RHSA-2025:0211

creationtimestamp| type| source ---|---|--- 2025-02-26 12:31:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5486 2025-04-17 00:59:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12175...

CVE-2024-48248

creationtimestamp| type| source ---|---|--- 2025-02-26 11:22:04+00:00| seen| https://bsky.app/profile/dinosn.bsky.social/post/3lj3b642uxs2u 2025-02-26 11:54:32+00:00| seen| https://bsky.app/profile/r-netsec.bsky.social/post/3lj3cycn4qw2j 2025-02-26 12:10:37+00:00| confirmed|...

CVE-2025-25519

creationtimestamp| type| source ---|---|--- 2025-02-26 01:44:44+00:00| seen| https://t.me/cvedetector/18930 2025-02-26 19:49:09+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114071918424654623 2025-02-27 00:00:09+00:00| seen|...

CVE-2025-25515

creationtimestamp| type| source ---|---|--- 2025-02-26 01:13:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj276a7eun2y 2025-02-26 01:44:50+00:00| seen| https://t.me/cvedetector/18934 2025-02-26 19:49:00+00:00| seen|...

CVE-2025-25516

creationtimestamp| type| source ---|---|--- 2025-02-26 01:13:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj27672eat2w 2025-02-26 01:44:42+00:00| seen| https://t.me/cvedetector/18928 2025-02-26 19:49:00+00:00| seen|...

CVE-2025-25460

A stored Cross-Site Scripting XSS vulnerability was identified in FlatPress 1.3.1 within the "Add Entry" feature. This vulnerability allows authenticated attackers to inject malicious JavaScript payloads into blog posts, which are executed when other users view the posts. The issue arises due to...

CVE-2024-30150

creationtimestamp| type| source ---|---|--- 2025-02-25 23:16:19+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114067071175886035 2025-02-26 01:44:42+00:00| seen| https://t.me/cvedetector/18927 2025-02-26 03:17:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj2g46irxz...

CVE-2024-0148

creationtimestamp| type| source ---|---|--- 2025-02-25 20:22:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5366 2025-02-25 23:14:20+00:00| seen| https://t.me/cvedetector/18920 2025-02-27 06:26:44+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lj5b52ojj32q 2025-02-27...

CVE-2025-26900

creationtimestamp| type| source ---|---|--- 2025-02-25 17:43:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lizfyjlzjp2p 2025-02-25 17:48:55+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114065783852093856 2025-02-25 19:23:40+00:00| published-proof-of-concept...

CVE-2025-26600

creationtimestamp| type| source ---|---|--- 2025-02-25 16:22:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5313 2025-02-25 17:32:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114065717510498810 2025-02-25 17:35:32+00:00| seen|...

Inside the Telegram Groups Doxing Women for Their Facebook Posts

A WIRED investigation goes inside the Telegram groups targeting women who joined “Are We Dating the Same Guy?” groups on Facebook with doxing, harassment, and sharing of nonconsensual intimate images...

CVE-2025-25460

A stored Cross-Site Scripting XSS vulnerability was identified in FlatPress 1.3.1 within the "Add Entry" feature. This vulnerability allows authenticated attackers to inject malicious JavaScript payloads into blog posts, which are executed when other users view the posts. The issue arises due to...

CVE-2025-27349

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nurelm Get Posts nurelm-get-posts allows Stored XSS.This issue affects Get Posts: from n/a through = 0.6...

CVE-2025-27298

Cross-Site Request Forgery CSRF vulnerability in cmstactics WP Video Posts wp-video-posts allows OS Command Injection.This issue affects WP Video Posts: from n/a through = 3.5.1...

WordPress Get Posts plugin <= 0.6 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Get Posts versions = 0.6...

WordPress WP Video Posts plugin <= 3.5.1 - CSRF to Remote Code Execution (RCE) vulnerability

CSRF to Remote Code Execution RCE vulnerability discovered by johska in WordPress Plugin WP Video Posts versions = 3.5.1...

CVE-2025-27349 WordPress Get Posts plugin <= 0.6 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nurelm Get Posts nurelm-get-posts allows Stored XSS.This issue affects Get Posts: from n/a through = 0.6...

CVE-2025-27349

CVE-2025-27349 refers to a cross-site scripting (XSS) vulnerability in the WordPress plugin Get Posts . The issue arises from improper input neutralization during web page generation, enabling a Stored XSS condition for affected versions. The vulnerability scope is described as Get Posts: from n/...

CVE-2025-27298 WordPress WP Video Posts plugin <= 3.5.1 - CSRF to Remote Code Execution (RCE) vulnerability

Cross-Site Request Forgery CSRF vulnerability in cmstactics WP Video Posts wp-video-posts allows OS Command Injection.This issue affects WP Video Posts: from n/a through = 3.5.1...

CVE-2025-27298

CVE-2025-27298 affects the WordPress plugin WP Video Posts (versions up to 3.5.1). A CSRF vulnerability can lead to Remote Command Execution via OS command injection. Per the documents, the vulnerability is currently Unpatched (no fix version published); PatchStack describes RCE potential, but no...