cvelist/2024/29xxx/CVE-2024-29126.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-29126",
        "ASSIGNER": "audit@patchstack.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile \u2013 Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile \u2013 Customize the mobile version without redirections: from n/a through 0.1.9.5.\n\n"
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        "cweId": "CWE-79"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Jose Mortellaro",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Specific Content For Mobile \u2013 Customize the mobile version without redirections",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "changes": [
                                                            {
                                                                "at": "0.1.9.6",
                                                                "status": "unaffected"
                                                            }
                                                        ],
                                                        "lessThanOrEqual": "0.1.9.5",
                                                        "status": "affected",
                                                        "version": "n/a",
                                                        "versionType": "custom"
                                                    }
                                                ],
                                                "defaultStatus": "unaffected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://patchstack.com/database/vulnerability/specific-content-for-mobile/wordpress-specific-content-for-mobile-plugin-0-1-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
                "refsource": "MISC",
                "name": "https://patchstack.com/database/vulnerability/specific-content-for-mobile/wordpress-specific-content-for-mobile-plugin-0-1-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "discovery": "EXTERNAL"
    },
    "solution": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "Update to 0.1.9.6 or a higher version."
                }
            ],
            "value": "Update to 0.1.9.6 or a higher version."
        }
    ],
    "credits": [
        {
            "lang": "en",
            "value": "thiennv (Patchstack Alliance)"
        }
    ],
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.1"
            }
        ]
    }
}
"-Synchronized-Data." 2024-04-01 20:47:49 +00:00			`{`
"-Synchronized-Data." 2024-04-02 15:11:54 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-04-01 20:47:49 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-29126",`
"-Synchronized-Data." 2024-04-02 15:11:54 +00:00			`"ASSIGNER": "audit@patchstack.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-04-01 20:47:49 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-04-02 15:11:54 +00:00			`"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile \u2013 Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile \u2013 Customize the mobile version without redirections: from n/a through 0.1.9.5.\n\n"`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",`
			`"cweId": "CWE-79"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Jose Mortellaro",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Specific Content For Mobile \u2013 Customize the mobile version without redirections",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"versions": [`
			`{`
			`"changes": [`
			`{`
			`"at": "0.1.9.6",`
			`"status": "unaffected"`
			`}`
			`],`
			`"lessThanOrEqual": "0.1.9.5",`
			`"status": "affected",`
			`"version": "n/a",`
			`"versionType": "custom"`
			`}`
			`],`
			`"defaultStatus": "unaffected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://patchstack.com/database/vulnerability/specific-content-for-mobile/wordpress-specific-content-for-mobile-plugin-0-1-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve",`
			`"refsource": "MISC",`
			`"name": "https://patchstack.com/database/vulnerability/specific-content-for-mobile/wordpress-specific-content-for-mobile-plugin-0-1-9-5-cross-site-scripting-xss-vulnerability?_s_id=cve"`
			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.1.0-dev"`
			`},`
			`"source": {`
			`"discovery": "EXTERNAL"`
			`},`
			`"solution": [`
			`{`
			`"lang": "en",`
			`"supportingMedia": [`
			`{`
			`"base64": false,`
			`"type": "text/html",`
			`"value": "Update to 0.1.9.6 or a higher version."`
			`}`
			`],`
			`"value": "Update to 0.1.9.6 or a higher version."`
			`}`
			`],`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "thiennv (Patchstack Alliance)"`
			`}`
			`],`
			`"impact": {`
			`"cvss": [`
			`{`
			`"attackComplexity": "LOW",`
			`"attackVector": "NETWORK",`
			`"availabilityImpact": "LOW",`
			`"baseScore": 7.1,`
			`"baseSeverity": "HIGH",`
			`"confidentialityImpact": "LOW",`
			`"integrityImpact": "LOW",`
			`"privilegesRequired": "NONE",`
			`"scope": "CHANGED",`
			`"userInteraction": "REQUIRED",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",`
			`"version": "3.1"`
"-Synchronized-Data." 2024-04-01 20:47:49 +00:00			`}`
			`]`
			`}`
			`}`