mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-07 21:47:16 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
a46df89d36
commit
69170aa78e
@ -1,17 +1,120 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2025-5096",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "security@wordfence.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the 'data-caption', 'data-s-content-padding', 'data-s-title', and 'data-footer' data-attributes in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
|
||||
"cweId": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "tobiasbg",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "TablePress \u2013 Tables in WordPress made easy",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<=",
|
||||
"version_name": "*",
|
||||
"version_value": "3.1.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd2dfa02-0404-4300-a5ed-6326f9df6d30?source=cve",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd2dfa02-0404-4300-a5ed-6326f9df6d30?source=cve"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/tablepress/tags/3.1.2/js/jquery.datatables.min.js",
|
||||
"refsource": "MISC",
|
||||
"name": "https://plugins.trac.wordpress.org/browser/tablepress/tags/3.1.2/js/jquery.datatables.min.js"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/DataTables/DataTablesSrc/blob/29539c40504365bc4be0599e4b0739cf270a2e09/js/core/core.constructor.js#L329",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/DataTables/DataTablesSrc/blob/29539c40504365bc4be0599e4b0739cf270a2e09/js/core/core.constructor.js#L329"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/plugins/tablepress/#developers",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/plugins/tablepress/#developers"
|
||||
},
|
||||
{
|
||||
"url": "https://datatables.net/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://datatables.net/"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/DataTables/DataTablesSrc/commit/d278ed307035cb8740d2fad86b7cbb995380f7bb",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/DataTables/DataTablesSrc/commit/d278ed307035cb8740d2fad86b7cbb995380f7bb"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/DataTables/DataTablesSrc/commit/d558328106bef2d48dfc4cf78581dd106f5c1077",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/DataTables/DataTablesSrc/commit/d558328106bef2d48dfc4cf78581dd106f5c1077"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3298453/tablepress",
|
||||
"refsource": "MISC",
|
||||
"name": "https://plugins.trac.wordpress.org/changeset/3298453/tablepress"
|
||||
},
|
||||
{
|
||||
"url": "https://tablepress.org/release-announcement-tablepress-3-1-3/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://tablepress.org/release-announcement-tablepress-3-1-3/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Asaf Mozes"
|
||||
}
|
||||
],
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
|
||||
"baseScore": 6.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
18
2025/5xxx/CVE-2025-5115.json
Normal file
18
2025/5xxx/CVE-2025-5115.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2025-5115",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user