{"vulnerability": "cve-2025-26936", "sightings": [{"uuid": "998b257c-8081-4fa6-a46d-ec5bf12c79fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114138952311367669", "content": "", "creation_timestamp": "2025-03-10T15:56:38.984833Z"}, {"uuid": "42723dc0-8d3c-46d9-9ca8-d3aa6ba5057f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk2nrhl5yt2z", "content": "", "creation_timestamp": "2025-03-10T23:00:06.995775Z"}, {"uuid": "1fb6713d-07ce-4175-8428-3bba605a755c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk3vyvz26u2q", "content": "", "creation_timestamp": "2025-03-11T11:00:06.458119Z"}, {"uuid": "842d42ca-12cd-4732-b012-adfc87b837c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3ljzv6wftjn2y", "content": "", "creation_timestamp": "2025-03-10T15:40:14.510627Z"}, {"uuid": "279f443f-b89f-45a1-bbe8-4159e6dd4871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_News/1688", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: CVE-2025-26936: WordPress Fresh Framework Plugin <= 1.70.0 is vulnerable to Remote Code Execution (RCE)\nLink: https://darkwebinformer.com/cve-2025-26936-wordpress-fresh-framework-plugin-1-70-0-is-vulnerable-to-remote-code-execution-rce/", "creation_timestamp": "2025-03-10T16:45:10.000000Z"}, {"uuid": "63cb02eb-dbd5-4072-87c5-999fb622c536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://t.me/cvedetector/19968", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26936 - Fresh Framework Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26936 \nPublished : March 10, 2025, 3:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Fresh Framework allows Code Injection. This issue affects Fresh Framework: from n/a through 1.70.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T19:02:36.000000Z"}, {"uuid": "a157ed70-2b14-44b0-8b34-0c6cd4961949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26936", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114139141891744117", "content": "", "creation_timestamp": "2025-03-10T16:44:50.317906Z"}, {"uuid": "61105efc-7be5-45f1-ab35-1a7922e96734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3ljzysiu6yc2j", "content": "", "creation_timestamp": "2025-03-10T16:44:55.969870Z"}, {"uuid": "57765818-7682-4e55-acc9-412768c627a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "Telegram/0crl1UOO2K03sjq8mxYny-OLvgjc4k5UWXPtzjGmjeu6F0M4", "content": "", "creation_timestamp": "2025-03-10T19:39:07.000000Z"}, {"uuid": "a788e477-8e1c-4550-ba02-81def600d30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/14347", "content": "\ud83d\udea8CVE-2025-26936: WordPress Fresh Framework Plugin <= 1.70.0 is vulnerable to Remote Code Execution (RCE)\n\nhttps://darkwebinformer.com/cve-2025-26936-wordpress-fresh-framework-plugin-1-70-0-is-vulnerable-to-remote-code-execution-rce/", "creation_timestamp": "2025-03-10T17:44:40.000000Z"}, {"uuid": "2688b113-d35b-40c0-947a-d35c822e84bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26936", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mmu3w57fjz2m", "content": "CVE-2025-26936 - Critical Code Injection in Freshface Fresh Framework. CVSS 10. Unpatched. Attackers can inject arbitrary code. Disable or remove immediately. #CVE #infosec #cybersecurity\n\nhttps://www.valtersit.com/cve/CVE-2025-26936/", "creation_timestamp": "2026-05-27T18:06:24.795298Z"}]}