From 2829e55599537d41a04dd9e0d0f0773df30b8937 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 23 May 2024 06:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/2xxx/CVE-2024-2220.json | 81 ++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3594.json | 81 ++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3626.json | 85 +++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3711.json | 80 ++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3917.json | 81 ++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3918.json | 81 ++++++++++++++++++++++++++-- 2024/3xxx/CVE-2024-3920.json | 81 ++++++++++++++++++++++++++-- 2024/4xxx/CVE-2024-4347.json | 80 ++++++++++++++++++++++++++-- 2024/4xxx/CVE-2024-4388.json | 81 ++++++++++++++++++++++++++-- 2024/4xxx/CVE-2024-4399.json | 81 ++++++++++++++++++++++++++-- 2024/5xxx/CVE-2024-5177.json | 80 ++++++++++++++++++++++++++-- 2024/5xxx/CVE-2024-5236.json | 100 +++++++++++++++++++++++++++++++++-- 2024/5xxx/CVE-2024-5237.json | 100 +++++++++++++++++++++++++++++++++-- 2024/5xxx/CVE-2024-5238.json | 100 +++++++++++++++++++++++++++++++++-- 14 files changed, 1129 insertions(+), 63 deletions(-) diff --git a/2024/2xxx/CVE-2024-2220.json b/2024/2xxx/CVE-2024-2220.json index 9449028c4a2..4fba7c62abf 100644 --- a/2024/2xxx/CVE-2024-2220.json +++ b/2024/2xxx/CVE-2024-2220.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-2220", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Button contact VR WordPress plugin through 4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Button contact VR", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "4.7" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/fe8c001e-8880-4570-b010-a41fc8ee0c58/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/fe8c001e-8880-4570-b010-a41fc8ee0c58/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Dmitrii Ignatyev" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3594.json b/2024/3xxx/CVE-2024-3594.json index e73850c8370..67659c8a08d 100644 --- a/2024/3xxx/CVE-2024-3594.json +++ b/2024/3xxx/CVE-2024-3594.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3594", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The IDonate WordPress plugin through 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "IDonate ", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.9.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/7a8a834a-e5d7-4678-9d35-4390d1200437/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/7a8a834a-e5d7-4678-9d35-4390d1200437/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Laburity Research Team" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3626.json b/2024/3xxx/CVE-2024-3626.json index 5d6127bf4b8..0fdeabc606b 100644 --- a/2024/3xxx/CVE-2024-3626.json +++ b/2024/3xxx/CVE-2024-3626.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3626", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content function in all versions up to, and including, 5.7.17. This makes it possible for authenticated attackers, with subscriber access and above, to obtain the contents of private and password-protected posts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "icegram", + "product": { + "product_data": [ + { + "product_name": "Email Subscribers by Icegram Express \u2013 Email Marketing, Newsletters, Automation for WordPress & WooCommerce", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "5.7.17" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a56e621-2508-4500-b865-4d5e4463b91a?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a56e621-2508-4500-b865-4d5e4463b91a?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/email-subscribers/trunk/lite/includes/class-email-subscribers.php#L1063", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/email-subscribers/trunk/lite/includes/class-email-subscribers.php#L1063" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/email-subscribers/trunk/lite/admin/class-email-subscribers-admin.php#L849", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/email-subscribers/trunk/lite/admin/class-email-subscribers-admin.php#L849" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3072302%40email-subscribers%2Ftrunk&old=3069441%40email-subscribers%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3072302%40email-subscribers%2Ftrunk&old=3069441%40email-subscribers%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Thura Moe Myint" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/3xxx/CVE-2024-3711.json b/2024/3xxx/CVE-2024-3711.json index eb13adc2f84..45a1ff8e0ba 100644 --- a/2024/3xxx/CVE-2024-3711.json +++ b/2024/3xxx/CVE-2024-3711.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3711", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to unauthorized plugin setting update due to a missing capability check on the functions action_request_disable, action_change_template, and action_request_enable in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with contributor access or above, to enable/disable the Brizy editor and modify the template used." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "themefusecom", + "product": { + "product_data": [ + { + "product_name": "Brizy \u2013 Page Builder", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "2.4.43" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7092ce4a-bad9-4426-b94e-d9d688344272?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7092ce4a-bad9-4426-b94e-d9d688344272?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/admin/main.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/brizy/trunk/admin/main.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Lucio S\u00e1" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/3xxx/CVE-2024-3917.json b/2024/3xxx/CVE-2024-3917.json index 6fcb69ac7b6..bd169779a52 100644 --- a/2024/3xxx/CVE-2024-3917.json +++ b/2024/3xxx/CVE-2024-3917.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3917", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Pet Manager WordPress plugin through 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Pet Manager", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.4" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/88162016-9fc7-4194-9e81-44c50991f6e9/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/88162016-9fc7-4194-9e81-44c50991f6e9/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Bob Matyas" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3918.json b/2024/3xxx/CVE-2024-3918.json index 248ac046772..3a28b13888c 100644 --- a/2024/3xxx/CVE-2024-3918.json +++ b/2024/3xxx/CVE-2024-3918.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3918", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Pet Manager WordPress plugin through 1.4 does not sanitise and escape some of its Pet settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Pet Manager", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.4" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/2074d0f5-4165-4130-9391-37cb21e8aa1b/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/2074d0f5-4165-4130-9391-37cb21e8aa1b/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Bob Matyas" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/3xxx/CVE-2024-3920.json b/2024/3xxx/CVE-2024-3920.json index 41fad2db226..1c7bec1a646 100644 --- a/2024/3xxx/CVE-2024-3920.json +++ b/2024/3xxx/CVE-2024-3920.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-3920", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Flattr WordPress plugin through 1.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Flattr", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.2.2" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/2fb28c77-3c35-4a2f-91ed-823d0d011048/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/2fb28c77-3c35-4a2f-91ed-823d0d011048/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Bob Matyas" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4347.json b/2024/4xxx/CVE-2024-4347.json index c1d5ec284c7..90eda8e389a 100644 --- a/2024/4xxx/CVE-2024-4347.json +++ b/2024/4xxx/CVE-2024-4347.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4347", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Fastest Cache plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.6 via the specificDeleteCache function. This makes it possible for authenticated attackers to delete arbitrary files on the server, which can include wp-config.php files of the affected site or other sites in a shared hosting environment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "emrevona", + "product": { + "product_data": [ + { + "product_name": "WP Fastest Cache", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.2.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/634d4062-7004-4e89-89a8-323c939aae93?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/634d4062-7004-4e89-89a8-323c939aae93?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wp-fastest-cache/trunk/wpFastestCache.php#L1342", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wp-fastest-cache/trunk/wpFastestCache.php#L1342" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3089597%40wp-fastest-cache%2Ftrunk&old=3081797%40wp-fastest-cache%2Ftrunk&sfp_email=&sfph_mail=#file1", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3089597%40wp-fastest-cache%2Ftrunk&old=3081797%40wp-fastest-cache%2Ftrunk&sfp_email=&sfph_mail=#file1" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Khayal Farzaliyev" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] } diff --git a/2024/4xxx/CVE-2024-4388.json b/2024/4xxx/CVE-2024-4388.json index 149ae6e65f2..d8a0762849d 100644 --- a/2024/4xxx/CVE-2024-4388.json +++ b/2024/4xxx/CVE-2024-4388.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4388", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "cas", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.0.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/5c791747-f60a-40a7-94fd-e4b9bb5ea2b0/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/5c791747-f60a-40a7-94fd-e4b9bb5ea2b0/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Aly Khaled Aly Abd Al-aal" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/4xxx/CVE-2024-4399.json b/2024/4xxx/CVE-2024-4399.json index 5da6f5f616f..e3c1be46a90 100644 --- a/2024/4xxx/CVE-2024-4399.json +++ b/2024/4xxx/CVE-2024-4399.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-4399", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-918 Server-Side Request Forgery (SSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "cas", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.0.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/0690327e-da60-4d71-8b3c-ac9533d82302/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/0690327e-da60-4d71-8b3c-ac9533d82302/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Aly Khaled Aly Abd Al-aal" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5177.json b/2024/5xxx/CVE-2024-5177.json index 1b0d7925273..9cadf10ae75 100644 --- a/2024/5xxx/CVE-2024-5177.json +++ b/2024/5xxx/CVE-2024-5177.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5177", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Hash Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' parameter within multiple widgets in all versions up to, and including, 1.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "hashthemes", + "product": { + "product_data": [ + { + "product_name": "Hash Elements", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.3.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9ba07137-f834-4f56-bcd5-0f6fde756681?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9ba07137-f834-4f56-bcd5-0f6fde756681?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/hash-elements/trunk/modules/news-module-one/widgets/news-module-one.php#L720", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/hash-elements/trunk/modules/news-module-one/widgets/news-module-one.php#L720" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3090981%40hash-elements%2Ftrunk&old=3089165%40hash-elements%2Ftrunk&sfp_email=&sfph_mail=#file18", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3090981%40hash-elements%2Ftrunk&old=3089165%40hash-elements%2Ftrunk&sfp_email=&sfph_mail=#file18" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Matthew Rollings" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/5xxx/CVE-2024-5236.json b/2024/5xxx/CVE-2024-5236.json index 329c6fa0fa8..39a1a7a878d 100644 --- a/2024/5xxx/CVE-2024-5236.json +++ b/2024/5xxx/CVE-2024-5236.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5236", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_salary_invoice1.php. The manipulation of the argument date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265987." + }, + { + "lang": "deu", + "value": "In Campcodes Complete Web-Based School Management System 1.0 wurde eine kritische Schwachstelle entdeckt. Betroffen ist eine unbekannte Verarbeitung der Datei /view/teacher_salary_invoice1.php. Durch das Manipulieren des Arguments date mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Complete Web-Based School Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.265987", + "refsource": "MISC", + "name": "https://vuldb.com/?id.265987" + }, + { + "url": "https://vuldb.com/?ctiid.265987", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.265987" + }, + { + "url": "https://vuldb.com/?submit.339812", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.339812" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2026.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2026.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/5xxx/CVE-2024-5237.json b/2024/5xxx/CVE-2024-5237.json index 297616fb81e..c30103178e5 100644 --- a/2024/5xxx/CVE-2024-5237.json +++ b/2024/5xxx/CVE-2024-5237.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5237", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /view/timetable_grade_wise.php. The manipulation of the argument grade leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265988." + }, + { + "lang": "deu", + "value": "Eine kritische Schwachstelle wurde in Campcodes Complete Web-Based School Management System 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /view/timetable_grade_wise.php. Durch Manipulieren des Arguments grade mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Complete Web-Based School Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.265988", + "refsource": "MISC", + "name": "https://vuldb.com/?id.265988" + }, + { + "url": "https://vuldb.com/?ctiid.265988", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.265988" + }, + { + "url": "https://vuldb.com/?submit.339813", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.339813" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2027.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2027.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/5xxx/CVE-2024-5238.json b/2024/5xxx/CVE-2024-5238.json index 6bf279c6364..ce62ac82b2e 100644 --- a/2024/5xxx/CVE-2024-5238.json +++ b/2024/5xxx/CVE-2024-5238.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5238", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/timetable_insert_form.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265989 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in Campcodes Complete Web-Based School Management System 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei /view/timetable_insert_form.php. Durch das Beeinflussen des Arguments grade mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Campcodes", + "product": { + "product_data": [ + { + "product_name": "Complete Web-Based School Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.265989", + "refsource": "MISC", + "name": "https://vuldb.com/?id.265989" + }, + { + "url": "https://vuldb.com/?ctiid.265989", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.265989" + }, + { + "url": "https://vuldb.com/?submit.339814", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.339814" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2028.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Web-Based%20School%20Management%20System%20-%20sql/Complete%20Web-Based%20School%20Management%20System%20-%20vuln%2028.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] }