Z"}, {"uuid": "cb651305-5ef3-408c-8aea-18ac4123f492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25168", "type": "seen", "source": "https://t.me/cvedetector/17472", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25168 - Blackandwhitedigital BookPress CSRF allows XSS\", \n  \"Content\": \"CVE ID : CVE-2025-25168 \nPublished : Feb. 7, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPress \u2013 For Book Authors allows Cross-Site Scripting (XSS). This issue affects BookPress \u2013 For Book Authors: from n/a through 1.2.7. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T12:08:31.000000Z"}, {"uuid": "a9b4fa52-0462-435f-b2a9-a106e48f6e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25167", "type": "seen", "source": "https://t.me/cvedetector/17471", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25167 - Blackandwhitedigital BookPress Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25167 \nPublished : Feb. 7, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : Missing Authorization vulnerability in blackandwhitedigital BookPress \u2013 For Book Authors allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BookPress \u2013 For Book Authors: from n/a through 1.2.7. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T12:08:30.000000Z"}, {"uuid": "c2a39078-3558-449c-b467-9e570e4ea0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25166", "type": "seen", "source": "https://t.me/cvedetector/17470", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25166 - Gabrieldarezzo InLocation CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-25166 \nPublished : Feb. 7, 2025, 10:15 a.m. | 51\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS. This issue affects InLocation: from n/a through 1.8. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T12:08:29.000000Z"}, {"uuid": "950cecfc-6aa9-44c3-8e8e-faa3985fdcc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2516", "type": "seen", "source": "https://t.me/cvedetector/21303", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2516 - WPS Office (Kingsoft) Private Key Recovery and Man-in-the-Middle Attack\", \n  \"Content\": \"CVE ID : CVE-2025-2516 \nPublished : March 27, 2025, 3:16 p.m. | 20\u00a0minutes ago \nDescription : The use of a weak cryptographic key pair in the signature verification process in WPS Office (Kingsoft) on Windows allows an attacker who successfully recovered the private key to sign components.  \n  \nAs older versions of WPS Office did not validate the update server's certificate, an Adversary-In-The-Middle attack was possible allowing updates to be hijacked. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-27T16:39:15.000000Z"}, {"uuid": "dd04a58a-556a-4ab7-900c-5702f872d43e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "https://t.me/GithubRedTeam/14190", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a Detects an authentication bypass vulnerability in Palo Alto PAN-OS (CVE-2025-0108).\nURL\uff1ahttps://github.com/rootharpy/CVE-2025-25163-Nuclei-Template\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-19T04:30:57.000000Z"}, {"uuid": "5c29ff83-cb7f-48f1-ba99-b54ff6ea6b1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25160", "type": "seen", "source": "Telegram/jC2zvjx6EWZ9AKC2dZL89b6_PjjJZ0sZe_K2zKZ8njGm2_0B", "content": "", "creation_timestamp": "2025-02-14T10:03:59.000000Z"}, {"uuid": "46a849e2-65c5-464b-9933-63c5f40a0c98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "published-proof-of-concept", "source": "Telegram/YpUVmWcZ23hjvrJUDNNP9w3g_USnJTIv8xyIqYZIoz5QgJ0", "content": "", "creation_timestamp": "2025-02-19T10:00:05.000000Z"}, {"uuid": "8800dad8-ccc4-419a-ba60-7bea0aa37399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "published-proof-of-concept", "source": "Telegram/Ke7Qtx69srUNZs11KMyAFiA7I0NF0hlyPNgwpSWisFGTfjQ", "content": "", "creation_timestamp": "2025-02-18T16:00:09.000000Z"}, {"uuid": "93376473-be0a-4e84-94f9-8678b46878e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25163", "type": "seen", "source": "https://t.me/BugCod3/1017", "content": "WordPress A/B Image Optimizer 3.3 Plugin Arbitrary File Download Vulnerability \n\n\ud83d\udcca Category: web applications\n\n\ud83d\udcbb Platform: php\n\n\ud83e\ude96 Risk: Security Risk High \ud83d\udea8\n\n\ud83d\udcac\nWordPress Plugin A/B Image Optimizer plugin versions 3.3 and below suffers from an arbitrary file download vulnerability.\n\n\ud83d\udd25 CVE: CVE-2025-25163\n\n\u2b07\ufe0f Download\n\ud83d\udd12 BugCod3\n\n#CVE #Exploit #PHP #WordPress\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\ud83d\udc64 T.me/BugCod3BOT \n\ud83d\udce3 T.me/BugCod3", "creation_timestamp": "2025-03-05T01:03:14.000000Z"}]}