From 9a361bc9c711fd4dfe927939ae34eb690f61a4b9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sat, 26 Apr 2025 09:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13812.json | 76 ++++++++++++++++++++++++++++++++-- 2025/2xxx/CVE-2025-2101.json | 76 ++++++++++++++++++++++++++++++++-- 2025/3xxx/CVE-2025-3984.json | 18 ++++++++ 2025/3xxx/CVE-2025-3985.json | 18 ++++++++ 2025/3xxx/CVE-2025-3986.json | 18 ++++++++ 2025/3xxx/CVE-2025-3987.json | 18 ++++++++ 2025/3xxx/CVE-2025-3988.json | 18 ++++++++ 2025/3xxx/CVE-2025-3989.json | 18 ++++++++ 2025/3xxx/CVE-2025-3990.json | 18 ++++++++ 2025/3xxx/CVE-2025-3991.json | 18 ++++++++ 2025/3xxx/CVE-2025-3992.json | 18 ++++++++ 2025/3xxx/CVE-2025-3993.json | 18 ++++++++ 2025/3xxx/CVE-2025-3994.json | 18 ++++++++ 2025/3xxx/CVE-2025-3995.json | 18 ++++++++ 2025/3xxx/CVE-2025-3996.json | 18 ++++++++ 2025/3xxx/CVE-2025-3997.json | 18 ++++++++ 2025/3xxx/CVE-2025-3998.json | 18 ++++++++ 2025/3xxx/CVE-2025-3999.json | 18 ++++++++ 2025/4xxx/CVE-2025-4000.json | 18 ++++++++ 2025/4xxx/CVE-2025-4001.json | 18 ++++++++ 2025/4xxx/CVE-2025-4002.json | 18 ++++++++ 2025/4xxx/CVE-2025-4003.json | 18 ++++++++ 22 files changed, 504 insertions(+), 8 deletions(-) create mode 100644 2025/3xxx/CVE-2025-3984.json create mode 100644 2025/3xxx/CVE-2025-3985.json create mode 100644 2025/3xxx/CVE-2025-3986.json create mode 100644 2025/3xxx/CVE-2025-3987.json create mode 100644 2025/3xxx/CVE-2025-3988.json create mode 100644 2025/3xxx/CVE-2025-3989.json create mode 100644 2025/3xxx/CVE-2025-3990.json create mode 100644 2025/3xxx/CVE-2025-3991.json create mode 100644 2025/3xxx/CVE-2025-3992.json create mode 100644 2025/3xxx/CVE-2025-3993.json create mode 100644 2025/3xxx/CVE-2025-3994.json create mode 100644 2025/3xxx/CVE-2025-3995.json create mode 100644 2025/3xxx/CVE-2025-3996.json create mode 100644 2025/3xxx/CVE-2025-3997.json create mode 100644 2025/3xxx/CVE-2025-3998.json create mode 100644 2025/3xxx/CVE-2025-3999.json create mode 100644 2025/4xxx/CVE-2025-4000.json create mode 100644 2025/4xxx/CVE-2025-4001.json create mode 100644 2025/4xxx/CVE-2025-4002.json create mode 100644 2025/4xxx/CVE-2025-4003.json diff --git a/2024/13xxx/CVE-2024-13812.json b/2024/13xxx/CVE-2024-13812.json index ebc8a714570..9d71733a4c8 100644 --- a/2024/13xxx/CVE-2024-13812.json +++ b/2024/13xxx/CVE-2024-13812.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-13812", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.1.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Anps", + "product": { + "product_data": [ + { + "product_name": "Anps Theme plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5349096b-4897-4019-9eba-a959a42f03f0?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5349096b-4897-4019-9eba-a959a42f03f0?source=cve" + }, + { + "url": "https://anpsthemes.com/", + "refsource": "MISC", + "name": "https://anpsthemes.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Lucio S\u00e1" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2025/2xxx/CVE-2025-2101.json b/2025/2xxx/CVE-2025-2101.json index 12a11ec27f9..44f63391a59 100644 --- a/2025/2xxx/CVE-2025-2101.json +++ b/2025/2xxx/CVE-2025-2101.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2101", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumall_lazy_load_template' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", + "cweId": "CWE-98" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ThemeMove", + "product": { + "product_data": [ + { + "product_name": "EduMall - Professional LMS Education Center WordPress Theme", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.2.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a4a0c26-6b7b-4dcf-a266-a6548431e6a8?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7a4a0c26-6b7b-4dcf-a266-a6548431e6a8?source=cve" + }, + { + "url": "https://changelog.thememove.com/edumall/", + "refsource": "MISC", + "name": "https://changelog.thememove.com/edumall/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Tonn" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH" } ] } diff --git a/2025/3xxx/CVE-2025-3984.json b/2025/3xxx/CVE-2025-3984.json new file mode 100644 index 00000000000..d26380f68ca --- /dev/null +++ b/2025/3xxx/CVE-2025-3984.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3984", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3985.json b/2025/3xxx/CVE-2025-3985.json new file mode 100644 index 00000000000..513098dc37a --- /dev/null +++ b/2025/3xxx/CVE-2025-3985.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3985", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3986.json b/2025/3xxx/CVE-2025-3986.json new file mode 100644 index 00000000000..4c92d4bf8d7 --- /dev/null +++ b/2025/3xxx/CVE-2025-3986.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3986", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3987.json b/2025/3xxx/CVE-2025-3987.json new file mode 100644 index 00000000000..ca072fb0049 --- /dev/null +++ b/2025/3xxx/CVE-2025-3987.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3987", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3988.json b/2025/3xxx/CVE-2025-3988.json new file mode 100644 index 00000000000..1056f890696 --- /dev/null +++ b/2025/3xxx/CVE-2025-3988.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3988", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3989.json b/2025/3xxx/CVE-2025-3989.json new file mode 100644 index 00000000000..d50e988b450 --- /dev/null +++ b/2025/3xxx/CVE-2025-3989.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3989", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3990.json b/2025/3xxx/CVE-2025-3990.json new file mode 100644 index 00000000000..6544cd33dec --- /dev/null +++ b/2025/3xxx/CVE-2025-3990.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3990", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3991.json b/2025/3xxx/CVE-2025-3991.json new file mode 100644 index 00000000000..92d5af0193e --- /dev/null +++ b/2025/3xxx/CVE-2025-3991.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3991", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3992.json b/2025/3xxx/CVE-2025-3992.json new file mode 100644 index 00000000000..e0839ad5ba1 --- /dev/null +++ b/2025/3xxx/CVE-2025-3992.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3992", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3993.json b/2025/3xxx/CVE-2025-3993.json new file mode 100644 index 00000000000..4784faf57ef --- /dev/null +++ b/2025/3xxx/CVE-2025-3993.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3993", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3994.json b/2025/3xxx/CVE-2025-3994.json new file mode 100644 index 00000000000..65ac4e9b09b --- /dev/null +++ b/2025/3xxx/CVE-2025-3994.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3994", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3995.json b/2025/3xxx/CVE-2025-3995.json new file mode 100644 index 00000000000..990db197582 --- /dev/null +++ b/2025/3xxx/CVE-2025-3995.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3995", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3996.json b/2025/3xxx/CVE-2025-3996.json new file mode 100644 index 00000000000..c959eda1736 --- /dev/null +++ b/2025/3xxx/CVE-2025-3996.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3996", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3997.json b/2025/3xxx/CVE-2025-3997.json new file mode 100644 index 00000000000..ae7738b8679 --- /dev/null +++ b/2025/3xxx/CVE-2025-3997.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3997", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3998.json b/2025/3xxx/CVE-2025-3998.json new file mode 100644 index 00000000000..b16fb42162a --- /dev/null +++ b/2025/3xxx/CVE-2025-3998.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3998", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3999.json b/2025/3xxx/CVE-2025-3999.json new file mode 100644 index 00000000000..e392e3c8249 --- /dev/null +++ b/2025/3xxx/CVE-2025-3999.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3999", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4000.json b/2025/4xxx/CVE-2025-4000.json new file mode 100644 index 00000000000..eed9d200caa --- /dev/null +++ b/2025/4xxx/CVE-2025-4000.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4000", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4001.json b/2025/4xxx/CVE-2025-4001.json new file mode 100644 index 00000000000..00d656f1295 --- /dev/null +++ b/2025/4xxx/CVE-2025-4001.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4001", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4002.json b/2025/4xxx/CVE-2025-4002.json new file mode 100644 index 00000000000..74d28ab2cf1 --- /dev/null +++ b/2025/4xxx/CVE-2025-4002.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4002", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4003.json b/2025/4xxx/CVE-2025-4003.json new file mode 100644 index 00000000000..92ae27c97c9 --- /dev/null +++ b/2025/4xxx/CVE-2025-4003.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4003", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file