From 95092e0c123eeb5433286d61a06a77701182ff3a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 29 Oct 2024 10:00:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/10xxx/CVE-2024-10227.json | 86 +++++++++++++++++++++++-- 2024/10xxx/CVE-2024-10436.json | 86 +++++++++++++++++++++++-- 2024/10xxx/CVE-2024-10437.json | 81 +++++++++++++++++++++-- 2024/22xxx/CVE-2024-22066.json | 78 +++++++++++++++++++++-- 2024/4xxx/CVE-2024-4029.json | 2 +- 2024/50xxx/CVE-2024-50550.json | 113 +++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9376.json | 86 +++++++++++++++++++++++-- 7 files changed, 507 insertions(+), 25 deletions(-) diff --git a/2024/10xxx/CVE-2024-10227.json b/2024/10xxx/CVE-2024-10227.json index ab38aa7a07f..c53c656fbc2 100644 --- a/2024/10xxx/CVE-2024-10227.json +++ b/2024/10xxx/CVE-2024-10227.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-10227", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affiliate-toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atkp_product shortcode in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "cservit", + "product": { + "product_data": [ + { + "product_name": "affiliate-toolkit", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.6.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7f86568f-dcdd-44fb-905a-9c5474f56515?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7f86568f-dcdd-44fb-905a-9c5474f56515?source=cve" + }, + { + "url": "https://wordpress.org/plugins/affiliate-toolkit-starter/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/affiliate-toolkit-starter/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3174286/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3174286/" + }, + { + "url": "https://servit.dev/", + "refsource": "MISC", + "name": "https://servit.dev/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Peter Thaleikis" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/10xxx/CVE-2024-10436.json b/2024/10xxx/CVE-2024-10436.json index aa429b13872..66c9139caf3 100644 --- a/2024/10xxx/CVE-2024-10436.json +++ b/2024/10xxx/CVE-2024-10436.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-10436", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condition_value function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", + "cweId": "CWE-98" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpclever", + "product": { + "product_data": [ + { + "product_name": "WPC Smart Messages for WooCommerce", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fd87512-def0-4e59-aa2d-b166919474f3?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fd87512-def0-4e59-aa2d-b166919474f3?source=cve" + }, + { + "url": "https://wordpress.org/plugins/wpc-smart-messages/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wpc-smart-messages/" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wpc-smart-messages/tags/4.2.1/includes/class-backend.php#L418", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wpc-smart-messages/tags/4.2.1/includes/class-backend.php#L418" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3177426/wpc-smart-messages/trunk/includes/class-backend.php?contextall=1", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3177426/wpc-smart-messages/trunk/includes/class-backend.php?contextall=1" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Youcef Hamdani" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2024/10xxx/CVE-2024-10437.json b/2024/10xxx/CVE-2024-10437.json index dbef32fc245..f056c18581a 100644 --- a/2024/10xxx/CVE-2024-10437.json +++ b/2024/10xxx/CVE-2024-10437.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-10437", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajax_enable function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate or deactivate smart messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpclever", + "product": { + "product_data": [ + { + "product_name": "WPC Smart Messages for WooCommerce", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.2.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4acb4fda-0217-44b9-a85e-64807eb4a011?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4acb4fda-0217-44b9-a85e-64807eb4a011?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wpc-smart-messages/tags/4.2.1/includes/class-backend.php#L775", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wpc-smart-messages/tags/4.2.1/includes/class-backend.php#L775" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3177426/wpc-smart-messages/trunk/includes/class-backend.php?contextall=1", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3177426/wpc-smart-messages/trunk/includes/class-backend.php?contextall=1" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Francesco Carlucci" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/22xxx/CVE-2024-22066.json b/2024/22xxx/CVE-2024-22066.json index 6aa78c8052b..117b2bd3fe0 100644 --- a/2024/22xxx/CVE-2024-22066.json +++ b/2024/22xxx/CVE-2024-22066.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22066", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-294 Authentication Bypass by Capture-replay", + "cweId": "CWE-294" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ZTE", + "product": { + "product_data": [ + { + "product_name": "ZXR10 1800-2S", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "ZSRV2 V3.00.40" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1171513586716225590", + "refsource": "MISC", + "name": "https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1171513586716225590" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/4xxx/CVE-2024-4029.json b/2024/4xxx/CVE-2024-4029.json index d8bd9f79c51..a57a9a2f8e4 100644 --- a/2024/4xxx/CVE-2024-4029.json +++ b/2024/4xxx/CVE-2024-4029.json @@ -36,7 +36,7 @@ "product": { "product_data": [ { - "product_name": "Red Hat JBoss Enterprise Application Platform 7.1.0", + "product_name": "Red Hat JBoss Enterprise Application Platform 7", "version": { "version_data": [ { diff --git a/2024/50xxx/CVE-2024-50550.json b/2024/50xxx/CVE-2024-50550.json index 1fd9d39eaef..d87bcfa3b73 100644 --- a/2024/50xxx/CVE-2024-50550.json +++ b/2024/50xxx/CVE-2024-50550.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-50550", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-266: Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "LiteSpeed Technologies", + "product": { + "product_data": [ + { + "product_name": "LiteSpeed Cache", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "6.5.2", + "status": "unaffected" + } + ], + "lessThanOrEqual": "6.5.1", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-5-1-privilege-escalation-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 6.5.2 or a higher version." + } + ], + "value": "Update to 6.5.2 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "TaiYou (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/9xxx/CVE-2024-9376.json b/2024/9xxx/CVE-2024-9376.json index ae1ce9c9d47..bacf3f96104 100644 --- a/2024/9xxx/CVE-2024-9376.json +++ b/2024/9xxx/CVE-2024-9376.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9376", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Kata Plus \u2013 Addons for Elementor \u2013 Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "climaxthemes", + "product": { + "product_data": [ + { + "product_name": "Kata Plus \u2013 Addons for Elementor \u2013 Widgets, Extensions and Templates", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.4.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05c7267e-2e0c-48e9-bdaa-c8bc0b9ec8a6?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05c7267e-2e0c-48e9-bdaa-c8bc0b9ec8a6?source=cve" + }, + { + "url": "https://wordpress.org/plugins/kata-plus/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/kata-plus/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3174359/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3174359/" + }, + { + "url": "https://climaxthemes.com/kata/documentation/changelog/", + "refsource": "MISC", + "name": "https://climaxthemes.com/kata/documentation/changelog/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Francesco Carlucci" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] }