{"vulnerability": "cve-2025-47577", "sightings": [{"uuid": "697944f5-6086-41a9-9e04-a3a19986eb73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lqdebxzbcc24", "content": "", "creation_timestamp": "2025-05-29T18:35:31.042925Z"}, {"uuid": "3e2d9644-2e43-4677-aa21-486591a21269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lqbzuvtgs22x", "content": "", "creation_timestamp": "2025-05-29T05:56:36.089395Z"}, {"uuid": "d7889ef6-cad2-4176-9fa5-b7dd5afa4592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114590641159522407", "content": "", "creation_timestamp": "2025-05-29T10:27:02.323435Z"}, {"uuid": "b93f2c11-55eb-4136-97c7-7b9189c22600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq6n46ybbw27", "content": "", "creation_timestamp": "2025-05-27T21:30:01.474591Z"}, {"uuid": "a7de2eea-0f95-4fd3-bb98-11e3a1c34819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://bsky.app/profile/aodaivn.bsky.social/post/3lqls66co6y24", "content": "", "creation_timestamp": "2025-06-02T03:05:13.271306Z"}, {"uuid": "eed6564f-8817-4a00-a0f2-d6d920794a97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://bsky.app/profile/harmonic-osc.bsky.social/post/3lqdyysl2d22k", "content": "", "creation_timestamp": "2025-05-30T00:46:16.635138Z"}, {"uuid": "993f996d-c7b5-4dd2-b969-8cd614b5d81e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-a70d0f6f-31262437db815387", "content": "", "creation_timestamp": "2025-06-01T10:12:39.129944Z"}, {"uuid": "844a9ac1-a193-4cdd-b301-46fe685a4da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://t.me/true_secator/7081", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Patchstack \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 \u043f\u043b\u0430\u0433\u0438\u043d TI WooCommerce Wishlist \u0434\u043b\u044f WordPress, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\nTI WooCommerce Wishlist, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0431\u043e\u043b\u0435\u0435\u00a0100 000 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u0430\u0439\u0442\u043e\u0432 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0441\u0432\u043e\u0438 \u043b\u044e\u0431\u0438\u043c\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0441\u043f\u0438\u0441\u043a\u0430\u043c\u0438 \u0432 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445.\n\n\u041f\u043b\u0430\u0433\u0438\u043d \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-47577 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u043d\u0438\u0436\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 2.9.2, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u0443\u044e 29 \u043d\u043e\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c tinvwl_upload_file_wc_fields_factory, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0440\u0443\u0433\u0443\u044e \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u044e WordPress wp_handle_upload \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0434\u043b\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f test_form \u0438 test_type \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 \u00abfalse\u00bb.\n\n\u041f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 test_type \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0442\u043e\u0433\u043e, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043b\u0438 \u0442\u0438\u043f \u0444\u0430\u0439\u043b\u0430 MIME \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u043c\u0443, \u0442\u043e\u0433\u0434\u0430 \u043a\u0430\u043a test_form \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043b\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 $_POST['action'] \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u043c\u0443.\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 test_type \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0442\u0438\u043f\u0430 \u0444\u0430\u0439\u043b\u0430, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043b\u044e\u0431\u043e\u0433\u043e \u0442\u0438\u043f\u0430.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 tinvwl_meta_wc_fields_factory \u0438\u043b\u0438 tinvwl_cart_meta_wc_fields_factory, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WC Fields Factory.\n\n\u042d\u0442\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043f\u043b\u0430\u0433\u0438\u043d WC Fields Factory \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 WordPress, \u0430 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 TI WooCommerce Wishlist.\n\n\u0412 \u0433\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 PHP-\u0444\u0430\u0439\u043b \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430, \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u043c\u0443 \u0444\u0430\u0439\u043b\u0443.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0438 \u0438\u0437\u0431\u0435\u0433\u0430\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 'test_type' =&gt; false \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 wp_handle_upload().\n\n\u041f\u0440\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043f\u0430\u0442\u0447\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0435\u0433\u043e \u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u043e \u0441\u0432\u043e\u0438\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.", "creation_timestamp": "2025-05-29T13:44:46.000000Z"}, {"uuid": "83a35cae-feb0-45cc-99d7-5cd9f3490b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1868-36ff-e7b4-b02973573202", "content": "", "creation_timestamp": "2025-05-28T12:23:44.869264Z"}, {"uuid": "458e2fb7-5968-41f6-b5ed-2f0c9bdcf96e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "Telegram/NvmwrLZuJtk2OTgQzJD-RYjs9loCJaGTn1Suza32zcukTMWm1w", "content": "", "creation_timestamp": "2025-09-08T14:41:51.000000Z"}, {"uuid": "cb34aef3-dad9-42fe-9765-2cb0a4cdd2dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "Telegram/-YX3VPA_NQEQvXb1WmVDINq2VBCnVyKWs0wektg8KHdHQ7Pw", "content": "", "creation_timestamp": "2025-09-07T16:15:48.000000Z"}, {"uuid": "dde6fa81-c357-4a24-a9f7-42c822fdaed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "published-proof-of-concept", "source": "https://t.me/captainsmok3r_official/72", "content": "RCE vulnerability (CVE-2025-47577) in TI WooCommerce Wishlist (\u2264 2.9.2) allows unauthenticated attackers to upload web shells\nsource:\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-47577\ndork:\ninurl:/wp-content/plugins/ti-woocommerce-wishlist/\ncheck version =&gt; add /readme.txt\nhttps://eraams.com/wp-content/plugins/ti-woocommerce-wishlist/readme.txt\nStable tag: 2.9.2 \u274c\nhttps://quicklybazaar.com/wp-content/plugins/ti-woocommerce-wishlist/readme.txt\nStable tag: 2.8.1 \u2705\nhttps://perfumehousedhaka.com/wp-content/plugins/ti-woocommerce-wishlist/readme.txt\nStable tag: 2.5.1\u2705\nhttps://techminebd.com/wp-content/plugins/ti-woocommerce-wishlist/readme.txt\nStable tag: 2.8.2 \u2705\n.....\nPoC: https://github.com/Yucaerin/CVE-2025-47577", "creation_timestamp": "2025-08-17T03:50:46.000000Z"}, {"uuid": "fbb0d24b-8f00-4020-850b-c9c5e714c636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "Telegram/P1jr7enV8Aiw9mGUbx7qjfPKUNGQkxO-7ln1L8jbyJEeiA8bIg", "content": "", "creation_timestamp": "2025-09-07T16:15:48.000000Z"}, {"uuid": "cddb658a-11ce-4af8-985d-a3707c7bfe7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "Telegram/eGvPet4rK9ah0N5Ii_iOdGCqzJOnrPCYbzd5svej7k0P8N4B", "content": "", "creation_timestamp": "2025-09-07T16:15:48.000000Z"}, {"uuid": "50e55d5f-c70b-4e14-821c-8625ecb3ba39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "published-proof-of-concept", "source": "Telegram/-7NL1bzu3gPFP7kRRcfqD7SNyl8Wx0VR-ImR3UVLeO60Co5fXQ", "content": "", "creation_timestamp": "2025-09-07T22:50:58.000000Z"}, {"uuid": "13baa623-dd14-4f91-8733-0a705f8e6eb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "Telegram/9GRVhxIPRzGnzfi9k4RfCDYd03p5LVNo3wj7i1rZBhTNLd-M", "content": "", "creation_timestamp": "2025-09-07T16:16:50.000000Z"}, {"uuid": "4129354c-8c91-4be1-8539-8e3c87b78145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "published-proof-of-concept", "source": "Telegram/seeOg7d7Xdx0LWEqXd7dvE90Oq6nBMNvrC8yGWUmnEYbL4k", "content": "", "creation_timestamp": "2025-06-26T03:00:05.000000Z"}, {"uuid": "4a1d3c2e-afdb-4265-8ce4-0c86a9c2b07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "published-proof-of-concept", "source": "Telegram/-VwGhvHbAqGxMoIqAuNl2S-GtS9GOszjSHCSlHw-Z7vkd70", "content": "", "creation_timestamp": "2025-06-26T15:00:10.000000Z"}, {"uuid": "cf197267-f889-48a9-8e40-fffc7abc3909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "exploited", "source": "https://t.me/thehackernews/6908", "content": "\ud83d\udea8 0-day Alert: Unpatched flaw threatens 100K+ WordPress sites\n\nA critical vulnerability (CVE-2025-47577, CVSS 10.0) in TI WooCommerce Wishlist lets unauthenticated attackers upload malicious files.\n\n\ud83d\udd17 Full details \u2192 https://thehackernews.com/2025/05/over-100000-wordpress-sites-at-risk.html", "creation_timestamp": "2025-05-29T07:50:29.000000Z"}, {"uuid": "1970d729-8de3-478b-a076-f764375ede86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "Telegram/9PGTI-HfqjivAVaoQJhkOpBJYmypgCkWf8SZK9OZbD3gMg", "content": "", "creation_timestamp": "2025-05-29T12:21:07.000000Z"}, {"uuid": "08de6f0e-b9d6-4319-aa91-9093fb99c1e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://t.me/sysodmins/25888", "content": "100 000 \u0441\u0430\u0439\u0442\u043e\u0432 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0438\u0437-\u0437\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Wishlist \ud83c\udfb9\n\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 TI WooCommerce Wishlist \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2025-47577), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0441\u0430\u0439\u0442 \u0431\u0435\u0437 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438. \u041f\u043b\u0430\u0433\u0438\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u043f\u043e\u043d\u0440\u0430\u0432\u0438\u0432\u0448\u0438\u0435\u0441\u044f \u0442\u043e\u0432\u0430\u0440\u044b \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043f\u043e\u043a\u0443\u043f\u043a\u0438.\n\n\ud83d\udd0d \u0421\u0443\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c: \u041e\u0431\u0445\u043e\u0434 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0442\u0438\u043f\u043e\u0432 \u0444\u0430\u0439\u043b\u043e\u0432 (\u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 test_type=false)\n- \u0423\u0441\u043b\u043e\u0432\u0438\u044f \u0430\u0442\u0430\u043a\u0438: \u0414\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0435\u043d \u043f\u043b\u0430\u0433\u0438\u043d WC Fields Factory + \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 Wishlist\n- \u041e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c: \u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 PHP-\u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE)\n- \u0420\u0438\u0441\u043a: 10/10 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS\n\n\u041e\u0442\u043b\u0438\u0447\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d! \u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0432 \u0432\u0438\u0448\u043b\u0438\u0441\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u043e\u0432\u0430\u0440\u044b, \u043d\u043e \u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u044b \ud83d\ude05\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2025-06-01T06:07:47.000000Z"}, {"uuid": "b5369a14-9914-474c-8f27-77e833f719f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47577", "type": "seen", "source": "https://t.me/infosec_ita_notizie/1461", "content": "Vulnerabilit\u00e0 critica non corretta nel plugin TI WooCommerce Wishlist (CVE-2025-47577)\n\nhttps://www.insicurezzadigitale.com/vulnerabilita-critica-non-corretta-nel-plugin-ti-woocommerce-wishlist-cve-2025-47577/", "creation_timestamp": "2025-05-28T19:02:59.000000Z"}]}