{"vulnerability": "cve-2025-2841", "sightings": [{"uuid": "e49c713c-2030-41d1-bba4-e71edb499f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28410", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf4z2wi2z", "content": "", "creation_timestamp": "2025-04-07T17:12:13.524566Z"}, {"uuid": "4a9b79d7-64c2-45ce-b57a-bb483444524a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28411", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf5jy2x2o", "content": "", "creation_timestamp": "2025-04-07T17:12:16.727100Z"}, {"uuid": "1f3b9a98-30b6-4d40-8eee-3b7597610442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28412", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf6i5vx2z", "content": "", "creation_timestamp": "2025-04-07T17:12:20.885148Z"}, {"uuid": "c19ca228-5e12-4ba5-a00b-56362b5b51f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28413", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmahf6ovb32g", "content": "", "creation_timestamp": "2025-04-07T17:12:22.101891Z"}, {"uuid": "d7014e9e-fdbf-4b09-bd67-00d79bb6e8b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28411", "type": "seen", "source": "https://t.me/cvedetector/22321", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28411 - RUoYi RCE\", \n  \"Content\": \"CVE ID : CVE-2025-28411 \nPublished : April 7, 2025, 4:15 p.m. | 27\u00a0minutes ago \nDescription : An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSave \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T18:44:45.000000Z"}, {"uuid": "2341925b-e729-4b9e-b684-c9aa82d646fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2841", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmlt6r37qg2h", "content": "", "creation_timestamp": "2025-04-12T05:42:40.993138Z"}, {"uuid": "0f8e4819-589a-47ab-b357-0f686461d068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28410", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:39.000000Z"}, {"uuid": "9bbe0838-2dce-437e-8594-59f19b223306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28413", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:39.000000Z"}, {"uuid": "036feecf-946b-423c-ae99-e7961441aa7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28411", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:39.000000Z"}, {"uuid": "98c8aa5a-ef40-4889-842c-ea7194d82d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28412", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:39.000000Z"}, {"uuid": "06a969f7-ee7c-4dcd-9936-470941fe4d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28413", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:38.000000Z"}, {"uuid": "b3c3e205-c78c-442e-b021-bf669a813316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28410", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:38.000000Z"}, {"uuid": "9c007db3-eeb7-4f9e-82c6-0d75ef9f2cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28411", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:38.000000Z"}, {"uuid": "8a91a97b-d0f3-4f1d-aae8-3ec49e4e5117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28412", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:38.000000Z"}, {"uuid": "afcbe7d7-9177-44d4-b62e-7c0ec41233de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2841", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11533", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2841\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file.\n\ud83d\udccf Published: 2025-04-12T02:23:14.583Z\n\ud83d\udccf Modified: 2025-04-12T02:23:14.583Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/5be01bba-e4f4-4818-9612-fc37b648a349?source=cve\n2. https://plugins.trac.wordpress.org/browser/cart66-cloud/tags/2.3.7/views/admin/html-system-info.php#L26\n3. https://plugins.trac.wordpress.org/browser/cart66-cloud/tags/2.3.7/views/admin/html-system-info.php#L39\n4. https://plugins.trac.wordpress.org/browser/cart66-cloud/tags/2.3.7/views/admin/html-system-info.php#L59\n5. https://wordpress.org/plugins/cart66-cloud/#developers", "creation_timestamp": "2025-04-12T02:51:20.000000Z"}, {"uuid": "efe61b64-cb76-4008-bd13-0f377be80660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2841", "type": "seen", "source": "https://t.me/cvedetector/22788", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2841 - Cart66 Cloud WordPress Sensitive Information Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2841 \nPublished : April 12, 2025, 3:15 a.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : The Cart66 Cloud plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.7 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed file. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-12T06:39:53.000000Z"}, {"uuid": "c7b82349-ac3d-4361-b553-6d71667e94b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28413", "type": "seen", "source": "https://t.me/cvedetector/22323", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28413 - RUoYi Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28413 \nPublished : April 7, 2025, 4:15 p.m. | 27\u00a0minutes ago \nDescription : An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the SysDictTypeController component \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T18:44:46.000000Z"}, {"uuid": "0be20abe-66a9-4abd-bbad-738a78347f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28412", "type": "seen", "source": "https://t.me/cvedetector/22322", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28412 - RUoYi Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28412 \nPublished : April 7, 2025, 4:15 p.m. | 27\u00a0minutes ago \nDescription : An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T18:44:46.000000Z"}, {"uuid": "f77ba4f2-844d-4b8f-b193-ade8d071507f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28410", "type": "seen", "source": "https://t.me/cvedetector/22320", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28410 - \"RUoYi Privilege Escalation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-28410 \nPublished : April 7, 2025, 4:15 p.m. | 27\u00a0minutes ago \nDescription : An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the cancelAuthUserAll method does not properly validate whether the requesting user has administrative privileges \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T18:44:44.000000Z"}]}