{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T10:14:03.143","vulnerabilities":[{"cve":{"id":"CVE-2025-24982","sourceIdentifier":"vultures@jpcert.or.jp","published":"2025-02-04T05:15:10.543","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery vulnerability exists in Activity Log WinterLock versions prior to 1.2.5. If a user views a malicious page while logged in, the log data may be deleted."},{"lang":"es","value":"La vulnerabilidad Cross-Site Request Forgery existe en las versiones de registro de actividad de WinterLock anteriores a la 1.2.5. Si un usuario ve una página maliciosa mientras está conectado, los datos del registro pueden eliminarse."}],"metrics":{"cvssMetricV30":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"vultures@jpcert.or.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN94806805/","source":"vultures@jpcert.or.jp"},{"url":"https://wordpress.org/plugins/winterlock/","source":"vultures@jpcert.or.jp"}]}}]}