Auto-Update: 2025-02-15T15:00:19.737645+00:00

2025-07-11 16:13:34 +00:00 · 2025-02-15 15:03:47 +00:00 · 2025-02-15 15:03:47 +00:00 · 01438f655a
commit 01438f655a
parent 8fb915cf03
3 changed files with 78 additions and 12 deletions
--- a/CVE-2025/CVE-2025-08xx/CVE-2025-0822.json
+++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0822.json
@ -0,0 +1,68 @@
+{
+  "id": "CVE-2025-0822",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-02-15T13:15:28.847",
+  "lastModified": "2025-02-15T13:15:28.847",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-23"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/bit-assist/tags/1.5.2/backend/app/HTTP/Controllers/DownloadController.php#L65",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3239816/#file3",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/bit-assist/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de9b0eba-5d2b-427c-a199-88bf96c26f5e?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-02-15T13:00:19.830231+00:00
+2025-02-15T15:00:19.737645+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-02-15T12:15:30.610000+00:00
+2025-02-15T13:15:28.847000+00:00
 ```

 ### Last Data Feed Release
@ -33,17 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-281469
+281470
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `4`
+Recently added CVEs: `1`

- [CVE-2024-10581](CVE-2024/CVE-2024-105xx/CVE-2024-10581.json) (`2025-02-15T12:15:28.900`)
- [CVE-2024-13439](CVE-2024/CVE-2024-134xx/CVE-2024-13439.json) (`2025-02-15T12:15:30.300`)
- [CVE-2024-13488](CVE-2024/CVE-2024-134xx/CVE-2024-13488.json) (`2025-02-15T12:15:30.457`)
- [CVE-2024-13500](CVE-2024/CVE-2024-135xx/CVE-2024-13500.json) (`2025-02-15T12:15:30.610`)
+- [CVE-2025-0822](CVE-2025/CVE-2025-08xx/CVE-2025-0822.json) (`2025-02-15T13:15:28.847`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -243979,7 +243979,7 @@ CVE-2024-10578,0,0,66b31bc67aa640c7022b6e2ee0c03a146109396c96bb5c10ab825d27d5228
 CVE-2024-10579,0,0,0ae238994e7d51b528cae9d23ed2fa2f0db4469de9914be8d05ed1f76a7dac58,2024-11-26T11:21:58.330000
 CVE-2024-1058,0,0,a4bfa26fce255a08c4a0bcd9ca820b184d439ad79e86816be9e12748d1d66b41,2025-01-19T02:44:46.970000
 CVE-2024-10580,0,0,7cbec3926b1e0a5918766b8a0adb238fb5e9aded2f47a47f3fe18631e2f40ea4,2024-11-27T07:15:07.920000
-CVE-2024-10581,1,1,6b8ded2f1039861738643b6432a9c6272cb84b4b27b58e7985bc8b41a469309e,2025-02-15T12:15:28.900000
+CVE-2024-10581,0,0,6b8ded2f1039861738643b6432a9c6272cb84b4b27b58e7985bc8b41a469309e,2025-02-15T12:15:28.900000
 CVE-2024-10582,0,0,081ced1e3bee3a0a102c94bdff81bc48301372e830a54bd85e35429dcce93b3b,2024-11-19T21:17:53.003000
 CVE-2024-10583,0,0,2dd8fa86d783214098b78ecf15207bb297f91c4a4766bbf054ba7ce346e63980,2024-12-12T07:15:05.570000
 CVE-2024-10584,0,0,884bde099e6baaab8d72bf2690b23c625dcbcb424035217f134401aa3c174ba2,2024-12-24T11:15:05.670000
@ -246523,7 +246523,7 @@ CVE-2024-13433,0,0,2a9d89514e9ca62330f67417cbd4f0a14554f70d781af736185219d7398dc
 CVE-2024-13434,0,0,292fbae0324c9bc0e0a4304860c64d8e4dabea0f0444b12419bd12eebd083320,2025-01-17T05:15:09.290000
 CVE-2024-13435,0,0,6836fa547d4932c702deb0657bdaa23c9b9d93c4dd8c924aedac3276df2cc3ed,2025-02-12T15:15:13.093000
 CVE-2024-13437,0,0,503d6adff5da567fee536ffb324a5ccc786c3d759f53a9923743108aaa32218f,2025-02-12T10:15:10.920000
-CVE-2024-13439,1,1,9977a2cc02f20b148bdbeb2cb70da6b957cfc1fa7b049bde9614c22678a6305a,2025-02-15T12:15:30.300000
+CVE-2024-13439,0,0,9977a2cc02f20b148bdbeb2cb70da6b957cfc1fa7b049bde9614c22678a6305a,2025-02-15T12:15:30.300000
 CVE-2024-1344,0,0,3c7e3680ada5d2af6c947ff7713f6316fa39154980892782020553f5d0042cd7,2024-11-21T08:50:22.543000
 CVE-2024-13440,0,0,5766e7a438a8e4269354aacca2cf4360d814b2b0ba936161bc318042a1e4abc8,2025-02-13T17:17:19.413000
 CVE-2024-13441,0,0,c4feb7fa45e58abcf7c01d5df380ea3f267be46791773adc8606a649a8a16fa9,2025-02-04T19:37:08.100000
@ -246554,7 +246554,7 @@ CVE-2024-1348,0,0,1859f4ea1d00e7386fbff1ae86e38e3076d8135556fc20b2256d2f026d7287
 CVE-2024-13480,0,0,d49c8370e7e39b031003ed9c57a49bfdefc2c8a040e71164a34ff996e4336b26,2025-02-12T12:15:28.840000
 CVE-2024-13484,0,0,4fd55912c77d8dadbebe472ff2c71e4e3fb03970b04450aedc08c21b110060a9,2025-02-12T17:15:23.177000
 CVE-2024-13487,0,0,e42f90a861119fddb567fba0eb7966e50fcc402fe16882839f676096df9b809f,2025-02-06T15:15:12.660000
-CVE-2024-13488,1,1,4b8066bce6198329d93f932502dadbbf2e639dfefb1f2df4c60df4f085c6e1e4,2025-02-15T12:15:30.457000
+CVE-2024-13488,0,0,4b8066bce6198329d93f932502dadbbf2e639dfefb1f2df4c60df4f085c6e1e4,2025-02-15T12:15:30.457000
 CVE-2024-1349,0,0,8b85fafe827f099aa626e71779ca220a8bf1ec034e9ea4e44b28a687cd219e20,2024-12-31T17:15:36.763000
 CVE-2024-13490,0,0,61b1110e3ea573589f69702404cb2c4dc6b4f345244280cfa5a3ba73763f2bda,2025-02-12T10:15:11.973000
 CVE-2024-13492,0,0,b366a1d0934eccf698617fb1fc1f766d6bf66d42fc2eb6cd7208ba290ff487ca,2025-02-07T16:15:36.123000
@ -246563,7 +246563,7 @@ CVE-2024-13495,0,0,7a8bc062291cac2ab3dfb8a0fb7feeecd31abf131df44b7d6a18b1140227b
 CVE-2024-13496,0,0,192a8533534e044b339576d96e9cea7e19a2bbd248a7b183889cec35656a4f79,2025-01-24T20:45:57.463000
 CVE-2024-13499,0,0,6d635dc5b8c51f2804fa43df8b3beb018f4524a3b4ba54f25865b62cf92ed7dc,2025-01-24T20:37:12.533000
 CVE-2024-1350,0,0,ce11ba75737d3c0dc14aea45038ee6ef39f1db647d13879ee3f248d09a81697f,2024-11-21T08:50:23.313000
-CVE-2024-13500,1,1,0c429174cca57ae83685b1f496a3cf42bd0c51ad39e20a565f4f68cce4f1c5cf,2025-02-15T12:15:30.610000
+CVE-2024-13500,0,0,0c429174cca57ae83685b1f496a3cf42bd0c51ad39e20a565f4f68cce4f1c5cf,2025-02-15T12:15:30.610000
 CVE-2024-13502,0,0,b6bd5e7a8ccd125fd10c3c602ef666035a1824dda1c710321e34fb9d3259b3fe,2025-01-17T14:15:31.147000
 CVE-2024-13503,0,0,ffb0135326ea2a3ea18800ce3bd83bc523a9e303f03b2acc60a1815003b2400e,2025-01-17T14:15:31.317000
 CVE-2024-13504,0,0,65d5eda0db4362f31390d7f75ebf33f34fcbb67dce33bcab3e8868827236c840,2025-01-31T06:15:29.603000
@ -279047,6 +279047,7 @@ CVE-2025-0814,0,0,bfe2f7915210b62a55466da59b48e0bda396f9dfcd76c355bd6412d0b71073
 CVE-2025-0815,0,0,056c1ef757b2472b9fcd0969895cef9bf85847763cf4a093e3c2d6a037ca855e,2025-02-13T07:15:11.160000
 CVE-2025-0816,0,0,533bc9602517837c7cfc50eaffd15d88f401c009bd48fd94c44340c6f53905a3,2025-02-13T07:15:11.353000
 CVE-2025-0821,0,0,eef623ecbc4f931b67c977737dbf8b956ec963ba6d7dfab149142eb36bc3e525,2025-02-14T11:15:10.230000
+CVE-2025-0822,1,1,19eb63234ef431f63c50ebd89131653cdb608481cafa3dc46ad8d59b634f7d92,2025-02-15T13:15:28.847000
 CVE-2025-0825,0,0,7f81ca19fb96d77c0731181ff23092e49d4e8a157f0a8fa4a0ca13f53bda7923,2025-02-04T15:15:19.420000
 CVE-2025-0834,0,0,239a6f08c2db88ce57ab64c699932d200eff33712703b8a8f00d02b01207348f,2025-01-30T09:15:09.703000
 CVE-2025-0837,0,0,2dd7973af6fce81a46dfa76902f2b5db7d3debf86d7a4a86f2d7e2515d71ea0b,2025-02-13T05:15:14.623000