Skip to content

Commit 17685e6

Browse files
github-actions[bot]github-actions[bot]
committed
generated content from 2025-03-16
1 parent 0821cfa commit 17685e6

File tree

46 files changed

+1035
-0
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

46 files changed

+1035
-0
lines changed

mapping.csv

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -271183,3 +271183,48 @@ vulnerability,CVE-2023-48785,vulnerability--3953a2ec-fa0f-4c24-be77-9edc22a65de9
271183271183
vulnerability,CVE-2023-33300,vulnerability--6e9ff90b-0eee-4c65-85d7-00f21ffd63f0
271184271184
vulnerability,CVE-2023-45588,vulnerability--30fb609a-4161-4e1f-a7c6-0fbe5b2b7310
271185271185
vulnerability,CVE-2022-29059,vulnerability--acc6a71c-b7c0-4498-b4b5-4b70f313b117
271186+
vulnerability,CVE-2024-13847,vulnerability--b1410f58-429b-425f-bd03-545607c03af3
271187+
vulnerability,CVE-2024-13497,vulnerability--19e406a4-dd42-43ac-bdd9-f52af70a8e7e
271188+
vulnerability,CVE-2024-12336,vulnerability--d949782f-3c9a-4d29-b78a-639e79d5ce29
271189+
vulnerability,CVE-2025-27281,vulnerability--641509af-e8f9-4ed5-9dca-f924ef24ab07
271190+
vulnerability,CVE-2025-2323,vulnerability--4386fa17-e983-4fa7-b714-3a93afcc9db6
271191+
vulnerability,CVE-2025-2164,vulnerability--0123e939-43f6-43e6-9aa6-e7577679d92c
271192+
vulnerability,CVE-2025-2025,vulnerability--77621cd2-d4f7-45ab-8359-a5e402e8b6af
271193+
vulnerability,CVE-2025-2322,vulnerability--c65c238d-dd5a-45c6-85fb-1ab6ea352556
271194+
vulnerability,CVE-2025-2334,vulnerability--3129c2c1-f37c-44a6-a766-0b3b17e147a5
271195+
vulnerability,CVE-2025-2267,vulnerability--6ba260ce-a4a9-4cab-9751-bc9ae41c00a4
271196+
vulnerability,CVE-2025-2157,vulnerability--a72205fe-eadd-477e-b93d-2d1fb122ac4d
271197+
vulnerability,CVE-2025-2325,vulnerability--d9b82022-074b-47de-bfe5-a4c0eb7a4a49
271198+
vulnerability,CVE-2025-2321,vulnerability--7754839b-5456-4ca5-a671-d677c0ba7280
271199+
vulnerability,CVE-2025-2163,vulnerability--db2db0a5-c408-47df-a149-7e9116baa1f3
271200+
vulnerability,CVE-2025-26940,vulnerability--8a3e497f-b8e6-4e84-94cd-9e1399bfe539
271201+
vulnerability,CVE-2025-26961,vulnerability--ef5fad28-3225-4520-835b-c8f19d76b15a
271202+
vulnerability,CVE-2025-26886,vulnerability--eeaf3fce-e04b-445f-b620-1a29df0d99b4
271203+
vulnerability,CVE-2025-26875,vulnerability--f8961067-d0cf-4165-bd7f-15c47db57af0
271204+
vulnerability,CVE-2025-26548,vulnerability--a1c22a74-8dac-4eee-b1d3-7f45e3d3a15a
271205+
vulnerability,CVE-2025-26553,vulnerability--70bd1d9a-dd84-4721-8ade-c48ac4141e51
271206+
vulnerability,CVE-2025-26555,vulnerability--ba00c6ac-7602-48d2-aca0-3c6d4c1d4050
271207+
vulnerability,CVE-2025-26899,vulnerability--d2981137-7bb9-4072-8b24-cf9f2d0ae789
271208+
vulnerability,CVE-2025-26972,vulnerability--f6df3598-0a8a-44fd-a370-88c5d25d7948
271209+
vulnerability,CVE-2025-26921,vulnerability--dc1ba883-5437-4243-a071-00eb9cd93642
271210+
vulnerability,CVE-2025-26556,vulnerability--f335dc69-b049-47ea-a4fa-4c6c5f2718ec
271211+
vulnerability,CVE-2025-26969,vulnerability--7f89ff40-53da-43ef-b40e-869cfcdf2a08
271212+
vulnerability,CVE-2025-26978,vulnerability--2bd4bf01-4f3e-48f7-9917-b5e38c697de2
271213+
vulnerability,CVE-2025-26924,vulnerability--b0ec59c7-ca5f-4bf0-b775-abb3f1c13607
271214+
vulnerability,CVE-2025-26895,vulnerability--bd4fcc9d-ab5c-468a-bdb0-3df3e67af324
271215+
vulnerability,CVE-2025-26976,vulnerability--03a68319-213e-48f6-8104-4114cd06e699
271216+
vulnerability,CVE-2025-26554,vulnerability--a2d60dd9-6235-445a-9812-37e2c5ef55a2
271217+
vulnerability,CVE-2025-1773,vulnerability--73fff2c2-f424-4bc6-915c-4de19a867ffc
271218+
vulnerability,CVE-2025-1668,vulnerability--eeeab200-4e63-4e33-b679-13fbdf86213e
271219+
vulnerability,CVE-2025-1057,vulnerability--6b86e184-fca8-4ab2-a0cb-29d3b94258f7
271220+
vulnerability,CVE-2025-1669,vulnerability--8c9fb2cd-a0c7-4645-aaeb-da11b462e90c
271221+
vulnerability,CVE-2025-1667,vulnerability--b9ccae89-cb84-4c77-bdfc-c482a7fa6c04
271222+
vulnerability,CVE-2025-1530,vulnerability--75b67039-decc-4586-a9fa-a1e2219e5b8c
271223+
vulnerability,CVE-2025-1657,vulnerability--28b7d7ea-0d49-440c-b0d7-d33ab43c06eb
271224+
vulnerability,CVE-2025-1653,vulnerability--d5bcbdc3-3a8f-46ad-8335-0e6bbbec49e1
271225+
vulnerability,CVE-2025-1670,vulnerability--0964bcfc-3c38-411e-8ce3-440829ea7ed6
271226+
vulnerability,CVE-2025-1771,vulnerability--a6c9548e-4151-4860-99f3-5c73a5c8a8bb
271227+
vulnerability,CVE-2025-25225,vulnerability--4873a86d-a9a4-48f1-b539-68be220fa1f3
271228+
vulnerability,CVE-2025-30066,vulnerability--cffd765d-d1c4-4212-9a34-20e79a22bbe2
271229+
vulnerability,CVE-2025-23744,vulnerability--7815a707-a06a-4431-a32e-4667d40f7653
271230+
vulnerability,CVE-2019-25222,vulnerability--69b42acd-43bb-426c-b08c-92b059869df9

objects/vulnerability/vulnerability--0123e939-43f6-43e6-9aa6-e7577679d92c.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--5e044588-8eb5-4071-8b51-d854ed788b28",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--0123e939-43f6-43e6-9aa6-e7577679d92c",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.393125Z",
11+
"modified": "2025-03-16T00:24:00.393125Z",
12+
"name": "CVE-2025-2164",
13+
"description": "The pixelstats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post_id' and 'sortby' parameters in all versions up to, and including, 0.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-2164"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--03a68319-213e-48f6-8104-4114cd06e699.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--bb6f7e26-f1e8-476d-b4b5-e1c71a6f9ad2",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--03a68319-213e-48f6-8104-4114cd06e699",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.525926Z",
11+
"modified": "2025-03-16T00:24:00.525926Z",
12+
"name": "CVE-2025-26976",
13+
"description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.4.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-26976"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--0964bcfc-3c38-411e-8ce3-440829ea7ed6.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--b45b054e-9f75-4f3f-a587-b10bdf03db70",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--0964bcfc-3c38-411e-8ce3-440829ea7ed6",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.714449Z",
11+
"modified": "2025-03-16T00:24:00.714449Z",
12+
"name": "CVE-2025-1670",
13+
"description": "The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection via the 'cid' parameter in all versions up to, and including, 2.2.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Custom-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-1670"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--19e406a4-dd42-43ac-bdd9-f52af70a8e7e.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--9b01ad96-c0fb-4dbf-80b5-d0dab2fa777c",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--19e406a4-dd42-43ac-bdd9-f52af70a8e7e",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:23:54.701989Z",
11+
"modified": "2025-03-16T00:23:54.701989Z",
12+
"name": "CVE-2024-13497",
13+
"description": "The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via attachment uploads in all versions up to, and including, 8.0.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the uploaded file.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2024-13497"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--28b7d7ea-0d49-440c-b0d7-d33ab43c06eb.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--11ac12c1-7e46-4024-9cd7-4b0cad437167",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--28b7d7ea-0d49-440c-b0d7-d33ab43c06eb",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.706609Z",
11+
"modified": "2025-03-16T00:24:00.706609Z",
12+
"name": "CVE-2025-1657",
13+
"description": "The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stm_listing_ajax AJAX action in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to update post meta data and inject PHP Objects that may be unserialized.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-1657"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--2bd4bf01-4f3e-48f7-9917-b5e38c697de2.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--b81176e0-d036-4e66-86ad-60398e681cba",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--2bd4bf01-4f3e-48f7-9917-b5e38c697de2",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.520695Z",
11+
"modified": "2025-03-16T00:24:00.520695Z",
12+
"name": "CVE-2025-26978",
13+
"description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound FS Poster. This issue affects FS Poster: from n/a through 6.5.8.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-26978"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--3129c2c1-f37c-44a6-a766-0b3b17e147a5.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--d1516659-5aeb-4106-9e4c-4cd6919b34ca",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--3129c2c1-f37c-44a6-a766-0b3b17e147a5",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.401514Z",
11+
"modified": "2025-03-16T00:24:00.401514Z",
12+
"name": "CVE-2025-2334",
13+
"description": "A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-2334"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--4386fa17-e983-4fa7-b714-3a93afcc9db6.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--26d1b025-f7cb-469b-8325-4feb1b32b041",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--4386fa17-e983-4fa7-b714-3a93afcc9db6",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.391083Z",
11+
"modified": "2025-03-16T00:24:00.391083Z",
12+
"name": "CVE-2025-2323",
13+
"description": "A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been declared as problematic. This vulnerability affects the function updateQuestionCou of the file /api/mjkj-chat/chat/mng/update/questionCou of the component Number of Question Handler. The manipulation leads to enforcement of behavioral workflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-2323"
18+
}
19+
]
20+
}
21+
]
22+
}

objects/vulnerability/vulnerability--4873a86d-a9a4-48f1-b539-68be220fa1f3.json

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
{
2+
"type": "bundle",
3+
"id": "bundle--cd624f98-37a5-4b79-a1f3-9947c1349079",
4+
"objects": [
5+
{
6+
"type": "vulnerability",
7+
"spec_version": "2.1",
8+
"id": "vulnerability--4873a86d-a9a4-48f1-b539-68be220fa1f3",
9+
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
10+
"created": "2025-03-16T00:24:00.742763Z",
11+
"modified": "2025-03-16T00:24:00.742763Z",
12+
"name": "CVE-2025-25225",
13+
"description": "A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers (administrator) to escalate their privileges to Super Admin Permissions.",
14+
"external_references": [
15+
{
16+
"source_name": "cve",
17+
"external_id": "CVE-2025-25225"
18+
}
19+
]
20+
}
21+
]
22+
}

0 commit comments

Comments
 (0)