{"vulnerability": "cve-2025-3211", "sightings": [{"uuid": "2678b5ad-104b-4b9e-9634-ad5121f74d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32111", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llxxalmcos2w", "content": "", "creation_timestamp": "2025-04-04T08:02:03.058879Z"}, {"uuid": "e3a835ff-0779-4921-82b3-466b6e4233ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32111", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114279062301532369", "content": "", "creation_timestamp": "2025-04-04T09:48:28.382163Z"}, {"uuid": "185ff6c5-7619-4dfc-a847-e1f1744d5ba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32111", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114279062301532369", "content": "", "creation_timestamp": "2025-04-04T09:48:28.398395Z"}, {"uuid": "924f0908-5674-407d-9b1e-f48f6132a562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llyu7etdiu24", "content": "", "creation_timestamp": "2025-04-04T16:40:19.811379Z"}, {"uuid": "a71da977-975e-4a7c-9bd0-a7a0aca94e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114280948887498614", "content": "", "creation_timestamp": "2025-04-04T17:48:14.216789Z"}, {"uuid": "2967e101-de1c-4df3-a414-3d0572022f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114280948887498614", "content": "", "creation_timestamp": "2025-04-04T17:48:14.220205Z"}, {"uuid": "f3913b90-0f65-4531-9f6f-710a692aad4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llz7hexmn72o", "content": "", "creation_timestamp": "2025-04-04T20:01:42.243612Z"}, {"uuid": "8d73ea40-fafa-459a-b3a6-6180144e980e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32119", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114313037970256953", "content": "", "creation_timestamp": "2025-04-10T09:49:03.763798Z"}, {"uuid": "90bcff94-714d-409e-b863-93a7ca54d288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbw7iq42a", "content": "", "creation_timestamp": "2025-08-03T21:02:48.815922Z"}, {"uuid": "f0366b2b-fed4-4099-9b38-45fc45b9b427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32111", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10415", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32111\n\ud83d\udd25 CVSS Score: 8.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks \"persist-credentials: false\" for actions/checkout.\n\ud83d\udccf Published: 2025-04-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T06:44:25.598Z\n\ud83d\udd17 References:\n1. https://github.com/acmesh-official/acme.sh/commit/a1de13657e79c5471dbc8fa3539ea39160937389\n2. https://github.com/acmesh-official/acme.sh/commit/40b6db6a2715628aa977ed1853fe5256704010ae\n3. https://github.com/actions/checkout/blob/85e6279cec87321a52edac9c87bce653a07cf6c2/README.md?plain=1#L70-L72", "creation_timestamp": "2025-04-04T07:36:10.000000Z"}, {"uuid": "b044cae0-8d1b-4d4a-ba3b-c7e5f84f5c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3211", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3211\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /birthing_print.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-04T05:31:05.092Z\n\ud83d\udccf Modified: 2025-04-04T05:31:05.092Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303165\n2. https://vuldb.com/?ctiid.303165\n3. https://vuldb.com/?submit.545964\n4. https://github.com/codinglosser/cve/blob/main/README.md\n5. https://code-projects.org/", "creation_timestamp": "2025-04-04T05:35:49.000000Z"}, {"uuid": "fd74f416-ca7c-48e3-9748-b640e766bd55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10557", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32118\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP \u2013 Coming Soon & Maintenance allows Using Malicious Files. This issue affects CMP \u2013 Coming Soon & Maintenance: from n/a through 4.1.13.\n\ud83d\udccf Published: 2025-04-04T15:58:20.718Z\n\ud83d\udccf Modified: 2025-04-04T20:20:12.425Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cmp-coming-soon-maintenance/vulnerability/wordpress-cmp-coming-soon-maintenance-plugin-4-1-13-remote-code-execution-rce-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T20:36:33.000000Z"}, {"uuid": "6d12a08b-7b99-49e4-8d79-b454aa3814c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32113", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10556", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32113\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas allows Cross Site Request Forgery. This issue affects Libro de Reclamaciones y Quejas: from n/a through 0.9.\n\ud83d\udccf Published: 2025-04-04T15:58:20.052Z\n\ud83d\udccf Modified: 2025-04-04T20:20:21.076Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/libro-de-reclamaciones-y-quejas/vulnerability/wordpress-libro-de-reclamaciones-y-quejas-plugin-0-9-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T20:36:32.000000Z"}, {"uuid": "b4fe75b4-eee6-4eb0-a05b-9757a8c811b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32112", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10555", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32112\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light allows Cross Site Request Forgery. This issue affects Sidebar Manager Light: from n/a through 1.1.8.\n\ud83d\udccf Published: 2025-04-04T15:58:19.304Z\n\ud83d\udccf Modified: 2025-04-04T20:20:29.771Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/sidebar-manager-light/vulnerability/wordpress-sidebar-manager-light-plugin-1-1-8-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-04T20:36:28.000000Z"}, {"uuid": "ef3f1ae8-4613-4f24-9a4b-7d0081f0a837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/29835", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aWordPress CMP \u2013 Coming Soon & Maintenance plugin <= 4.1.13 - Remote Code Execution (RCE) vulnerability\nURL\uff1ahttps://github.com/Nxploited/CVE-2025-32118\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-05T07:18:39.000000Z"}, {"uuid": "5ec75aa7-0b48-432f-8a64-22625bf013d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32117", "type": "seen", "source": "https://t.me/cvedetector/22478", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32117 - OTWthemes Widgetize Pages Light Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32117 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light allows Reflected XSS. This issue affects Widgetize Pages Light: from n/a through 3.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:26.000000Z"}, {"uuid": "eccb1532-03d0-48fc-be7f-76b2751ad664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3211", "type": "seen", "source": "https://t.me/cvedetector/22091", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3211 - Code-projects Patient Record Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3211 \nPublished : April 4, 2025, 6:15 a.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /birthing_print.php. The manipulation of the argument itr_no leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T10:29:25.000000Z"}, {"uuid": "c98aaaeb-0664-4131-99b1-5a3b095b54be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32111", "type": "seen", "source": "https://t.me/cvedetector/22087", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32111 - Docker/Acme.sh Insecure GitHub Workflow Credentials Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-32111 \nPublished : April 4, 2025, 7:15 a.m. | 39\u00a0minutes ago \nDescription : The Docker image from acme.sh before 40b6db6 is based on a .github/workflows/dockerhub.yml file that lacks \"persist-credentials: false\" for actions/checkout. \nSeverity: 8.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T10:29:18.000000Z"}, {"uuid": "1c05cc31-a92f-47da-acb7-efe8e7370781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "published-proof-of-concept", "source": "Telegram/2Mv-2iki26E7M91NoHSItb85uE7hmbSk_CGlhbCKtUOV7I0", "content": "", "creation_timestamp": "2025-04-05T17:00:10.000000Z"}, {"uuid": "cfee653d-745d-4760-873e-849cc80df432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32118", "type": "published-proof-of-concept", "source": "Telegram/gptxcG5Jvg83wR56zKKTs8fGBMXLE7PNQ-HCnd7IEVmsKx8", "content": "", "creation_timestamp": "2025-04-05T21:00:06.000000Z"}]}