{"vulnerability": "cve-2025-4814", "sightings": [{"uuid": "4f3275e6-5123-4cfd-aa7e-9b859d303c61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48146", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16705", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48146\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0.\n\ud83d\udccf Published: 2025-05-16T15:45:16.899Z\n\ud83d\udccf Modified: 2025-05-16T16:23:16.415Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/lupsonline-link-netwerk/vulnerability/wordpress-seo-flow-by-lupsonline-plugin-2-2-0-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-16T16:34:50.000000Z"}, {"uuid": "b962604b-4368-4137-9428-69ea905cd6a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48141", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr73ep366f2e", "content": "", "creation_timestamp": "2025-06-09T19:10:30.548688Z"}, {"uuid": "8be9964c-755c-4cc0-8be0-23a0d547617e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48140", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr73wm47er2u", "content": "", "creation_timestamp": "2025-06-09T19:20:31.432965Z"}, {"uuid": "6bee9029-799c-44b8-a6c8-221786556c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48148", "type": "published-proof-of-concept", "source": "Telegram/PO0oWKD_0dQKMdfBlUdpALOxC_j0fHtsMlyXztmz6yr7XDo", "content": "", "creation_timestamp": "2025-10-24T10:33:18.000000Z"}, {"uuid": "cb78dd62-8577-4a58-9637-78998ac2635b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48144", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpcpzdchjl2p", "content": "", "creation_timestamp": "2025-05-16T19:07:34.064941Z"}, {"uuid": "7bdbc8a6-18b4-41f3-bbb9-2157b1dd2a89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48146", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpcpzdfxnr22", "content": "", "creation_timestamp": "2025-05-16T19:07:34.636093Z"}, {"uuid": "a61badfb-c8a3-403a-88d5-a6cbbb0f8920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48148", "type": "seen", "source": "https://sploitus.com/exploit?id=1BF61FFC-4CF2-5306-812F-C566F2CC851C", "content": "", "creation_timestamp": "2025-10-23T11:07:53.000000Z"}, {"uuid": "138fe631-d115-4f90-a0dc-94ec1e788de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48144", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16704", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48144\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce allows Stored XSS. This issue affects Import Export For WooCommerce: from n/a through 1.6.2.\n\ud83d\udccf Published: 2025-05-16T15:45:16.349Z\n\ud83d\udccf Modified: 2025-05-16T16:23:30.163Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/import-export-for-woocommerce/vulnerability/wordpress-import-export-for-woocommerce-plugin-1-6-2-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-16T16:34:49.000000Z"}, {"uuid": "f42e4ac0-ff4e-4d37-a0cc-e451ce068c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48141", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17891", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48141\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alex Zaytseff Multi CryptoCurrency Payments allows SQL Injection. This issue affects Multi CryptoCurrency Payments: from n/a through 2.0.3.\n\ud83d\udccf Published: 2025-06-09T15:53:58.539Z\n\ud83d\udccf Modified: 2025-06-10T13:57:51.249Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/multi-crypto-currency-payment/vulnerability/wordpress-multi-cryptocurrency-payments-2-0-3-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-10T14:30:33.000000Z"}, {"uuid": "bfbd85d7-ec5e-4e24-bd74-ea707e8a39b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48143", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17889", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48143\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in salesup2019 Formulario de contacto SalesUp! allows Reflected XSS. This issue affects Formulario de contacto SalesUp!: from n/a through 1.0.14.\n\ud83d\udccf Published: 2025-06-09T15:53:57.808Z\n\ud83d\udccf Modified: 2025-06-10T13:58:11.491Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/formularios-de-contacto-salesup/vulnerability/wordpress-formulario-de-contacto-salesup-plugin-1-0-14-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-10T14:30:31.000000Z"}, {"uuid": "a88bde02-ec6e-4b95-a345-3c48ddcc65e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48148", "type": "published-proof-of-concept", "source": "Telegram/6TzqxPlk827OqfYNeQPW4eBLv-j5PDiuF0qD86y9jWhdH14", "content": "", "creation_timestamp": "2025-10-23T15:00:15.000000Z"}, {"uuid": "2ea757f0-a474-4780-adcc-6f17bec86db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48147", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17887", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48147\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CryptoCloud - Crypto Payment Gateway: from n/a through 2.1.2.\n\ud83d\udccf Published: 2025-06-09T15:53:57.056Z\n\ud83d\udccf Modified: 2025-06-10T14:00:18.405Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cryptocloud-crypto-payment-gateway/vulnerability/wordpress-cryptocloud-crypto-payment-gateway-2-1-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-10T14:30:26.000000Z"}]}