{"vulnerability": "cve-2025-4760", "sightings": [{"uuid": "c2d1b2ed-9fb0-4cec-b979-d4191d6b0a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47601", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqyqy4kql72e", "content": "", "creation_timestamp": "2025-06-07T06:48:32.759872Z"}, {"uuid": "794dda6c-26bd-4efc-a7f2-2d8d8b5536ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47608", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wp_abandoned_cart_sqli.rb", "content": "", "creation_timestamp": "2021-02-04T17:02:47.000000Z"}, {"uuid": "88015b1d-69d6-4003-afbf-a8285ce65b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47608", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "15251c46-d473-4357-b442-7c06c8568fd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47607", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15548", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47607\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty Show All Comments allows Stored XSS. This issue affects Show All Comments: from n/a through 7.0.1.\n\ud83d\udccf Published: 2025-05-07T14:20:29.234Z\n\ud83d\udccf Modified: 2025-05-08T16:15:39.194Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/show-all-comments-in-one-page/vulnerability/wordpress-show-all-comments-7-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-08T16:23:47.000000Z"}, {"uuid": "a465139a-50d4-4326-bd0f-273ecc27b53a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47608", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17726", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47608\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows SQL Injection. This issue affects Recover abandoned cart for WooCommerce: from n/a through 2.5.\n\ud83d\udccf Published: 2025-06-09T15:54:07.876Z\n\ud83d\udccf Modified: 2025-06-09T17:23:26.523Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/recover-wc-abandoned-cart/vulnerability/wordpress-recover-abandoned-cart-for-woocommerce-2-5-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-09T18:11:10.000000Z"}, {"uuid": "a9982edb-154e-4d2c-9527-3979a86dcecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47609", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15549", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47609\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in easymebiz EasyMe Connect allows Cross Site Request Forgery. This issue affects EasyMe Connect: from n/a through 3.0.3.\n\ud83d\udccf Published: 2025-05-07T14:20:29.775Z\n\ud83d\udccf Modified: 2025-05-08T16:15:14.300Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/easyme-connect/vulnerability/wordpress-easyme-connect-3-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-08T16:23:48.000000Z"}, {"uuid": "e457d66c-9827-4941-b43b-39a4d785fd8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47601", "type": "seen", "source": "Telegram/rvYzq3XuSqIS6Jq2gKTARck8Jdf3ZePMyR6aO0nPIgKoa34", "content": "", "creation_timestamp": "2025-06-07T05:00:22.000000Z"}]}