{"vulnerability": "cve-2025-3141", "sightings": [{"uuid": "d8fcc761-f296-47a0-bcb2-a4cfd7c0fcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31416", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10440", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31416\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through 2.8.4.\n\ud83d\udccf Published: 2025-04-04T13:21:57.498Z\n\ud83d\udccf Modified: 2025-04-04T13:21:57.498Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/awesome-event-booking/vulnerability/wordpress-awesome-event-booking-plugin-2-8-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T13:35:45.000000Z"}, {"uuid": "84945cd5-d642-428d-9fcf-e122c91433c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31411", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhfsn62bd2h", "content": "", "creation_timestamp": "2025-04-10T11:32:41.881201Z"}, {"uuid": "d03c1bf0-a151-4ec9-aa9c-2467d1415a35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31419", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9633", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31419\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeix Churel allows DOM-Based XSS.This issue affects Churel: from n/a through 1.0.8.\n\ud83d\udccf Published: 2025-03-31T10:50:01.087Z\n\ud83d\udccf Modified: 2025-03-31T10:50:01.087Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/churel/vulnerability/wordpress-churel-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-31T11:31:40.000000Z"}, {"uuid": "2a34dc28-b8d1-4256-8ec2-0f0a9c9f53bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31414", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9594", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31414\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.65.\n\ud83d\udccf Published: 2025-03-31T06:07:11.895Z\n\ud83d\udccf Modified: 2025-03-31T06:07:11.895Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cost-calculator-builder/vulnerability/wordpress-cost-calculator-builder-plugin-3-2-65-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-31T06:30:59.000000Z"}, {"uuid": "e9f7e5be-63bf-4e0f-a7df-b720a4cc377a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31417", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9601", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31417\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Docs: from n/a through n/a.\n\ud83d\udccf Published: 2025-03-31T06:06:30.692Z\n\ud83d\udccf Modified: 2025-03-31T06:06:30.692Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-docs/vulnerability/wordpress-wp-docs-plugin-2-2-7-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-31T06:31:08.000000Z"}, {"uuid": "53547f00-d38f-4637-a31e-398494477c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31410", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9624", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31410\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Church Donation allows Cross Site Request Forgery.This issue affects WP Church Donation: from n/a through 1.7.\n\ud83d\udccf Published: 2025-03-31T08:29:07.022Z\n\ud83d\udccf Modified: 2025-03-31T08:29:07.022Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wp-church-donation/vulnerability/wordpress-wp-church-donation-plugin-1-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-31T09:31:15.000000Z"}, {"uuid": "f9d7e53b-ed2e-4259-8489-f99c215ad47b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31412", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9595", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31412\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetProductGallery allows DOM-Based XSS. This issue affects JetProductGallery: from n/a through 2.1.22.\n\ud83d\udccf Published: 2025-03-31T06:07:11.670Z\n\ud83d\udccf Modified: 2025-03-31T06:07:11.670Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/jet-woo-product-gallery/vulnerability/wordpress-jetproductgallery-plugin-2-1-22-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-31T06:31:00.000000Z"}, {"uuid": "0fab0020-1356-41d5-bc4a-f7579a8bdcf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31415", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9847", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31415\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: Missing Authorization vulnerability in YayCommerce YayExtra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YayExtra: from n/a through 1.5.2.\n\ud83d\udccf Published: 2025-04-01T05:31:42.561Z\n\ud83d\udccf Modified: 2025-04-01T05:31:42.561Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/yayextra/vulnerability/wordpress-yayextra-1-5-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-01T06:31:56.000000Z"}, {"uuid": "aec90bd0-fa4d-44f2-bbb9-a305d565e029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3141", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10163", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3141\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T05:00:16.544Z\n\ud83d\udccf Modified: 2025-04-03T05:00:16.544Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303046\n2. https://vuldb.com/?ctiid.303046\n3. https://vuldb.com/?submit.525309\n4. https://github.com/Lena-lyy/SQL/blob/main/SQL2.md\n5. https://www.sourcecodester.com/", "creation_timestamp": "2025-04-03T05:36:30.000000Z"}, {"uuid": "931afdd6-b5d1-46dc-ae6f-7249f9379fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31418", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10441", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31418\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6.\n\ud83d\udccf Published: 2025-04-04T13:20:48.054Z\n\ud83d\udccf Modified: 2025-04-04T13:20:48.054Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/gravel/vulnerability/wordpress-gravel-theme-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T13:35:46.000000Z"}, {"uuid": "e07fc103-e55d-4624-8e40-98db1141cdca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31411", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11220", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31411\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Aribhour Linet ERP-Woocommerce Integration allows Path Traversal.This issue affects Linet ERP-Woocommerce Integration: from n/a through 3.5.12.\n\ud83d\udccf Published: 2025-04-10T10:16:12.191Z\n\ud83d\udccf Modified: 2025-04-10T10:16:12.191Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/linet-erp-woocommerce-integration/vulnerability/wordpress-linet-erp-woocommerce-integration-plugin-3-5-12-arbitrary-file-read-deletion-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T10:49:19.000000Z"}, {"uuid": "02ef3218-5d6f-424b-a6c2-a78da9bae0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31411", "type": "seen", "source": "https://t.me/cvedetector/22652", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31411 - Linet ERP-Woocommerce Integration Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2025-31411 \nPublished : April 10, 2025, 11:15 a.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Aribhour Linet ERP-Woocommerce Integration allows Path Traversal.This issue affects Linet ERP-Woocommerce Integration: from n/a through 3.5.12. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T15:21:47.000000Z"}, {"uuid": "ed0dbb0c-3281-43a0-8765-d2b3b54360fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31417", "type": "seen", "source": "https://t.me/cvedetector/21545", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31417 - Fahad Mahmood WP Docs Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31417 \nPublished : March 31, 2025, 6:15 a.m. | 29\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Docs: from n/a through n/a. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T09:09:03.000000Z"}, {"uuid": "c667bf70-d684-4599-9c4d-246ed587e272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31414", "type": "seen", "source": "https://t.me/cvedetector/21544", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31414 - Stylemix Cost Calculator Builder Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31414 \nPublished : March 31, 2025, 6:15 a.m. | 29\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder allows Stored XSS. This issue affects Cost Calculator Builder: from n/a through 3.2.65. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T09:09:02.000000Z"}, {"uuid": "9e1421cb-2f05-498d-9316-aa95a2578332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31412", "type": "seen", "source": "https://t.me/cvedetector/21543", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31412 - JetProductGallery Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-31412 \nPublished : March 31, 2025, 6:15 a.m. | 29\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetProductGallery allows DOM-Based XSS. This issue affects JetProductGallery: from n/a through 2.1.22. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T09:09:01.000000Z"}, {"uuid": "369275f7-b64e-45df-93a6-34895821f695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31416", "type": "seen", "source": "https://t.me/cvedetector/22137", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31416 - Awesome Event Booking Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-31416 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through 2.8.4. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:24.000000Z"}, {"uuid": "6a29e803-6ae4-44ad-bc67-e4a565a36a75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31415", "type": "seen", "source": "https://t.me/cvedetector/21722", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31415 - YayCommerce YayExtra Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31415 \nPublished : April 1, 2025, 6:15 a.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : Missing Authorization vulnerability in YayCommerce YayExtra allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YayExtra: from n/a through 1.5.2. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T09:26:41.000000Z"}, {"uuid": "d2c2562e-e418-4277-94df-a79d26c1ed22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3141", "type": "seen", "source": "https://t.me/cvedetector/21947", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3141 - SourceCodester Online Medicine Ordering System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3141 \nPublished : April 3, 2025, 5:15 a.m. | 1\u00a0hour, 36\u00a0minutes ago \nDescription : A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage_category.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T09:22:51.000000Z"}, {"uuid": "d4babe12-8f3b-4322-8b2f-6a29d3bfcf86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31410", "type": "seen", "source": "https://t.me/cvedetector/21573", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31410 - Ashish Ajani WP Church Donation CSRF\", \n  \"Content\": \"CVE ID : CVE-2025-31410 \nPublished : March 31, 2025, 9:15 a.m. | 1\u00a0hour, 32\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Church Donation allows Cross Site Request Forgery.This issue affects WP Church Donation: from n/a through 1.7. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T13:20:21.000000Z"}, {"uuid": "36ea5415-1b45-4dd2-963b-a3b656aafff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31419", "type": "seen", "source": "https://t.me/cvedetector/21588", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31419 - Themeix Churel Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31419 \nPublished : March 31, 2025, 11:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeix Churel allows DOM-Based XSS.This issue affects Churel: from n/a through 1.0.8. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T15:00:56.000000Z"}, {"uuid": "bbf3cec4-a5ee-49b5-b0ce-ab3e199c64b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31418", "type": "seen", "source": "https://t.me/cvedetector/22133", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31418 - Noonnoo Gravel Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-31418 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:20.000000Z"}]}