"-Synchronized-Data."

2025-05-06 10:41:46 +00:00 · 2025-04-15 07:00:32 +00:00 · 2025-04-15 07:00:32 +00:00 · c2cdfa40ad
commit c2cdfa40ad
parent 39501625df
2 changed files with 85 additions and 5 deletions
--- a/2024/13xxx/CVE-2024-13610.json
+++ b/2024/13xxx/CVE-2024-13610.json
@ -1,18 +1,80 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2024-13610",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "contact@wpscan.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The Simple Social Media Share Buttons  WordPress plugin before 6.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
            }
        ]
-    }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross-Site Scripting (XSS)"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Unknown",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Simple Social Media Share Buttons",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "0",
+                                            "version_value": "6.0.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://wpscan.com/vulnerability/85229528-1110-4d45-b972-8bbcba003a1f/",
+                "refsource": "MISC",
+                "name": "https://wpscan.com/vulnerability/85229528-1110-4d45-b972-8bbcba003a1f/"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "WPScan CVE Generator"
+    },
+    "source": {
+        "discovery": "EXTERNAL"
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "Krugov Artyom"
+        },
+        {
+            "lang": "en",
+            "value": "WPScan"
+        }
+    ]
 }
--- a/2025/3xxx/CVE-2025-3625.json
+++ b/2025/3xxx/CVE-2025-3625.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2025-3625",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}