{"vulnerability": "cve-2025-3810", "sightings": [{"uuid": "326bdf89-915d-4b7f-be12-a0fac0974b6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3810", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lopmeep5sp2o", "content": "", "creation_timestamp": "2025-05-09T04:41:34.447031Z"}, {"uuid": "6998b2c2-4613-48cb-9440-dd4c11c1081d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3810", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lopidblavnn2", "content": "", "creation_timestamp": "2025-05-09T06:17:51.892088Z"}, {"uuid": "0d60f16a-df74-47bd-a8f0-7290dea62067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-38106", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mgff4w63em24", "content": "", "creation_timestamp": "2026-03-06T13:10:10.152516Z"}, {"uuid": "4bee04fd-63ae-43cd-81c0-023e37b98999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-38106", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mhilfgr3vr26", "content": "", "creation_timestamp": "2026-03-20T13:05:28.874204Z"}, {"uuid": "fd95c23d-e9ab-4529-94a0-73bd7b29835b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38106", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0290/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "66d23a98-2746-4276-99ac-1454daa6897f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38105", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "693e98af-1e37-45e6-8207-b72a29a84714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-38105", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "35970e78-c171-4d2e-a40d-9b04f2fcb5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-38107", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "38847964-a924-4286-8eb3-f7d80453a349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38105", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "360aecc5-f195-417d-ba60-eb975d5b525a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38109", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "3e057a1b-53a0-4a28-8ad1-cbbbcde75e3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38105", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "0fd714ce-95fa-46e5-b532-610539cd936b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3810", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15657", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3810\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account.\n\ud83d\udccf Published: 2025-05-09T01:42:34.585Z\n\ud83d\udccf Modified: 2025-05-09T01:42:34.585Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/54f1ebfb-67f1-461d-91f1-269b0a2c0653?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3278939/wpbookit/trunk/core/admin/classes/controllers/class.wpb-profile-controller.php", "creation_timestamp": "2025-05-09T02:25:32.000000Z"}, {"uuid": "15966e1e-3643-424d-8208-339295d72a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38109", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/redhat-linux-kernel-multiple-vulnerabilities_20260401", "content": "", "creation_timestamp": "2026-03-31T20:00:00.000000Z"}, {"uuid": "34c6487b-234c-48e9-a1c6-483b049094d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38105", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T20:00:00.000000Z"}, {"uuid": "a57dad6a-c5b1-4582-9c9d-48f20ab8796f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3810", "type": "seen", "source": "Telegram/4ES9sqWe2NFrrCMvy-s7Zjo7P4e6LCWxXB41JPChem5dTAE", "content": "", "creation_timestamp": "2025-05-09T05:01:06.000000Z"}, {"uuid": "04a094ff-6b7c-4d7d-a268-c27c98b68c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3810", "type": "seen", "source": "https://t.me/cvedetector/24896", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3810 - WordPress WPBookit Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3810 \nPublished : May 9, 2025, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T06:10:36.000000Z"}, {"uuid": "2925987c-feaf-4e22-af21-a53d471d52eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-38105", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}]}