diff --git a/2024/24xxx/CVE-2024-24680.json b/2024/24xxx/CVE-2024-24680.json index 3d44e745e34..2f0e88c0874 100644 --- a/2024/24xxx/CVE-2024-24680.json +++ b/2024/24xxx/CVE-2024-24680.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://www.djangoproject.com/weblog/2024/feb/06/security-releases/", "url": "https://www.djangoproject.com/weblog/2024/feb/06/security-releases/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-5c7fb64c74", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/" } ] } diff --git a/2024/26xxx/CVE-2024-26811.json b/2024/26xxx/CVE-2024-26811.json index 8e0499646ac..73e772085b4 100644 --- a/2024/26xxx/CVE-2024-26811.json +++ b/2024/26xxx/CVE-2024-26811.json @@ -110,6 +110,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RO3RO34MLQ6WT3A7O6STQUVXW43N6W3K/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RO3RO34MLQ6WT3A7O6STQUVXW43N6W3K/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG6L4FXO4WNWUM6W7USOH2YTRVWREM3V/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG6L4FXO4WNWUM6W7USOH2YTRVWREM3V/" } ] }, diff --git a/2024/27xxx/CVE-2024-27351.json b/2024/27xxx/CVE-2024-27351.json index ad54aa3cce1..882eeda9e9d 100644 --- a/2024/27xxx/CVE-2024-27351.json +++ b/2024/27xxx/CVE-2024-27351.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://www.djangoproject.com/weblog/2024/mar/04/security-releases/", "url": "https://www.djangoproject.com/weblog/2024/mar/04/security-releases/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-5c7fb64c74", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/" } ] } diff --git a/2024/2xxx/CVE-2024-2583.json b/2024/2xxx/CVE-2024-2583.json index 64e52a49b0f..8d6ede2a984 100644 --- a/2024/2xxx/CVE-2024-2583.json +++ b/2024/2xxx/CVE-2024-2583.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2583", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "7.0.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/98d8c713-e8cd-4fad-a8fb-7a40db2742a2/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/98d8c713-e8cd-4fad-a8fb-7a40db2742a2/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Dmitrii Ignatyev" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file