Auto-Update: 2024-06-08T12:00:17.923794+00:00

2025-06-02 03:31:32 +00:00 · 2024-06-08 12:03:08 +00:00 · 2024-06-08 12:03:08 +00:00 · 04b2f62585
commit 04b2f62585
parent 5757879ddd
5 changed files with 177 additions and 8 deletions
--- a/CVE-2024/CVE-2024-357xx/CVE-2024-35753.json
+++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35753.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-35753",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2024-06-08T11:15:49.193",
+  "lastModified": "2024-06-08T11:15:49.193",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemplatesNext TemplatesNext OnePager allows Stored XSS.This issue affects TemplatesNext OnePager: from n/a through 1.3.3."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/templatesnext-onepager/wordpress-templatesnext-onepager-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-357xx/CVE-2024-35755.json
+++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35755.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-35755",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2024-06-08T11:15:49.780",
+  "lastModified": "2024-06-08T11:15:49.780",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in El tiempo Weather Widget Pro allows Stored XSS.This issue affects Weather Widget Pro: from n/a through 1.1.40."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/weather-in-any-city-widget/wordpress-weather-widget-pro-plugin-1-1-40-cross-site-scripting-xss-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-357xx/CVE-2024-35756.json
+++ b/CVE-2024/CVE-2024-357xx/CVE-2024-35756.json
@ -0,0 +1,55 @@
+{
+  "id": "CVE-2024-35756",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2024-06-08T11:15:50.007",
+  "lastModified": "2024-06-08T11:15:50.007",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CeiKay Tooltip CK tooltip-ck allows Stored XSS.This issue affects Tooltip CK: from n/a through 2.2.15."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.9,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.7,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/tooltip-ck/wordpress-tooltip-ck-plugin-2-2-15-cross-site-scripting-xss-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-08T10:00:17.990436+00:00
+2024-06-08T12:00:17.923794+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-08T09:15:09.420000+00:00
+2024-06-08T11:15:50.007000+00:00
 ```

 ### Last Data Feed Release
@ -33,15 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-253030
+253033
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `3`

- [CVE-2024-4468](CVE-2024/CVE-2024-44xx/CVE-2024-4468.json) (`2024-06-08T08:15:08.870`)
- [CVE-2024-5654](CVE-2024/CVE-2024-56xx/CVE-2024-5654.json) (`2024-06-08T09:15:09.420`)
+- [CVE-2024-35753](CVE-2024/CVE-2024-357xx/CVE-2024-35753.json) (`2024-06-08T11:15:49.193`)
+- [CVE-2024-35755](CVE-2024/CVE-2024-357xx/CVE-2024-35755.json) (`2024-06-08T11:15:49.780`)
+- [CVE-2024-35756](CVE-2024/CVE-2024-357xx/CVE-2024-35756.json) (`2024-06-08T11:15:50.007`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -251157,6 +251157,9 @@ CVE-2024-3572,0,0,fac7085e464e1d98d017bfc9635e53b969d9f55d28ae04030a557f0ab1b043
 CVE-2024-3573,0,0,f978306925f93ca64332932b6f5a09fb648fa8e8ad9d4b00bd427fd81ec82478,2024-04-16T13:24:07.103000
 CVE-2024-3574,0,0,a6cc99c8a389ea7db1c37fe05b40106752b73810cdac85caab18aeb26d6bc576,2024-04-16T13:24:07.103000
 CVE-2024-3575,0,0,59be73eca5c53cbbcf99414bd65c6b74b4dff22ff5983c2d091439c46f610b22,2024-04-16T13:24:07.103000
+CVE-2024-35753,1,1,d8ea54bb3de63681c830d87a5e3ae966e236ec4d04a6e569c34a9674aca5ed2f,2024-06-08T11:15:49.193000
+CVE-2024-35755,1,1,b90d8dbe1381b90363531c9931c16e892b0f999eba27224314b1b64f103dc4bc,2024-06-08T11:15:49.780000
+CVE-2024-35756,1,1,784141ebe086abedbfa21727ba51d60c64e728f0df0555f711b70d06e1a7fa25,2024-06-08T11:15:50.007000
 CVE-2024-3576,0,0,da3479f65547a923ac9b6fc5d4e01aab352d357f2ab0f89f14bd434e8562f642,2024-05-07T09:15:38.747000
 CVE-2024-35782,0,0,1a0373b5f1f7deeeedd7f390a32d36b4e5b6a7fa2bc73f703a0a9b8d71fdc6f1,2024-06-05T19:50:20.463000
 CVE-2024-35784,0,0,777c9d07d4e578c087e7dca5451415bcc43ec9a1a18957eb76a5068c9b97dba4,2024-05-17T18:35:35.070000
@ -252295,7 +252298,7 @@ CVE-2024-4461,0,0,ad05f4e37257e33f27f784f842f8dfa34f685ff06dd273bc6842a04c51c93b
 CVE-2024-4462,0,0,c8f7490df4b9ef7118fdef5b7ade6db6ae196f6576f8cec5720233f982c7a0b4,2024-06-04T16:57:41.053000
 CVE-2024-4463,0,0,aaa5b32073fcbc7160927d348961b4790302ca7b8c414e16cdb6cacefbfd98b3,2024-05-14T16:11:39.510000
 CVE-2024-4466,0,0,d6c981370b54d7938faad670495d8ca5b736025a1a2ded921b62354a18385ccc,2024-05-03T12:48:41.067000
-CVE-2024-4468,1,1,88cf66c715de98275f67dd40f9b724cb990e5cec123245ca018bd38c046dac1b,2024-06-08T08:15:08.870000
+CVE-2024-4468,0,0,88cf66c715de98275f67dd40f9b724cb990e5cec123245ca018bd38c046dac1b,2024-06-08T08:15:08.870000
 CVE-2024-4469,0,0,f3178a2eee38f00518ebe4258fe6dd45f453ef4ce408e801402017fce62c2cef,2024-05-31T13:01:46.727000
 CVE-2024-4470,0,0,a1486a2c35813e6b458e62c6cab3ba58a94b094bc9cbcdae130972a477a7e8d0,2024-05-21T12:37:59.687000
 CVE-2024-4471,0,0,9792233119a62c3ea240ba8e0af602c011f72a48705fdc1ef6f6e423f04dac09,2024-05-24T01:15:30.977000
@ -253013,7 +253016,7 @@ CVE-2024-5638,0,0,14725a3e450766c0d035ba6630a270f991f80531954e6b03d07a9f1bd74d25
 CVE-2024-5640,0,0,86163b3d741cee0a4e50ef8553f0c82f1f0c15bd48d022d2d250ef0f55c23f10,2024-06-07T14:56:05.647000
 CVE-2024-5645,0,0,c14f368d8ed33123f2e6f42b798410915cfa25d6cf41b8a76db4e578eb499f6a,2024-06-07T14:56:05.647000
 CVE-2024-5653,0,0,283076b6ccce08ae3d1ddf9d7f5983a839d66c80929543a8a527d0bfdf86a2f9,2024-06-06T14:17:35.017000
-CVE-2024-5654,1,1,1c5c8c767c1eccff3792ccaf6f0dd4c83f865591f1ab548f604635848d844b06,2024-06-08T09:15:09.420000
+CVE-2024-5654,0,0,1c5c8c767c1eccff3792ccaf6f0dd4c83f865591f1ab548f604635848d844b06,2024-06-08T09:15:09.420000
 CVE-2024-5656,0,0,adabf37f78545832b9e31783c044d8f042bfbaaca432946aa95ed82eb518777b,2024-06-06T14:17:35.017000
 CVE-2024-5657,0,0,b9899ab9d953b5e4a78b96db0691f3e8b536e92241286e49b6931592afb0dbef,2024-06-06T14:17:35.017000
 CVE-2024-5658,0,0,f9a4660898e79de730b34f0f4bc7034aff51985f481860d10ff11713ac36cafd,2024-06-06T14:17:35.017000