"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2024-12-21 07:00:56 +00:00 · 2024-12-21 07:00:56 +00:00 · aea00188bd
commit aea00188bd
parent 2a4adfd43e
1 changed files with 80 additions and 5 deletions
--- a/2024/11xxx/CVE-2024-11607.json
+++ b/2024/11xxx/CVE-2024-11607.json
@ -1,18 +1,93 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2024-11607",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "contact@wpscan.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The GTPayment Donations WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack."
            }
        ]
-    }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross-Site Scripting (XSS)"
+                    }
+                ]
+            },
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-352 Cross-Site Request Forgery (CSRF)"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Unknown",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "GTPayment Donations",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "not down converted",
+                                            "x_cve_json_5_version_data": {
+                                                "versions": [
+                                                    {
+                                                        "status": "affected",
+                                                        "versionType": "semver",
+                                                        "version": "0",
+                                                        "lessThanOrEqual": "1.0.0"
+                                                    }
+                                                ],
+                                                "defaultStatus": "affected"
+                                            }
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://wpscan.com/vulnerability/132b5193-156b-40b8-b5c7-08646e1f6866/",
+                "refsource": "MISC",
+                "name": "https://wpscan.com/vulnerability/132b5193-156b-40b8-b5c7-08646e1f6866/"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "WPScan CVE Generator"
+    },
+    "source": {
+        "discovery": "EXTERNAL"
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "WPScan"
+        }
+    ]
 }