From 1d05bc432e40a769491750e7ac666da9869c8e79 Mon Sep 17 00:00:00 2001 From: gitadvisor Date: Thu, 9 Jan 2025 16:25:32 +0000 Subject: [PATCH] generated content from 2025-01-09 --- mapping.csv | 46 +++++++++++++++++++ ...-0166394a-c4d4-48ea-8408-4adb827d67cf.json | 22 +++++++++ ...-06baaf86-1363-46c5-9f0f-095d2e88921f.json | 22 +++++++++ ...-0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3.json | 22 +++++++++ ...-1305c72b-212f-4eec-ac94-6f0946a5d86d.json | 22 +++++++++ ...-15b195d0-98ef-4aa6-a5c4-19ac728f02e4.json | 22 +++++++++ ...-168d2e67-200c-49d4-8d67-fde5d7501601.json | 22 +++++++++ ...-19d35b71-539a-4128-9f63-533418098ec3.json | 22 +++++++++ ...-1b10dece-52a3-4862-9ad8-be6c9c7ebe46.json | 22 +++++++++ ...-1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68.json | 22 +++++++++ ...-1c128e37-c425-45f3-80fd-9ad8f5f1b4a3.json | 22 +++++++++ ...-1e4ad370-9e81-4c3c-81dc-970ec5c43285.json | 22 +++++++++ ...-20559751-2bfb-4e40-9e57-994e736326bf.json | 22 +++++++++ ...-23a9452a-76f4-4245-b422-f46ca8f37578.json | 22 +++++++++ ...-26f0d229-1de5-42e1-8816-f1b451f1881d.json | 22 +++++++++ ...-2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae.json | 22 +++++++++ ...-31958b2e-fe2c-4541-ac73-de6d96ddf0d5.json | 22 +++++++++ ...-3309e246-6587-43a1-ad4c-f6278b57d676.json | 22 +++++++++ ...-395ee3d3-a91c-442d-b10f-f6c1b03a529a.json | 22 +++++++++ ...-3a399cf6-ad37-43d0-a467-5855215c4c51.json | 22 +++++++++ ...-4634d107-5939-4cc8-81d3-bbcc83e3e4e4.json | 22 +++++++++ ...-4abd5e16-0fa6-4d71-b271-4da1ff84c927.json | 22 +++++++++ ...-5466e571-3ff0-4634-b5bd-8bb541afb57a.json | 22 +++++++++ ...-546ed324-d198-48ba-bdf4-4b5da663bcee.json | 22 +++++++++ ...-56d1bc59-7e2f-4859-9ab8-9a90609e9ee2.json | 22 +++++++++ ...-5a339b2a-941b-44cf-b278-81e48fa98181.json | 22 +++++++++ ...-5b382604-4db5-4ea4-a921-1fc742b2ccec.json | 22 +++++++++ ...-63cc96ad-f598-4f7a-9869-b86ee1086f9d.json | 22 +++++++++ ...-63d8a60d-6b85-458a-957f-20dc5b3be2c1.json | 22 +++++++++ ...-6a8228ed-d6fb-4643-9a5c-9888bb6dbc36.json | 22 +++++++++ ...-70332504-e998-4d49-88b9-c37bde584a77.json | 22 +++++++++ ...-70aa91c3-424b-4b4b-b6af-dd77571e2caf.json | 22 +++++++++ ...-7f49c3cb-190b-4d58-8f5a-d23ea977c879.json | 22 +++++++++ ...-7fae3589-72d7-4a57-acfb-76c4799bd576.json | 22 +++++++++ ...-81d293ac-b2a8-4b33-9c55-842385ff7bcb.json | 22 +++++++++ ...-8309480b-ddbf-43b4-b7dd-d5e7d4418932.json | 22 +++++++++ ...-86b21f9e-afaa-44f1-995b-690fa1d2b9de.json | 22 +++++++++ ...-8a6af666-99a5-4e92-870f-0bf6126f6880.json | 22 +++++++++ ...-92f5d2f6-3f35-4a86-aca5-c78a539fe943.json | 22 +++++++++ ...-a72a1d03-8253-4d0c-b76b-9c6e9fa8b782.json | 22 +++++++++ ...-ae1cd687-4e0a-4380-8e8d-e9172b27ca3f.json | 22 +++++++++ ...-b3401485-8ac2-4b3c-935f-904101a95e43.json | 22 +++++++++ ...-b4c16922-a6d6-47b3-a71b-50ef51dd1fe8.json | 22 +++++++++ ...-c00ce1fc-1d07-4bc9-81ae-ad76a8125626.json | 22 +++++++++ ...-cb22eeb6-1d70-4295-9022-d8e4fd46e32e.json | 22 +++++++++ ...-d1b52d35-6b29-49cd-8c2b-38812b8bdde3.json | 22 +++++++++ ...-ec33c991-741d-497a-90d5-77b619c0c1fc.json | 22 +++++++++ 47 files changed, 1058 insertions(+) create mode 100644 objects/vulnerability/vulnerability--0166394a-c4d4-48ea-8408-4adb827d67cf.json create mode 100644 objects/vulnerability/vulnerability--06baaf86-1363-46c5-9f0f-095d2e88921f.json create mode 100644 objects/vulnerability/vulnerability--0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3.json create mode 100644 objects/vulnerability/vulnerability--1305c72b-212f-4eec-ac94-6f0946a5d86d.json create mode 100644 objects/vulnerability/vulnerability--15b195d0-98ef-4aa6-a5c4-19ac728f02e4.json create mode 100644 objects/vulnerability/vulnerability--168d2e67-200c-49d4-8d67-fde5d7501601.json create mode 100644 objects/vulnerability/vulnerability--19d35b71-539a-4128-9f63-533418098ec3.json create mode 100644 objects/vulnerability/vulnerability--1b10dece-52a3-4862-9ad8-be6c9c7ebe46.json create mode 100644 objects/vulnerability/vulnerability--1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68.json create mode 100644 objects/vulnerability/vulnerability--1c128e37-c425-45f3-80fd-9ad8f5f1b4a3.json create mode 100644 objects/vulnerability/vulnerability--1e4ad370-9e81-4c3c-81dc-970ec5c43285.json create mode 100644 objects/vulnerability/vulnerability--20559751-2bfb-4e40-9e57-994e736326bf.json create mode 100644 objects/vulnerability/vulnerability--23a9452a-76f4-4245-b422-f46ca8f37578.json create mode 100644 objects/vulnerability/vulnerability--26f0d229-1de5-42e1-8816-f1b451f1881d.json create mode 100644 objects/vulnerability/vulnerability--2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae.json create mode 100644 objects/vulnerability/vulnerability--31958b2e-fe2c-4541-ac73-de6d96ddf0d5.json create mode 100644 objects/vulnerability/vulnerability--3309e246-6587-43a1-ad4c-f6278b57d676.json create mode 100644 objects/vulnerability/vulnerability--395ee3d3-a91c-442d-b10f-f6c1b03a529a.json create mode 100644 objects/vulnerability/vulnerability--3a399cf6-ad37-43d0-a467-5855215c4c51.json create mode 100644 objects/vulnerability/vulnerability--4634d107-5939-4cc8-81d3-bbcc83e3e4e4.json create mode 100644 objects/vulnerability/vulnerability--4abd5e16-0fa6-4d71-b271-4da1ff84c927.json create mode 100644 objects/vulnerability/vulnerability--5466e571-3ff0-4634-b5bd-8bb541afb57a.json create mode 100644 objects/vulnerability/vulnerability--546ed324-d198-48ba-bdf4-4b5da663bcee.json create mode 100644 objects/vulnerability/vulnerability--56d1bc59-7e2f-4859-9ab8-9a90609e9ee2.json create mode 100644 objects/vulnerability/vulnerability--5a339b2a-941b-44cf-b278-81e48fa98181.json create mode 100644 objects/vulnerability/vulnerability--5b382604-4db5-4ea4-a921-1fc742b2ccec.json create mode 100644 objects/vulnerability/vulnerability--63cc96ad-f598-4f7a-9869-b86ee1086f9d.json create mode 100644 objects/vulnerability/vulnerability--63d8a60d-6b85-458a-957f-20dc5b3be2c1.json create mode 100644 objects/vulnerability/vulnerability--6a8228ed-d6fb-4643-9a5c-9888bb6dbc36.json create mode 100644 objects/vulnerability/vulnerability--70332504-e998-4d49-88b9-c37bde584a77.json create mode 100644 objects/vulnerability/vulnerability--70aa91c3-424b-4b4b-b6af-dd77571e2caf.json create mode 100644 objects/vulnerability/vulnerability--7f49c3cb-190b-4d58-8f5a-d23ea977c879.json create mode 100644 objects/vulnerability/vulnerability--7fae3589-72d7-4a57-acfb-76c4799bd576.json create mode 100644 objects/vulnerability/vulnerability--81d293ac-b2a8-4b33-9c55-842385ff7bcb.json create mode 100644 objects/vulnerability/vulnerability--8309480b-ddbf-43b4-b7dd-d5e7d4418932.json create mode 100644 objects/vulnerability/vulnerability--86b21f9e-afaa-44f1-995b-690fa1d2b9de.json create mode 100644 objects/vulnerability/vulnerability--8a6af666-99a5-4e92-870f-0bf6126f6880.json create mode 100644 objects/vulnerability/vulnerability--92f5d2f6-3f35-4a86-aca5-c78a539fe943.json create mode 100644 objects/vulnerability/vulnerability--a72a1d03-8253-4d0c-b76b-9c6e9fa8b782.json create mode 100644 objects/vulnerability/vulnerability--ae1cd687-4e0a-4380-8e8d-e9172b27ca3f.json create mode 100644 objects/vulnerability/vulnerability--b3401485-8ac2-4b3c-935f-904101a95e43.json create mode 100644 objects/vulnerability/vulnerability--b4c16922-a6d6-47b3-a71b-50ef51dd1fe8.json create mode 100644 objects/vulnerability/vulnerability--c00ce1fc-1d07-4bc9-81ae-ad76a8125626.json create mode 100644 objects/vulnerability/vulnerability--cb22eeb6-1d70-4295-9022-d8e4fd46e32e.json create mode 100644 objects/vulnerability/vulnerability--d1b52d35-6b29-49cd-8c2b-38812b8bdde3.json create mode 100644 objects/vulnerability/vulnerability--ec33c991-741d-497a-90d5-77b619c0c1fc.json diff --git a/mapping.csv b/mapping.csv index 09b9534c2e..d868a5cc81 100644 --- a/mapping.csv +++ b/mapping.csv @@ -262741,3 +262741,49 @@ vulnerability,CVE-2023-24011,vulnerability--241f58a6-0204-4c20-ac9f-020bb4fd0894 vulnerability,CVE-2024-10106,vulnerability--ed558949-d308-4c90-92b2-dea9d8fa3f4e vulnerability,CVE-2024-43176,vulnerability--3484bd39-163b-4cdf-8651-f38d311254e4 vulnerability,CVE-2022-22491,vulnerability--1b8495c9-3854-4605-8cdb-25d5556b031d +vulnerability,CVE-2025-22812,vulnerability--26f0d229-1de5-42e1-8816-f1b451f1881d +vulnerability,CVE-2025-22819,vulnerability--1c128e37-c425-45f3-80fd-9ad8f5f1b4a3 +vulnerability,CVE-2025-22295,vulnerability--7fae3589-72d7-4a57-acfb-76c4799bd576 +vulnerability,CVE-2025-22345,vulnerability--1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68 +vulnerability,CVE-2025-22806,vulnerability--70aa91c3-424b-4b4b-b6af-dd77571e2caf +vulnerability,CVE-2025-22815,vulnerability--0166394a-c4d4-48ea-8408-4adb827d67cf +vulnerability,CVE-2025-22542,vulnerability--20559751-2bfb-4e40-9e57-994e736326bf +vulnerability,CVE-2025-22817,vulnerability--b3401485-8ac2-4b3c-935f-904101a95e43 +vulnerability,CVE-2025-22826,vulnerability--a72a1d03-8253-4d0c-b76b-9c6e9fa8b782 +vulnerability,CVE-2025-22505,vulnerability--23a9452a-76f4-4245-b422-f46ca8f37578 +vulnerability,CVE-2025-22807,vulnerability--5b382604-4db5-4ea4-a921-1fc742b2ccec +vulnerability,CVE-2025-22808,vulnerability--168d2e67-200c-49d4-8d67-fde5d7501601 +vulnerability,CVE-2025-22813,vulnerability--63d8a60d-6b85-458a-957f-20dc5b3be2c1 +vulnerability,CVE-2025-22822,vulnerability--15b195d0-98ef-4aa6-a5c4-19ac728f02e4 +vulnerability,CVE-2025-22809,vulnerability--ec33c991-741d-497a-90d5-77b619c0c1fc +vulnerability,CVE-2025-22802,vulnerability--2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae +vulnerability,CVE-2025-22504,vulnerability--0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3 +vulnerability,CVE-2025-22811,vulnerability--546ed324-d198-48ba-bdf4-4b5da663bcee +vulnerability,CVE-2025-22539,vulnerability--ae1cd687-4e0a-4380-8e8d-e9172b27ca3f +vulnerability,CVE-2025-22510,vulnerability--70332504-e998-4d49-88b9-c37bde584a77 +vulnerability,CVE-2025-22537,vulnerability--3a399cf6-ad37-43d0-a467-5855215c4c51 +vulnerability,CVE-2025-22331,vulnerability--d1b52d35-6b29-49cd-8c2b-38812b8bdde3 +vulnerability,CVE-2025-22313,vulnerability--7f49c3cb-190b-4d58-8f5a-d23ea977c879 +vulnerability,CVE-2025-22814,vulnerability--1305c72b-212f-4eec-ac94-6f0946a5d86d +vulnerability,CVE-2025-22361,vulnerability--395ee3d3-a91c-442d-b10f-f6c1b03a529a +vulnerability,CVE-2025-22824,vulnerability--63cc96ad-f598-4f7a-9869-b86ee1086f9d +vulnerability,CVE-2025-22508,vulnerability--4634d107-5939-4cc8-81d3-bbcc83e3e4e4 +vulnerability,CVE-2025-22540,vulnerability--8a6af666-99a5-4e92-870f-0bf6126f6880 +vulnerability,CVE-2025-22803,vulnerability--5466e571-3ff0-4634-b5bd-8bb541afb57a +vulnerability,CVE-2025-22330,vulnerability--8309480b-ddbf-43b4-b7dd-d5e7d4418932 +vulnerability,CVE-2025-22805,vulnerability--81d293ac-b2a8-4b33-9c55-842385ff7bcb +vulnerability,CVE-2025-22535,vulnerability--1b10dece-52a3-4862-9ad8-be6c9c7ebe46 +vulnerability,CVE-2025-22810,vulnerability--3309e246-6587-43a1-ad4c-f6278b57d676 +vulnerability,CVE-2025-22561,vulnerability--6a8228ed-d6fb-4643-9a5c-9888bb6dbc36 +vulnerability,CVE-2025-22827,vulnerability--19d35b71-539a-4128-9f63-533418098ec3 +vulnerability,CVE-2025-22823,vulnerability--5a339b2a-941b-44cf-b278-81e48fa98181 +vulnerability,CVE-2025-22821,vulnerability--92f5d2f6-3f35-4a86-aca5-c78a539fe943 +vulnerability,CVE-2025-22801,vulnerability--b4c16922-a6d6-47b3-a71b-50ef51dd1fe8 +vulnerability,CVE-2025-22820,vulnerability--1e4ad370-9e81-4c3c-81dc-970ec5c43285 +vulnerability,CVE-2025-22307,vulnerability--cb22eeb6-1d70-4295-9022-d8e4fd46e32e +vulnerability,CVE-2025-22527,vulnerability--31958b2e-fe2c-4541-ac73-de6d96ddf0d5 +vulnerability,CVE-2025-22818,vulnerability--c00ce1fc-1d07-4bc9-81ae-ad76a8125626 +vulnerability,CVE-2025-22804,vulnerability--56d1bc59-7e2f-4859-9ab8-9a90609e9ee2 +vulnerability,CVE-2025-22594,vulnerability--4abd5e16-0fa6-4d71-b271-4da1ff84c927 +vulnerability,CVE-2025-22521,vulnerability--06baaf86-1363-46c5-9f0f-095d2e88921f +vulnerability,CVE-2025-22595,vulnerability--86b21f9e-afaa-44f1-995b-690fa1d2b9de diff --git a/objects/vulnerability/vulnerability--0166394a-c4d4-48ea-8408-4adb827d67cf.json b/objects/vulnerability/vulnerability--0166394a-c4d4-48ea-8408-4adb827d67cf.json new file mode 100644 index 0000000000..1c28d898d0 --- /dev/null +++ b/objects/vulnerability/vulnerability--0166394a-c4d4-48ea-8408-4adb827d67cf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--922528e4-6a47-463e-b196-6d3d17a96a32", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0166394a-c4d4-48ea-8408-4adb827d67cf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.492613Z", + "modified": "2025-01-09T16:25:16.492613Z", + "name": "CVE-2025-22815", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows Stored XSS.This issue affects Button Block: from n/a through 1.1.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22815" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--06baaf86-1363-46c5-9f0f-095d2e88921f.json b/objects/vulnerability/vulnerability--06baaf86-1363-46c5-9f0f-095d2e88921f.json new file mode 100644 index 0000000000..9c14153aed --- /dev/null +++ b/objects/vulnerability/vulnerability--06baaf86-1363-46c5-9f0f-095d2e88921f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e5973f80-7d47-4609-a8e7-45316d356ee6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--06baaf86-1363-46c5-9f0f-095d2e88921f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.563636Z", + "modified": "2025-01-09T16:25:16.563636Z", + "name": "CVE-2025-22521", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Farrell wp Hosting Performance Check allows Reflected XSS.This issue affects wp Hosting Performance Check: from n/a through 2.18.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22521" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3.json b/objects/vulnerability/vulnerability--0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3.json new file mode 100644 index 0000000000..c441d49f90 --- /dev/null +++ b/objects/vulnerability/vulnerability--0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6d7bdd3a-78c8-4469-a556-36d6aedad54e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0effcc21-e53d-4ec8-b50e-4abc1d0a7dd3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.511095Z", + "modified": "2025-01-09T16:25:16.511095Z", + "name": "CVE-2025-22504", + "description": "Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through 0.2.18.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22504" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1305c72b-212f-4eec-ac94-6f0946a5d86d.json b/objects/vulnerability/vulnerability--1305c72b-212f-4eec-ac94-6f0946a5d86d.json new file mode 100644 index 0000000000..09ba449653 --- /dev/null +++ b/objects/vulnerability/vulnerability--1305c72b-212f-4eec-ac94-6f0946a5d86d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--712393c7-4130-4cc7-9ad0-8e8bba0f2071", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1305c72b-212f-4eec-ac94-6f0946a5d86d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.525305Z", + "modified": "2025-01-09T16:25:16.525305Z", + "name": "CVE-2025-22814", + "description": "Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme allows Cross Site Request Forgery.This issue affects Zephyr Admin Theme: from n/a through 1.4.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22814" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--15b195d0-98ef-4aa6-a5c4-19ac728f02e4.json b/objects/vulnerability/vulnerability--15b195d0-98ef-4aa6-a5c4-19ac728f02e4.json new file mode 100644 index 0000000000..b7313f1138 --- /dev/null +++ b/objects/vulnerability/vulnerability--15b195d0-98ef-4aa6-a5c4-19ac728f02e4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3c390033-693e-4055-95fb-891ae60bbb6e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--15b195d0-98ef-4aa6-a5c4-19ac728f02e4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.50611Z", + "modified": "2025-01-09T16:25:16.50611Z", + "name": "CVE-2025-22822", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bishawjit Das wp custom countdown allows Stored XSS.This issue affects wp custom countdown: from n/a through 2.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22822" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--168d2e67-200c-49d4-8d67-fde5d7501601.json b/objects/vulnerability/vulnerability--168d2e67-200c-49d4-8d67-fde5d7501601.json new file mode 100644 index 0000000000..eca29710e7 --- /dev/null +++ b/objects/vulnerability/vulnerability--168d2e67-200c-49d4-8d67-fde5d7501601.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5c230b1c-d6e5-4cef-b834-e045b6d4a9b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--168d2e67-200c-49d4-8d67-fde5d7501601", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.502129Z", + "modified": "2025-01-09T16:25:16.502129Z", + "name": "CVE-2025-22808", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Surbma Surbma | Premium WP allows DOM-Based XSS.This issue affects Surbma | Premium WP: from n/a through 9.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22808" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--19d35b71-539a-4128-9f63-533418098ec3.json b/objects/vulnerability/vulnerability--19d35b71-539a-4128-9f63-533418098ec3.json new file mode 100644 index 0000000000..038b64498f --- /dev/null +++ b/objects/vulnerability/vulnerability--19d35b71-539a-4128-9f63-533418098ec3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2908b9c1-c69b-4601-8b20-c0cdba387729", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--19d35b71-539a-4128-9f63-533418098ec3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.544272Z", + "modified": "2025-01-09T16:25:16.544272Z", + "name": "CVE-2025-22827", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joomag. WP Joomag allows DOM-Based XSS.This issue affects WP Joomag: from n/a through 2.5.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22827" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1b10dece-52a3-4862-9ad8-be6c9c7ebe46.json b/objects/vulnerability/vulnerability--1b10dece-52a3-4862-9ad8-be6c9c7ebe46.json new file mode 100644 index 0000000000..ce762155a5 --- /dev/null +++ b/objects/vulnerability/vulnerability--1b10dece-52a3-4862-9ad8-be6c9c7ebe46.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2812b38e-c3fe-4329-af4b-2fd7d9b13356", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1b10dece-52a3-4862-9ad8-be6c9c7ebe46", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.539769Z", + "modified": "2025-01-09T16:25:16.539769Z", + "name": "CVE-2025-22535", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jonathan Kern WPListCal allows SQL Injection.This issue affects WPListCal: from n/a through 1.3.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22535" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68.json b/objects/vulnerability/vulnerability--1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68.json new file mode 100644 index 0000000000..4cc5166a31 --- /dev/null +++ b/objects/vulnerability/vulnerability--1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f67d44c7-e3a7-4de3-8adb-403edfee083d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1bdccd3d-ceb4-40cc-b069-fe98cbdd9c68", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.47876Z", + "modified": "2025-01-09T16:25:16.47876Z", + "name": "CVE-2025-22345", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Spiess TS Comfort DB allows Reflected XSS.This issue affects TS Comfort DB: from n/a through 2.0.7.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22345" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1c128e37-c425-45f3-80fd-9ad8f5f1b4a3.json b/objects/vulnerability/vulnerability--1c128e37-c425-45f3-80fd-9ad8f5f1b4a3.json new file mode 100644 index 0000000000..0919bc8225 --- /dev/null +++ b/objects/vulnerability/vulnerability--1c128e37-c425-45f3-80fd-9ad8f5f1b4a3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2fc73d56-cb5d-448b-8006-f994c45ab24d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1c128e37-c425-45f3-80fd-9ad8f5f1b4a3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.475686Z", + "modified": "2025-01-09T16:25:16.475686Z", + "name": "CVE-2025-22819", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 4wpbari Qr Code and Barcode Scanner Reader allows Stored XSS.This issue affects Qr Code and Barcode Scanner Reader: from n/a through 1.0.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22819" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--1e4ad370-9e81-4c3c-81dc-970ec5c43285.json b/objects/vulnerability/vulnerability--1e4ad370-9e81-4c3c-81dc-970ec5c43285.json new file mode 100644 index 0000000000..efef2ee128 --- /dev/null +++ b/objects/vulnerability/vulnerability--1e4ad370-9e81-4c3c-81dc-970ec5c43285.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--af32285e-b90d-4fe8-8e29-bee61de08419", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--1e4ad370-9e81-4c3c-81dc-970ec5c43285", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.55062Z", + "modified": "2025-01-09T16:25:16.55062Z", + "name": "CVE-2025-22820", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Walmsley VR Views allows Stored XSS.This issue affects VR Views: from n/a through 1.5.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22820" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--20559751-2bfb-4e40-9e57-994e736326bf.json b/objects/vulnerability/vulnerability--20559751-2bfb-4e40-9e57-994e736326bf.json new file mode 100644 index 0000000000..da7fe08301 --- /dev/null +++ b/objects/vulnerability/vulnerability--20559751-2bfb-4e40-9e57-994e736326bf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c193b18a-19bd-49ff-9fb6-f76b6a3afa9b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--20559751-2bfb-4e40-9e57-994e736326bf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.494146Z", + "modified": "2025-01-09T16:25:16.494146Z", + "name": "CVE-2025-22542", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ofek Nakar Virtual Bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through 1.0.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22542" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--23a9452a-76f4-4245-b422-f46ca8f37578.json b/objects/vulnerability/vulnerability--23a9452a-76f4-4245-b422-f46ca8f37578.json new file mode 100644 index 0000000000..235115999b --- /dev/null +++ b/objects/vulnerability/vulnerability--23a9452a-76f4-4245-b422-f46ca8f37578.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--56bf4eab-b385-4d28-8d90-7b8e139df4a7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--23a9452a-76f4-4245-b422-f46ca8f37578", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.499127Z", + "modified": "2025-01-09T16:25:16.499127Z", + "name": "CVE-2025-22505", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabaraj Chapagain NC Wishlist for Woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a through 1.0.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22505" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--26f0d229-1de5-42e1-8816-f1b451f1881d.json b/objects/vulnerability/vulnerability--26f0d229-1de5-42e1-8816-f1b451f1881d.json new file mode 100644 index 0000000000..d4794cc713 --- /dev/null +++ b/objects/vulnerability/vulnerability--26f0d229-1de5-42e1-8816-f1b451f1881d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--4aab03fb-48f8-45bf-af2b-1d3e525e9bd6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--26f0d229-1de5-42e1-8816-f1b451f1881d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.466049Z", + "modified": "2025-01-09T16:25:16.466049Z", + "name": "CVE-2025-22812", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs News Ticker Widget for Elementor allows Stored XSS.This issue affects News Ticker Widget for Elementor: from n/a through 1.3.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22812" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae.json b/objects/vulnerability/vulnerability--2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae.json new file mode 100644 index 0000000000..9c43ef2ff9 --- /dev/null +++ b/objects/vulnerability/vulnerability--2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--94e2b74a-b449-4358-b83b-3ad22e0c7389", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2a14edaa-5903-4f9c-9fc0-bfc6b402b6ae", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.510009Z", + "modified": "2025-01-09T16:25:16.510009Z", + "name": "CVE-2025-22802", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail allows Stored XSS.This issue affects Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail: from n/a through 2.1.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22802" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--31958b2e-fe2c-4541-ac73-de6d96ddf0d5.json b/objects/vulnerability/vulnerability--31958b2e-fe2c-4541-ac73-de6d96ddf0d5.json new file mode 100644 index 0000000000..fc8138a043 --- /dev/null +++ b/objects/vulnerability/vulnerability--31958b2e-fe2c-4541-ac73-de6d96ddf0d5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6017d797-42f5-4a12-a76d-ed3f8caeaa68", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--31958b2e-fe2c-4541-ac73-de6d96ddf0d5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.555852Z", + "modified": "2025-01-09T16:25:16.555852Z", + "name": "CVE-2025-22527", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yamna Khawaja Mailing Group Listserv allows SQL Injection.This issue affects Mailing Group Listserv: from n/a through 2.0.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22527" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3309e246-6587-43a1-ad4c-f6278b57d676.json b/objects/vulnerability/vulnerability--3309e246-6587-43a1-ad4c-f6278b57d676.json new file mode 100644 index 0000000000..9ae45b510f --- /dev/null +++ b/objects/vulnerability/vulnerability--3309e246-6587-43a1-ad4c-f6278b57d676.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--92d2da4c-3caf-4456-949d-2502b9cf864c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3309e246-6587-43a1-ad4c-f6278b57d676", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.540859Z", + "modified": "2025-01-09T16:25:16.540859Z", + "name": "CVE-2025-22810", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CBB Team Content Blocks Builder allows Stored XSS.This issue affects Content Blocks Builder: from n/a through 2.7.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22810" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--395ee3d3-a91c-442d-b10f-f6c1b03a529a.json b/objects/vulnerability/vulnerability--395ee3d3-a91c-442d-b10f-f6c1b03a529a.json new file mode 100644 index 0000000000..48cf4aac64 --- /dev/null +++ b/objects/vulnerability/vulnerability--395ee3d3-a91c-442d-b10f-f6c1b03a529a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0ab19533-4cd0-47e3-a183-fc4b76ad52ea", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--395ee3d3-a91c-442d-b10f-f6c1b03a529a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.527548Z", + "modified": "2025-01-09T16:25:16.527548Z", + "name": "CVE-2025-22361", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Opentracker Opentracker Analytics allows Reflected XSS.This issue affects Opentracker Analytics: from n/a through 1.3.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22361" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3a399cf6-ad37-43d0-a467-5855215c4c51.json b/objects/vulnerability/vulnerability--3a399cf6-ad37-43d0-a467-5855215c4c51.json new file mode 100644 index 0000000000..48b234c26b --- /dev/null +++ b/objects/vulnerability/vulnerability--3a399cf6-ad37-43d0-a467-5855215c4c51.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3a5212a7-b2e0-49ee-b53f-bdcf28967406", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3a399cf6-ad37-43d0-a467-5855215c4c51", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.518232Z", + "modified": "2025-01-09T16:25:16.518232Z", + "name": "CVE-2025-22537", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in traveller11 Google Maps Travel Route allows SQL Injection.This issue affects Google Maps Travel Route: from n/a through 1.3.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22537" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4634d107-5939-4cc8-81d3-bbcc83e3e4e4.json b/objects/vulnerability/vulnerability--4634d107-5939-4cc8-81d3-bbcc83e3e4e4.json new file mode 100644 index 0000000000..4ddf436965 --- /dev/null +++ b/objects/vulnerability/vulnerability--4634d107-5939-4cc8-81d3-bbcc83e3e4e4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--368e80ed-dfd6-4af7-8427-a856cbfba549", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4634d107-5939-4cc8-81d3-bbcc83e3e4e4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.531752Z", + "modified": "2025-01-09T16:25:16.531752Z", + "name": "CVE-2025-22508", + "description": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through 1.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22508" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4abd5e16-0fa6-4d71-b271-4da1ff84c927.json b/objects/vulnerability/vulnerability--4abd5e16-0fa6-4d71-b271-4da1ff84c927.json new file mode 100644 index 0000000000..2acf924527 --- /dev/null +++ b/objects/vulnerability/vulnerability--4abd5e16-0fa6-4d71-b271-4da1ff84c927.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--47959a6c-1bcf-4f79-a8a8-ca38c72f2425", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4abd5e16-0fa6-4d71-b271-4da1ff84c927", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.560705Z", + "modified": "2025-01-09T16:25:16.560705Z", + "name": "CVE-2025-22594", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hccoder – Sándor Fodor Better User Shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through 1.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22594" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5466e571-3ff0-4634-b5bd-8bb541afb57a.json b/objects/vulnerability/vulnerability--5466e571-3ff0-4634-b5bd-8bb541afb57a.json new file mode 100644 index 0000000000..8439cc7d69 --- /dev/null +++ b/objects/vulnerability/vulnerability--5466e571-3ff0-4634-b5bd-8bb541afb57a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7f2d1106-771f-4766-afe9-7ef33d4be37b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5466e571-3ff0-4634-b5bd-8bb541afb57a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.53601Z", + "modified": "2025-01-09T16:25:16.53601Z", + "name": "CVE-2025-22803", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Advanced Product Information for WooCommerce allows Stored XSS.This issue affects Advanced Product Information for WooCommerce: from n/a through 1.1.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22803" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--546ed324-d198-48ba-bdf4-4b5da663bcee.json b/objects/vulnerability/vulnerability--546ed324-d198-48ba-bdf4-4b5da663bcee.json new file mode 100644 index 0000000000..a79ddd0ead --- /dev/null +++ b/objects/vulnerability/vulnerability--546ed324-d198-48ba-bdf4-4b5da663bcee.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--69d3ae54-29d0-498c-a6a6-6a874e610165", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--546ed324-d198-48ba-bdf4-4b5da663bcee", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.513124Z", + "modified": "2025-01-09T16:25:16.513124Z", + "name": "CVE-2025-22811", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modeltheme MT Addons for Elementor allows Stored XSS.This issue affects MT Addons for Elementor: from n/a through 1.0.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22811" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--56d1bc59-7e2f-4859-9ab8-9a90609e9ee2.json b/objects/vulnerability/vulnerability--56d1bc59-7e2f-4859-9ab8-9a90609e9ee2.json new file mode 100644 index 0000000000..3ec940f566 --- /dev/null +++ b/objects/vulnerability/vulnerability--56d1bc59-7e2f-4859-9ab8-9a90609e9ee2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fe18c6ce-0eba-4313-830f-02561f0d53cd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--56d1bc59-7e2f-4859-9ab8-9a90609e9ee2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.55942Z", + "modified": "2025-01-09T16:25:16.55942Z", + "name": "CVE-2025-22804", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.23.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22804" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5a339b2a-941b-44cf-b278-81e48fa98181.json b/objects/vulnerability/vulnerability--5a339b2a-941b-44cf-b278-81e48fa98181.json new file mode 100644 index 0000000000..2190b167a2 --- /dev/null +++ b/objects/vulnerability/vulnerability--5a339b2a-941b-44cf-b278-81e48fa98181.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2045070c-26ae-44d0-8289-29ef73da59b4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5a339b2a-941b-44cf-b278-81e48fa98181", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.546062Z", + "modified": "2025-01-09T16:25:16.546062Z", + "name": "CVE-2025-22823", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Twerdy Genesis Style Shortcodes allows DOM-Based XSS.This issue affects Genesis Style Shortcodes: from n/a through 1.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22823" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5b382604-4db5-4ea4-a921-1fc742b2ccec.json b/objects/vulnerability/vulnerability--5b382604-4db5-4ea4-a921-1fc742b2ccec.json new file mode 100644 index 0000000000..76ecce5739 --- /dev/null +++ b/objects/vulnerability/vulnerability--5b382604-4db5-4ea4-a921-1fc742b2ccec.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3d0073e0-22e9-47f3-8548-47a0887965d4", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5b382604-4db5-4ea4-a921-1fc742b2ccec", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.500866Z", + "modified": "2025-01-09T16:25:16.500866Z", + "name": "CVE-2025-22807", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Peake Responsive Flickr Slideshow allows Stored XSS.This issue affects Responsive Flickr Slideshow: from n/a through 2.6.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22807" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--63cc96ad-f598-4f7a-9869-b86ee1086f9d.json b/objects/vulnerability/vulnerability--63cc96ad-f598-4f7a-9869-b86ee1086f9d.json new file mode 100644 index 0000000000..d8c62c108a --- /dev/null +++ b/objects/vulnerability/vulnerability--63cc96ad-f598-4f7a-9869-b86ee1086f9d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cc264b24-f08e-4a10-a732-a9f83a13ffe6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--63cc96ad-f598-4f7a-9869-b86ee1086f9d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.528609Z", + "modified": "2025-01-09T16:25:16.528609Z", + "name": "CVE-2025-22824", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lucia Intelisano Live Flight Radar allows Stored XSS.This issue affects Live Flight Radar: from n/a through 1.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22824" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--63d8a60d-6b85-458a-957f-20dc5b3be2c1.json b/objects/vulnerability/vulnerability--63d8a60d-6b85-458a-957f-20dc5b3be2c1.json new file mode 100644 index 0000000000..45c44963ae --- /dev/null +++ b/objects/vulnerability/vulnerability--63d8a60d-6b85-458a-957f-20dc5b3be2c1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--23107f86-e16e-4bec-baef-aebc8c2de048", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--63d8a60d-6b85-458a-957f-20dc5b3be2c1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.50307Z", + "modified": "2025-01-09T16:25:16.50307Z", + "name": "CVE-2025-22813", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ChatBot for WordPress - WPBot Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.4.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22813" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6a8228ed-d6fb-4643-9a5c-9888bb6dbc36.json b/objects/vulnerability/vulnerability--6a8228ed-d6fb-4643-9a5c-9888bb6dbc36.json new file mode 100644 index 0000000000..1838befd90 --- /dev/null +++ b/objects/vulnerability/vulnerability--6a8228ed-d6fb-4643-9a5c-9888bb6dbc36.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2f10a69e-9302-4195-b8f4-def781884575", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6a8228ed-d6fb-4643-9a5c-9888bb6dbc36", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.542824Z", + "modified": "2025-01-09T16:25:16.542824Z", + "name": "CVE-2025-22561", + "description": "Missing Authorization vulnerability in Jason Funk Title Experiments Free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Title Experiments Free: from n/a through 9.0.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22561" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--70332504-e998-4d49-88b9-c37bde584a77.json b/objects/vulnerability/vulnerability--70332504-e998-4d49-88b9-c37bde584a77.json new file mode 100644 index 0000000000..024b51e8d6 --- /dev/null +++ b/objects/vulnerability/vulnerability--70332504-e998-4d49-88b9-c37bde584a77.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ecba5ef8-da95-4297-8284-858aed81ffb1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--70332504-e998-4d49-88b9-c37bde584a77", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.517235Z", + "modified": "2025-01-09T16:25:16.517235Z", + "name": "CVE-2025-22510", + "description": "Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through 2.1.4.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22510" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--70aa91c3-424b-4b4b-b6af-dd77571e2caf.json b/objects/vulnerability/vulnerability--70aa91c3-424b-4b4b-b6af-dd77571e2caf.json new file mode 100644 index 0000000000..89d4fbc691 --- /dev/null +++ b/objects/vulnerability/vulnerability--70aa91c3-424b-4b4b-b6af-dd77571e2caf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c53dea26-de26-4bef-880c-22117d8d7e74", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--70aa91c3-424b-4b4b-b6af-dd77571e2caf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.479823Z", + "modified": "2025-01-09T16:25:16.479823Z", + "name": "CVE-2025-22806", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows DOM-Based XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22806" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7f49c3cb-190b-4d58-8f5a-d23ea977c879.json b/objects/vulnerability/vulnerability--7f49c3cb-190b-4d58-8f5a-d23ea977c879.json new file mode 100644 index 0000000000..cd0789b74b --- /dev/null +++ b/objects/vulnerability/vulnerability--7f49c3cb-190b-4d58-8f5a-d23ea977c879.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--64ec413b-a99e-46aa-9cf6-3134c9d1af1a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7f49c3cb-190b-4d58-8f5a-d23ea977c879", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.522598Z", + "modified": "2025-01-09T16:25:16.522598Z", + "name": "CVE-2025-22313", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light allows Reflected XSS.This issue affects Widgetize Pages Light: from n/a through 3.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22313" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7fae3589-72d7-4a57-acfb-76c4799bd576.json b/objects/vulnerability/vulnerability--7fae3589-72d7-4a57-acfb-76c4799bd576.json new file mode 100644 index 0000000000..658e567710 --- /dev/null +++ b/objects/vulnerability/vulnerability--7fae3589-72d7-4a57-acfb-76c4799bd576.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ce73fde4-1014-4ea4-94bb-82f1e396ddf8", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7fae3589-72d7-4a57-acfb-76c4799bd576", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.477516Z", + "modified": "2025-01-09T16:25:16.477516Z", + "name": "CVE-2025-22295", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tripetto WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto allows Stored XSS.This issue affects WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto: from n/a through 8.0.5.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22295" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--81d293ac-b2a8-4b33-9c55-842385ff7bcb.json b/objects/vulnerability/vulnerability--81d293ac-b2a8-4b33-9c55-842385ff7bcb.json new file mode 100644 index 0000000000..b2dd05e7f7 --- /dev/null +++ b/objects/vulnerability/vulnerability--81d293ac-b2a8-4b33-9c55-842385ff7bcb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9b7769c1-8ce4-4807-b1cf-cc5872821f4b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--81d293ac-b2a8-4b33-9c55-842385ff7bcb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.538802Z", + "modified": "2025-01-09T16:25:16.538802Z", + "name": "CVE-2025-22805", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePoints Skill Bar allows Stored XSS.This issue affects Skill Bar: from n/a through 1.2.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22805" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8309480b-ddbf-43b4-b7dd-d5e7d4418932.json b/objects/vulnerability/vulnerability--8309480b-ddbf-43b4-b7dd-d5e7d4418932.json new file mode 100644 index 0000000000..fa75df7a21 --- /dev/null +++ b/objects/vulnerability/vulnerability--8309480b-ddbf-43b4-b7dd-d5e7d4418932.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3c98e8be-ab41-412a-8d43-35626443509f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8309480b-ddbf-43b4-b7dd-d5e7d4418932", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.537224Z", + "modified": "2025-01-09T16:25:16.537224Z", + "name": "CVE-2025-22330", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Waghmare MG Parallax Slider allows Reflected XSS.This issue affects MG Parallax Slider: from n/a through 1.0..", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22330" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--86b21f9e-afaa-44f1-995b-690fa1d2b9de.json b/objects/vulnerability/vulnerability--86b21f9e-afaa-44f1-995b-690fa1d2b9de.json new file mode 100644 index 0000000000..f8ce2c52bc --- /dev/null +++ b/objects/vulnerability/vulnerability--86b21f9e-afaa-44f1-995b-690fa1d2b9de.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--753bc4f0-8d03-4143-a2ec-afca6e0387c9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--86b21f9e-afaa-44f1-995b-690fa1d2b9de", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.564829Z", + "modified": "2025-01-09T16:25:16.564829Z", + "name": "CVE-2025-22595", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja Mailing Group Listserv allows Reflected XSS.This issue affects Mailing Group Listserv: from n/a through 2.0.9.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22595" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8a6af666-99a5-4e92-870f-0bf6126f6880.json b/objects/vulnerability/vulnerability--8a6af666-99a5-4e92-870f-0bf6126f6880.json new file mode 100644 index 0000000000..03914d798d --- /dev/null +++ b/objects/vulnerability/vulnerability--8a6af666-99a5-4e92-870f-0bf6126f6880.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--837c4f53-59e0-4ee1-8ef5-68f8babf846d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8a6af666-99a5-4e92-870f-0bf6126f6880", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.534482Z", + "modified": "2025-01-09T16:25:16.534482Z", + "name": "CVE-2025-22540", + "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sebastian Orellana Emailing Subscription allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through 1.4.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22540" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--92f5d2f6-3f35-4a86-aca5-c78a539fe943.json b/objects/vulnerability/vulnerability--92f5d2f6-3f35-4a86-aca5-c78a539fe943.json new file mode 100644 index 0000000000..756deb1160 --- /dev/null +++ b/objects/vulnerability/vulnerability--92f5d2f6-3f35-4a86-aca5-c78a539fe943.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--50d84c7b-51aa-4f3f-8d49-dbb60bc8d043", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--92f5d2f6-3f35-4a86-aca5-c78a539fe943", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.547415Z", + "modified": "2025-01-09T16:25:16.547415Z", + "name": "CVE-2025-22821", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vfthemes StorePress allows DOM-Based XSS.This issue affects StorePress: from n/a through 1.0.12.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22821" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a72a1d03-8253-4d0c-b76b-9c6e9fa8b782.json b/objects/vulnerability/vulnerability--a72a1d03-8253-4d0c-b76b-9c6e9fa8b782.json new file mode 100644 index 0000000000..bd603e7e4c --- /dev/null +++ b/objects/vulnerability/vulnerability--a72a1d03-8253-4d0c-b76b-9c6e9fa8b782.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--23e8af12-8633-4ea0-9cd2-f3a18add77ae", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a72a1d03-8253-4d0c-b76b-9c6e9fa8b782", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.497002Z", + "modified": "2025-01-09T16:25:16.497002Z", + "name": "CVE-2025-22826", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce, wp.insider Sell Digital Downloads allows Stored XSS.This issue affects Sell Digital Downloads: from n/a through 2.2.7.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22826" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ae1cd687-4e0a-4380-8e8d-e9172b27ca3f.json b/objects/vulnerability/vulnerability--ae1cd687-4e0a-4380-8e8d-e9172b27ca3f.json new file mode 100644 index 0000000000..33a1fb5238 --- /dev/null +++ b/objects/vulnerability/vulnerability--ae1cd687-4e0a-4380-8e8d-e9172b27ca3f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--64abc4b5-d6e9-44bb-b9be-b9b349f71bdd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ae1cd687-4e0a-4380-8e8d-e9172b27ca3f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.515464Z", + "modified": "2025-01-09T16:25:16.515464Z", + "name": "CVE-2025-22539", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ka2 Custom DataBase Tables allows Reflected XSS.This issue affects Custom DataBase Tables: from n/a through 2.1.34.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22539" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b3401485-8ac2-4b3c-935f-904101a95e43.json b/objects/vulnerability/vulnerability--b3401485-8ac2-4b3c-935f-904101a95e43.json new file mode 100644 index 0000000000..4cf28c3faa --- /dev/null +++ b/objects/vulnerability/vulnerability--b3401485-8ac2-4b3c-935f-904101a95e43.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--212848de-e31a-4c51-a7bd-599ffd378961", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b3401485-8ac2-4b3c-935f-904101a95e43", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.495604Z", + "modified": "2025-01-09T16:25:16.495604Z", + "name": "CVE-2025-22817", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Venutius BP Profile Shortcodes Extra allows Stored XSS.This issue affects BP Profile Shortcodes Extra: from n/a through 2.6.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22817" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--b4c16922-a6d6-47b3-a71b-50ef51dd1fe8.json b/objects/vulnerability/vulnerability--b4c16922-a6d6-47b3-a71b-50ef51dd1fe8.json new file mode 100644 index 0000000000..9ae822c939 --- /dev/null +++ b/objects/vulnerability/vulnerability--b4c16922-a6d6-47b3-a71b-50ef51dd1fe8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d766edd1-7d31-4d33-aaa9-07fe25255138", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--b4c16922-a6d6-47b3-a71b-50ef51dd1fe8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.549515Z", + "modified": "2025-01-09T16:25:16.549515Z", + "name": "CVE-2025-22801", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through 1.2.8.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22801" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c00ce1fc-1d07-4bc9-81ae-ad76a8125626.json b/objects/vulnerability/vulnerability--c00ce1fc-1d07-4bc9-81ae-ad76a8125626.json new file mode 100644 index 0000000000..449bffc250 --- /dev/null +++ b/objects/vulnerability/vulnerability--c00ce1fc-1d07-4bc9-81ae-ad76a8125626.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3676c23d-05c4-4043-84cb-e94f1fd73271", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c00ce1fc-1d07-4bc9-81ae-ad76a8125626", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.558117Z", + "modified": "2025-01-09T16:25:16.558117Z", + "name": "CVE-2025-22818", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in S3Bubble S3Player – WooCommerce & Elementor Integration allows Stored XSS.This issue affects S3Player – WooCommerce & Elementor Integration: from n/a through 4.2.1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22818" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cb22eeb6-1d70-4295-9022-d8e4fd46e32e.json b/objects/vulnerability/vulnerability--cb22eeb6-1d70-4295-9022-d8e4fd46e32e.json new file mode 100644 index 0000000000..c58173fe84 --- /dev/null +++ b/objects/vulnerability/vulnerability--cb22eeb6-1d70-4295-9022-d8e4fd46e32e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1c8dafc7-1b8e-435d-948a-c878cf5e67e5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cb22eeb6-1d70-4295-9022-d8e4fd46e32e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.553694Z", + "modified": "2025-01-09T16:25:16.553694Z", + "name": "CVE-2025-22307", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeAstrology Team Product Table for WooCommerce allows Reflected XSS.This issue affects Product Table for WooCommerce: from n/a through 3.5.6.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22307" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d1b52d35-6b29-49cd-8c2b-38812b8bdde3.json b/objects/vulnerability/vulnerability--d1b52d35-6b29-49cd-8c2b-38812b8bdde3.json new file mode 100644 index 0000000000..f41062da71 --- /dev/null +++ b/objects/vulnerability/vulnerability--d1b52d35-6b29-49cd-8c2b-38812b8bdde3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--04bee3b7-d865-4928-bce6-f4d320adddd5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d1b52d35-6b29-49cd-8c2b-38812b8bdde3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.520799Z", + "modified": "2025-01-09T16:25:16.520799Z", + "name": "CVE-2025-22331", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in P3JX Cf7Save Extension allows Reflected XSS.This issue affects Cf7Save Extension: from n/a through 1.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22331" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ec33c991-741d-497a-90d5-77b619c0c1fc.json b/objects/vulnerability/vulnerability--ec33c991-741d-497a-90d5-77b619c0c1fc.json new file mode 100644 index 0000000000..66b3522da8 --- /dev/null +++ b/objects/vulnerability/vulnerability--ec33c991-741d-497a-90d5-77b619c0c1fc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c5c43afb-f5aa-417a-9491-d1d66f1a03b0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ec33c991-741d-497a-90d5-77b619c0c1fc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-09T16:25:16.508326Z", + "modified": "2025-01-09T16:25:16.508326Z", + "name": "CVE-2025-22809", + "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gravity Master PDF Catalog Woocommerce allows DOM-Based XSS.This issue affects PDF Catalog Woocommerce: from n/a through 2.0.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2025-22809" + } + ] + } + ] +} \ No newline at end of file