mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-07 11:07:05 +00:00
Auto-Update: 2024-06-06T16:00:44.365720+00:00
This commit is contained in:
cad-safe-bot
parent
84b1fcca06
commit
0b279bd0df
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-49927",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:11.373",
|
||||
"lastModified": "2024-06-05T19:15:11.373",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung, el procesador automotriz, el procesador port\u00e1til y el m\u00f3dem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300 y Exynos. Auto T5123. El software de banda base no verifica adecuadamente los tipos de formato especificados por el RRC. Esto puede provocar una falta de cifrado."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-49928",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:11.617",
|
||||
"lastModified": "2024-06-05T19:15:11.617",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitive information."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung, el procesador automotriz, el procesador port\u00e1til y el m\u00f3dem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300 y Exynos. Auto T5123. El software de banda base no verifica adecuadamente los estados especificados por el RRC. Esto puede dar lugar a la divulgaci\u00f3n de informaci\u00f3n confidencial."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-50803",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:11.700",
|
||||
"lastModified": "2024-06-05T19:15:11.700",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung, el procesador automotriz y el m\u00f3dem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, el m\u00f3dem 5123, el m\u00f3dem 5300 y el Auto T5123. El software de banda base no verifica adecuadamente la protecci\u00f3n de reproducci\u00f3n especificada por el m\u00f3dulo NAS (Non-Access-Stratum). Esto puede llevar a la denegaci\u00f3n del servicio."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-50804",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:11.900",
|
||||
"lastModified": "2024-06-05T19:15:11.900",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check format types specified by the NAS (Non-Access-Stratum) module. This can lead to bypass of authentication."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung, el procesador automotriz y el m\u00f3dem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, el m\u00f3dem 5123, el m\u00f3dem 5300 y el Auto T5123. El software de banda base no verifica correctamente los tipos de formato especificados por el m\u00f3dulo NAS (Non-Access-Stratum). Esto puede provocar que se omita la autenticaci\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-6956",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:52.377",
|
||||
"lastModified": "2024-06-06T02:15:52.377",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The EasyAzon \u2013 Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018easyazon-cloaking-locale\u2019 parameter in all versions up to, and including, 5.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento EasyAzon \u2013 Amazon Associates Affiliate Plugin para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro 'easyazon-cloaking-locale' en todas las versiones hasta la 5.1.0 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-6966",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:52.607",
|
||||
"lastModified": "2024-06-06T02:15:52.607",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/core_ajax.php file in all versions up to, and including, 9.5.20. This makes it possible for authenticated attackers, with subscriber access and above, to update and retrieve billing and bank details, update and reset the plugin's settings, and update languages as well as other lower-severity actions."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento The Moneytizer para WordPress es vulnerable al acceso no autorizado a datos, modificaci\u00f3n de datos y p\u00e9rdida de datos debido a una falta de verificaci\u00f3n de capacidad en m\u00faltiples funciones AJAX en el archivo /core/core_ajax.php en todas las versiones hasta, e incluyendo, 9.5.20. Esto hace posible que atacantes autenticados, con acceso de suscriptor y superior, actualicen y recuperen detalles bancarios y de facturaci\u00f3n, actualicen y restablezcan la configuraci\u00f3n del complemento y actualicen idiomas, as\u00ed como otras acciones de menor gravedad."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2023-6968",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:52.810",
|
||||
"lastModified": "2024-06-06T02:15:52.810",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.5.20. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to to update and retrieve billing and bank details, update and reset the plugin's settings, and update languages as well as other lower-severity actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento The Moneytizer para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 9.5.20 incluida. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en m\u00faltiples funciones AJAX. Esto hace posible que atacantes no autenticados actualicen y recuperen datos bancarios y de facturaci\u00f3n, actualicen y restablezcan la configuraci\u00f3n del complemento y actualicen idiomas, as\u00ed como otras acciones de menor gravedad a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-0910",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:53.010",
|
||||
"lastModified": "2024-06-06T02:15:53.010",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Restrict for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.6 due to improper restrictions on hidden data that make it accessible through the REST API. This makes it possible for unauthenticated attackers to extract potentially sensitive data from post content."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Restrict for Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.0.6 incluida debido a restricciones inadecuadas sobre datos ocultos que los hacen accesibles a trav\u00e9s de la API REST. Esto hace posible que atacantes no autenticados extraigan datos potencialmente confidenciales del contenido de las publicaciones."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-0912",
|
||||
"sourceIdentifier": "productsecurity@jci.com",
|
||||
"published": "2024-06-06T00:15:09.117",
|
||||
"lastModified": "2024-06-06T00:15:09.117",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Under certain circumstances the Microsoft\u00ae Internet Information Server (IIS) used to host the C\u2022CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C\u2022CURE 9000 or prior versions"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "En determinadas circunstancias, Microsoft\u00ae Internet Information Server (IIS) utilizado para alojar el servidor web C\u2022CURE 9000 registrar\u00e1 los detalles de las credenciales de Microsoft Windows en los registros. No hay ning\u00fan impacto en las interfaces de servicios que no son web C\u2022CURE 9000 o versiones anteriores"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-0972",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:10.923",
|
||||
"lastModified": "2024-06-06T04:15:10.923",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The BuddyPress Members Only plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.5 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's \"All Other Sections On Your Site Will be Opened to Guest\" feature (when unset) and view restricted page and post content."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento BuddyPress Members Only para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 3.3.5 incluida a trav\u00e9s de la API REST. Esto hace posible que atacantes no autenticados omitan la funci\u00f3n \"Todas las dem\u00e1s secciones de su sitio se abrir\u00e1n para invitados\" del complemento (cuando no est\u00e1 configurada) y vean p\u00e1ginas restringidas y contenido de publicaciones."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-1175",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:11.230",
|
||||
"lastModified": "2024-06-06T04:15:11.230",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'delete_payment' function in all versions up to, and including, 16.26.6. This makes it possible for unauthenticated attackers to delete arbitrary payments."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento WP-Recall \u2013 Registration, Profile, Commerce & More para WordPress es vulnerable a la p\u00e9rdida no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'delete_paid' en todas las versiones hasta la 16.26.6 incluida. Esto hace posible que atacantes no autenticados eliminen pagos arbitrarios."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
"id": "CVE-2024-1202",
|
||||
"sourceIdentifier": "iletisim@usom.gov.tr",
|
||||
"published": "2024-03-21T02:51:38.000",
|
||||
"lastModified": "2024-06-04T19:18:19.990",
|
||||
"lastModified": "2024-06-06T14:15:10.523",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-20404",
|
||||
"sourceIdentifier": "ykramarz@cisco.com",
|
||||
"published": "2024-06-05T17:15:11.790",
|
||||
"lastModified": "2024-06-05T17:15:11.790",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Finesse podr\u00eda permitir que un atacante remoto no autenticado lleve a cabo un ataque SSRF en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario para solicitudes HTTP espec\u00edficas que se env\u00edan a un sistema afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada al dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante obtener informaci\u00f3n confidencial limitada para los servicios asociados al dispositivo afectado."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-20405",
|
||||
"sourceIdentifier": "ykramarz@cisco.com",
|
||||
"published": "2024-06-05T17:15:12.107",
|
||||
"lastModified": "2024-06-05T17:15:12.107",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. \r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Finesse podr\u00eda permitir que un atacante remoto no autenticado lleve a cabo un ataque XSS almacenado explotando una vulnerabilidad RFI. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario para solicitudes HTTP espec\u00edficas que se env\u00edan a un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que haga clic en un enlace manipulado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial en el dispositivo afectado."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-2017",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T03:15:08.847",
|
||||
"lastModified": "2024-06-06T03:15:08.847",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the conditionsRow and switchCountdown functions in all versions up to, and including, 2.7.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject PHP Objects and modify the status of countdowns."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock para WordPress es vulnerable al acceso no autorizado debido a una falta de verificaci\u00f3n de capacidad en las funciones conditionRow y switchCountdown en todas las versiones hasta la 2.7.8 incluida. Esto hace posible que atacantes autenticados, con acceso a nivel de suscriptor y superior, inyecten objetos PHP y modifiquen el estado de las cuentas regresivas."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-2087",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-05T06:15:10.833",
|
||||
"lastModified": "2024-06-05T12:53:50.240",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"lastModified": "2024-06-06T14:07:14.967",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -17,8 +17,28 @@
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 2.7
|
||||
},
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
|
||||
@ -38,18 +58,57 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*",
|
||||
"versionEndExcluding": "2.4.44",
|
||||
"matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/brizy/tags/2.4.41/admin/views/form-data.php#L6",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/694d0b49-c4dd-40f0-99c9-5eb8c3c08ba9?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-23692",
|
||||
"sourceIdentifier": "disclosure@vulncheck.com",
|
||||
"published": "2024-05-31T10:15:09.330",
|
||||
"lastModified": "2024-05-31T13:15:09.310",
|
||||
"lastModified": "2024-06-06T15:15:43.993",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Rejetto HTTP File Server, hasta la versi\u00f3n 2.3m incluida, es vulnerable a una vulnerabilidad de inyecci\u00f3n de plantilla. Esta vulnerabilidad permite que un atacante remoto no autenticado ejecute comandos arbitrarios en el sistema afectado enviando una solicitud HTTP especialmente manipulada. A partir de la fecha de asignaci\u00f3n de CVE, Rejetto HFS 2.3m ya no es compatible."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-2350",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:53.237",
|
||||
"lastModified": "2024-06-06T02:15:53.237",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Clever Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CAFE Icon, CAFE Team Member, and CAFE Slider widgets in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Clever Addons for Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los widgets CAFE Icon, CAFE Team Member y CAFE Slider en todas las versiones hasta la 2.1.9 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-24789",
|
||||
"sourceIdentifier": "security@golang.org",
|
||||
"published": "2024-06-05T16:15:10.470",
|
||||
"lastModified": "2024-06-05T16:15:10.470",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El manejo que hace el paquete archive/zip de ciertos tipos de archivos zip no v\u00e1lidos difiere del comportamiento de la mayor\u00eda de las implementaciones zip. Esta desalineaci\u00f3n podr\u00eda aprovecharse para crear un archivo zip con contenidos que var\u00edan seg\u00fan la implementaci\u00f3n que lea el archivo. El paquete archive/zip ahora rechaza los archivos que contienen estos errores."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-24790",
|
||||
"sourceIdentifier": "security@golang.org",
|
||||
"published": "2024-06-05T16:15:10.560",
|
||||
"lastModified": "2024-06-05T16:15:10.560",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Los diversos m\u00e9todos Is (IsPrivate, IsLoopback, etc.) no funcionaron como se esperaba para las direcciones IPv6 asignadas a IPv4, devolviendo falso para direcciones que devolver\u00edan verdadero en sus formas IPv4 tradicionales."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27370",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:12.473",
|
||||
"lastModified": "2024-06-05T19:15:12.473",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on hal_req->num_config_discovery_attr coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_config_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en hal_req->num_config_discovery_attr procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27371",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:12.687",
|
||||
"lastModified": "2024-06-05T19:15:12.687",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_followup_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en hal_req->service_specific_info_len procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27372",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:12.893",
|
||||
"lastModified": "2024-06-05T19:15:12.893",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_config_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en disc_attr->infrastructure_ssid_len procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27373",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:13.143",
|
||||
"lastModified": "2024-06-05T19:15:13.143",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_config_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en disc_attr->mesh_id_len procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27374",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:13.347",
|
||||
"lastModified": "2024-06-05T19:15:13.347",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_publish_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en hal_req->service_specific_info_len procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27375",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:13.557",
|
||||
"lastModified": "2024-06-05T19:15:13.557",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_followup_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en hal_req->sdea_service_specific_info_len procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27376",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:13.767",
|
||||
"lastModified": "2024-06-05T19:15:13.767",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->rx_match_filter_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_subscribe_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en hal_req->rx_match_filter_len procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27377",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:13.967",
|
||||
"lastModified": "2024-06-05T19:15:13.967",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_get_security_info_nl(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en sec_info->key_info.body.pmk_info.pmk_len procedente de espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27378",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:14.170",
|
||||
"lastModified": "2024-06-05T19:15:14.170",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_cert(), there is no input validation check on len coming from userspace, which can lead to a heap over-read."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_send_action_frame_cert(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en len procedente del espacio de usuario, lo que puede generar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27379",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:14.370",
|
||||
"lastModified": "2024-06-05T19:15:14.370",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_nan_subscribe_get_nl_params(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en hal_req->num_intf_addr_present procedente del espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27380",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:14.570",
|
||||
"lastModified": "2024-06-05T19:15:14.570",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_set_delayed_wakeup_type(), there is no input validation check on a length of ioctl_args->args[i] coming from userspace, which can lead to a heap over-read."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_set_delayed_wakeup_type(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en una longitud de ioctl_args->args[i] procedente de espacio de usuario, lo que puede provocar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27381",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:14.760",
|
||||
"lastModified": "2024-06-05T19:15:14.760",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_ut(), there is no input validation check on len coming from userspace, which can lead to a heap over-read."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_send_action_frame_ut(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en len procedente del espacio de usuario, lo que puede generar una sobrescritura del mont\u00f3n.."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-27382",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:14.957",
|
||||
"lastModified": "2024-06-05T19:15:14.957",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame(), there is no input validation check on len coming from userspace, which can lead to a heap over-read."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la funci\u00f3n slsi_send_action_frame(), no hay ninguna verificaci\u00f3n de validaci\u00f3n de entrada en len proveniente del espacio de usuario, lo que puede generar una sobrescritura del mont\u00f3n."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-28818",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:15.150",
|
||||
"lastModified": "2024-06-05T19:15:15.150",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 un problema en el procesador m\u00f3vil, el procesador port\u00e1til, el procesador automotriz y el m\u00f3dem Samsung Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, M\u00f3dem 5123, M\u00f3dem 5300, y Auto T5123. El software de banda base no verifica adecuadamente los estados especificados por el m\u00f3dulo RRC (Control de recursos de radio). Esto puede dar lugar a la divulgaci\u00f3n de informaci\u00f3n confidencial."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-28995",
|
||||
"sourceIdentifier": "psirt@solarwinds.com",
|
||||
"published": "2024-06-06T09:15:14.167",
|
||||
"lastModified": "2024-06-06T09:15:14.167",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. \n\n\n\n\n\n\n\n"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "SolarWinds Serv-U era susceptible a una vulnerabilidad directory transversal que permitir\u00eda el acceso para leer archivos confidenciales en la m\u00e1quina host."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-2922",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:11.673",
|
||||
"lastModified": "2024-06-06T04:15:11.673",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget tags in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Themesflat Addons For Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de etiquetas de widgets en todas las versiones hasta la 2.1.1 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-3049",
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2024-06-06T06:15:09.550",
|
||||
"lastModified": "2024-06-06T11:15:48.553",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se encontr\u00f3 una falla en Booth, un administrador de tickets de cl\u00faster. Si se pasa un hash especialmente manipulado a gcry_md_get_algo_dlen(), es posible que el servidor Booth acepte un HMAC no v\u00e1lido."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
20
CVE-2024/CVE-2024-348xx/CVE-2024-34832.json
Normal file
20
CVE-2024/CVE-2024-348xx/CVE-2024-34832.json
Normal file
@ -0,0 +1,20 @@
|
||||
{
|
||||
"id": "CVE-2024-34832",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-06T15:15:44.873",
|
||||
"lastModified": "2024-06-06T15:15:44.873",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/julio-cfa/CVE-2024-34832",
|
||||
"source": "cve@mitre.org"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-3469",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-05T13:15:12.707",
|
||||
"lastModified": "2024-06-05T13:15:12.707",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento GP Premium para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro de mensaje en todas las versiones hasta la 2.4.0 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-35673",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-06-05T14:15:13.680",
|
||||
"lastModified": "2024-06-05T14:15:13.680",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Pure Chat de Ruby Pure Chat. Este problema afecta a Pure Chat: desde n/a hasta 2.22."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-35674",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2024-06-05T17:15:13.543",
|
||||
"lastModified": "2024-06-05T17:15:13.543",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.109."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Unlimited Elements Unlimited Elements For Elementor (widgets, complementos y plantillas gratuitos). Este problema afecta a Unlimited Elements For Elementor (widgets, complementos y plantillas gratuitos): desde n/a hasta 1.5.109."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
59
CVE-2024/CVE-2024-361xx/CVE-2024-36106.json
Normal file
59
CVE-2024/CVE-2024-361xx/CVE-2024-36106.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2024-36106",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-06-06T15:15:45.023",
|
||||
"lastModified": "2024-06-06T15:15:45.023",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It\u2019s possible for authenticated users to enumerate clusters by name by inspecting error messages. It\u2019s also possible to enumerate the names of projects with project-scoped clusters if you know the names of the clusters. This vulnerability is fixed in 2.11.3, 2.10.12, and 2.9.17."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security-advisories@github.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-209"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/argoproj/argo-cd/commit/c2647055c261a550e5da075793260f6524e65ad9",
|
||||
"source": "security-advisories@github.com"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-3cqf-953p-h5cp",
|
||||
"source": "security-advisories@github.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36129",
|
||||
"sourceIdentifier": "security-advisories@github.com",
|
||||
"published": "2024-06-05T18:15:10.833",
|
||||
"lastModified": "2024-06-05T18:15:10.833",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue. It is also fixed in the confighttp module version 0.102.0 and configgrpc module version 0.102.1.\n"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "OpenTelemetry Collector ofrece una implementaci\u00f3n independiente del proveedor sobre c\u00f3mo recibir, procesar y exportar datos de telemetr\u00eda. Una vulnerabilidad de descompresi\u00f3n insegura permite a atacantes no autenticados bloquear el recopilador mediante un consumo excesivo de memoria. La versi\u00f3n 0.102.1 de OTel Collector soluciona este problema. Tambi\u00e9n est\u00e1 corregido en la versi\u00f3n 0.102.0 del m\u00f3dulo confighttp y en la versi\u00f3n 0.102.1 del m\u00f3dulo configgrpc."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36393",
|
||||
"sourceIdentifier": "cna@cyber.gov.il",
|
||||
"published": "2024-06-06T09:15:14.420",
|
||||
"lastModified": "2024-06-06T09:15:14.420",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "SysAid - CWE-89: Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando SQL (\"Inyecci\u00f3n SQL\")"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36394",
|
||||
"sourceIdentifier": "cna@cyber.gov.il",
|
||||
"published": "2024-06-06T09:15:14.660",
|
||||
"lastModified": "2024-06-06T09:15:14.660",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "SysAid - CWE-78: Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en un comando del sistema operativo (\"Inyecci\u00f3n de comando del sistema operativo\")"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,19 +2,79 @@
|
||||
"id": "CVE-2024-36547",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-04T15:15:47.210",
|
||||
"lastModified": "2024-06-04T16:57:41.053",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-06-06T15:16:11.897",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms V1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente admin/vpsClass_deal.php?mudi=add"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/da271133/cms/blob/main/32/csrf.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,19 +2,78 @@
|
||||
"id": "CVE-2024-36548",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-04T15:15:47.307",
|
||||
"lastModified": "2024-06-04T16:57:41.053",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-06-06T15:24:02.577",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms V1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s de admin/vpsCompany_deal.php?mudi=del"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/da271133/cms/blob/main/31/csrf.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,19 +2,79 @@
|
||||
"id": "CVE-2024-36549",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-04T15:15:47.397",
|
||||
"lastModified": "2024-06-04T16:57:41.053",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-06-06T15:24:35.210",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s de /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/da271133/cms/blob/main/30/csrf.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,19 +2,79 @@
|
||||
"id": "CVE-2024-36550",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-04T15:15:47.497",
|
||||
"lastModified": "2024-06-04T16:57:41.053",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2024-06-06T15:24:43.683",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms V1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s de /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:idccms:idccms:1.35:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "0790E0F4-51A6-479C-9321-8E42F139EDC7"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/da271133/cms/blob/main/29/csrf.md",
|
||||
"source": "cve@mitre.org"
|
||||
"source": "cve@mitre.org",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36667",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:15.687",
|
||||
"lastModified": "2024-06-05T19:15:15.687",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin/idcProType_deal.php?mudi=add&nohrefStr=close"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36668",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:15.777",
|
||||
"lastModified": "2024-06-05T19:15:15.777",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=del"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente admin/type_deal.php?mudi=del"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36669",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:15.860",
|
||||
"lastModified": "2024-06-05T19:15:15.860",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente admin/type_deal.php?mudi=add."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36670",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T19:15:15.950",
|
||||
"lastModified": "2024-06-05T19:15:15.950",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se descubri\u00f3 que idccms v1.35 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente admin/vpsClass_deal.php?mudi=del"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-36779",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-06T13:15:31.590",
|
||||
"lastModified": "2024-06-06T13:15:31.590",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-36837",
|
||||
"sourceIdentifier": "cve@mitre.org",
|
||||
"published": "2024-06-05T15:15:11.803",
|
||||
"lastModified": "2024-06-05T15:15:11.803",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en CRMEB v.5.2.2 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s de la funci\u00f3n getProductList en el archivo ProductController.php."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-3667",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-05T06:15:11.590",
|
||||
"lastModified": "2024-06-05T12:53:50.240",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"lastModified": "2024-06-06T14:07:44.473",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -17,8 +17,28 @@
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.4,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 2.7
|
||||
},
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
|
||||
@ -38,18 +58,57 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:brizy:brizy-page_builder:*:*:*:*:*:wordpress:*:*",
|
||||
"versionEndExcluding": "2.4.44",
|
||||
"matchCriteriaId": "0E89EC06-A340-4DE2-B625-4AC05E3C42F6"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/public/editor-build/282-wp/editor/js",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3086506%40brizy%2Ftrunk&old=3058896%40brizy%2Ftrunk&sfp_email=&sfph_mail=",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Patch"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0edfebc-bf6b-4346-9cd7-ce00007e3620?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-3716",
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2024-06-05T15:15:12.043",
|
||||
"lastModified": "2024-06-05T15:15:12.043",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se encontr\u00f3 una falla en Foreman-installer cuando se invoca a Puppet-candlepin cpdb con el par\u00e1metro --password. Este problema filtra la contrase\u00f1a en la lista de procesos y permite que un atacante aproveche y obtenga la contrase\u00f1a."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4008",
|
||||
"sourceIdentifier": "cybersecurity@ch.abb.com",
|
||||
"published": "2024-06-05T18:15:11.113",
|
||||
"lastModified": "2024-06-05T18:15:11.113",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "La fuga de FDSK en ABB, Busch-Jaeger, FTS Display (versi\u00f3n 1.00) y BCU (versi\u00f3n 1.3.0.33) permite al atacante tomar el control mediante el acceso al sistema de bus KNX local"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4009",
|
||||
"sourceIdentifier": "cybersecurity@ch.abb.com",
|
||||
"published": "2024-06-05T18:15:11.420",
|
||||
"lastModified": "2024-06-05T18:15:11.420",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Replay Attack\n\nin ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Replay Attack en ABB, Busch-Jaeger, FTS Display (versi\u00f3n 1.00) y BCU (versi\u00f3n 1.3.0.33) permite al atacante capturar/reproducir telegramas KNX al sistema de bus KNX local"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4177",
|
||||
"sourceIdentifier": "cve-requests@bitdefender.com",
|
||||
"published": "2024-06-06T08:15:39.767",
|
||||
"lastModified": "2024-06-06T08:15:39.767",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Un problema con el analizador de lista blanca de host en el servicio proxy implementado en GravityZone Update Server permite a un atacante provocar server-side request forgery. Este problema solo afecta a las versiones de GravityZone Console anteriores a 6.38.1-2 que se ejecutan \u00fanicamente en las instalaciones."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4194",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:53.453",
|
||||
"lastModified": "2024-06-06T02:15:53.453",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento The Album and Image Gallery plus Lightbox para WordPress es vulnerable a la ejecuci\u00f3n arbitraria de c\u00f3digos cortos en todas las versiones hasta la 2.0 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4212",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:11.970",
|
||||
"lastModified": "2024-06-06T04:15:11.970",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TF Group Image, TF Nav Menu, TF Posts, TF Woo Product Grid, TF Accordion, and TF Image Box widgets in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Themesflat Addons para Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los widgets TF Group Image, TF Nav Menu, TF Posts, TF Woo Product Grid, TF Accordion y TF Image Box en todas las versiones hasta e incluida, 2.1.1 debido a una sanitizaci\u00f3n insuficiente de las entradas y a la salida de datos que se escapan de los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4364",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:12.220",
|
||||
"lastModified": "2024-06-06T04:15:12.220",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button widgets in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Qi Addons For Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los widgets de botones del complemento en todas las versiones hasta la 1.7.2 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4458",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:12.483",
|
||||
"lastModified": "2024-06-06T04:15:12.483",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in several widgets via URL parameters in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Themesflat Addons For Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado en varios widgets a trav\u00e9s de par\u00e1metros de URL en todas las versiones hasta la 2.1.1 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4459",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:12.717",
|
||||
"lastModified": "2024-06-06T04:15:12.717",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget's titles in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Themesflat Addons For Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los t\u00edtulos de los widgets del complemento en todas las versiones hasta la 2.1.1 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4608",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:12.953",
|
||||
"lastModified": "2024-06-06T04:15:12.953",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The SellKit \u2013 Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento SellKit \u2013 Funnel builder and checkout optimizer for WooCommerce to sell more, faster para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'id' en todas las versiones hasta la 1.9.8 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y salida que se escapa. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4705",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:53.663",
|
||||
"lastModified": "2024-06-06T02:15:53.663",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Testimonials Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's testimonials shortcode in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Testimonials Widget para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado de testimonios del complemento en todas las versiones hasta la 4.0.4 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4707",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:13.213",
|
||||
"lastModified": "2024-06-06T04:15:13.213",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Materialis Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's materialis_contact_form shortcode in all versions up to, and including, 1.3.41 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Materialis Companion para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo corto materialis_contact_form del complemento en todas las versiones hasta la 1.3.41 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4788",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:53.860",
|
||||
"lastModified": "2024-06-06T02:15:53.860",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create_bhf_post function in all versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to create pages or posts with arbitrary content."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Boostify Header Footer Builder para Elementor para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n create_bhf_post en todas las versiones hasta la 1.3.3 incluida. Esto hace posible que atacantes autenticados, con acceso a nivel de suscriptor y superior, creen p\u00e1ginas o publicaciones con contenido arbitrario."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4812",
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2024-06-05T15:15:12.333",
|
||||
"lastModified": "2024-06-05T15:15:12.333",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the \"Description\" field of a user. This code can be executed when opening certain pages, for example, Host Collections."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se encontr\u00f3 una falla en el complemento Katello para Foreman, donde es posible almacenar c\u00f3digo JavaScript malicioso en el campo \"Descripci\u00f3n\" de un usuario. Este c\u00f3digo se puede ejecutar al abrir determinadas p\u00e1ginas, por ejemplo, Colecciones de hosts."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-4942",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:54.080",
|
||||
"lastModified": "2024-06-06T02:15:54.080",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Custom Dash plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Custom Dash para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 1.0.2 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a las instalaciones multisitio y a las instalaciones en las que se ha deshabilitado unfiltered_html."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5001",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:54.283",
|
||||
"lastModified": "2024-06-06T02:15:54.283",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_id', 'oxi_addons_f_title_tag', and 'content_description_tag' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Image Hover Effects for Elementor with Lightbox and Flipbox para WordPress son vulnerables a Cross-Site Scripting Almacenado a trav\u00e9s de los par\u00e1metros '_id', 'oxi_addons_f_title_tag' y 'content_description_tag' en todas las versiones hasta la 3.0.2 incluida debido a una sanitizaci\u00f3n insuficiente de los insumos y escape de los productos. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5037",
|
||||
"sourceIdentifier": "secalert@redhat.com",
|
||||
"published": "2024-06-05T18:15:11.747",
|
||||
"lastModified": "2024-06-05T18:15:11.747",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue (\"iss\") check during JSON web token (JWT) authentication."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Se encontr\u00f3 una falla en Telemeter de OpenShift. Si se cumplen ciertas condiciones, un atacante puede usar un token falsificado para evitar la verificaci\u00f3n del problema (\"iss\") durante la autenticaci\u00f3n del token web JSON (JWT)."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5038",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T11:15:48.770",
|
||||
"lastModified": "2024-06-06T11:15:48.770",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Colibri Page Builder para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los c\u00f3digos cortos del complemento en todas las versiones hasta la 1.0.276 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5141",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:13.467",
|
||||
"lastModified": "2024-06-06T04:15:13.467",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Rotating Tweets (Twitter widget and shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's' 'rotatingtweets' in all versions up to, and including, 1.9.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Rotating Tweets (widget de Twitter y c\u00f3digo abreviado) para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de los 'tweets giratorios' del complemento en todas las versiones hasta la 1.9.10 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-5149",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-05T05:15:50.260",
|
||||
"lastModified": "2024-06-05T12:53:50.240",
|
||||
"vulnStatus": "Undergoing Analysis",
|
||||
"lastModified": "2024-06-06T14:15:01.960",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -17,8 +17,28 @@
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 1.4
|
||||
},
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
|
||||
@ -38,14 +58,50 @@
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-330"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:themekraft:buddyforms:*:*:*:*:*:wordpress:*:*",
|
||||
"versionEndIncluding": "2.8.9",
|
||||
"matchCriteriaId": "FA366645-68E9-4808-821F-E0A5F8582939"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/buddyforms/tags/2.8.9/includes/wp-insert-user.php#L334",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5c8d361-698b-4abd-bcdd-0361d3fd10c5?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
"source": "security@wordfence.com",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5152",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:13.720",
|
||||
"lastModified": "2024-06-06T04:15:13.720",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018_id\u2019 parameter in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento ElementsReady Addons para Elementor para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro '_id' en todas las versiones hasta la 6.1.0 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5153",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:13.950",
|
||||
"lastModified": "2024-06-06T04:15:13.950",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzone_hash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain sensitive information, and to delete arbitrary directories, including the root WordPress directory."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Startklar Elementor Addons para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 1.7.15 incluida a trav\u00e9s del par\u00e1metro 'dropzone_hash'. Esto hace posible que atacantes no autenticados copien el contenido de archivos arbitrarios en el servidor, que pueden contener informaci\u00f3n confidencial, y eliminen directorios arbitrarios, incluido el directorio ra\u00edz de WordPress."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5161",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:14.217",
|
||||
"lastModified": "2024-06-06T04:15:14.217",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018_id\u2019 parameter in all versions up to, and including, 1.1.39 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Magical Addons For Elementor (Header Footer Builder, Free Elementor Widgets, Elementor Templates Library) para WordPress es vulnerable a las Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro '_id' en todas las versiones hasta la 1.1.39 incluida debido a una insuficiencia sanitizaci\u00f3n de insumos y escape de salidas. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5162",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:14.463",
|
||||
"lastModified": "2024-06-06T04:15:14.463",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The WordPress prettyPhoto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento WordPress PrettyPhoto para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'url' en todas las versiones hasta la 1.2.3 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5171",
|
||||
"sourceIdentifier": "cve-coordination@google.com",
|
||||
"published": "2024-06-05T20:15:13.800",
|
||||
"lastModified": "2024-06-05T20:15:13.800",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Integer overflow in libaom internal function\u00a0img_alloc_helper can lead to heap buffer overflow. This function can be reached via 3 callers:\n\n\n * Calling aom_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.\n * Calling aom_img_wrap() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid.\n * Calling aom_img_alloc_with_border() with a large value of the d_w, d_h, align, size_align, or border parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned aom_image_t struct may be invalid."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El desbordamiento de enteros en la funci\u00f3n interna de libaom img_alloc_helper puede provocar un desbordamiento del b\u00fafer del mont\u00f3n. Se puede acceder a esta funci\u00f3n a trav\u00e9s de 3 llamadores: * Llamar a aom_img_alloc() con un valor grande del par\u00e1metro d_w, d_h o align puede resultar en desbordamientos de enteros en los c\u00e1lculos de tama\u00f1os y compensaciones del b\u00fafer y algunos campos de la estructura aom_image_t devuelta pueden ser inv\u00e1lido. * Llamar a aom_img_wrap() con un valor grande del par\u00e1metro d_w, d_h o align puede provocar desbordamientos de enteros en los c\u00e1lculos de tama\u00f1os y compensaciones del b\u00fafer y algunos campos de la estructura aom_image_t devuelta pueden no ser v\u00e1lidos. * Llamar a aom_img_alloc_with_border() con un valor grande del par\u00e1metro d_w, d_h, align, size_align o border puede provocar desbordamientos de enteros en los c\u00e1lculos de tama\u00f1os y compensaciones del b\u00fafer y algunos campos de la estructura aom_image_t devuelta pueden no ser v\u00e1lidos."
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5179",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:54.487",
|
||||
"lastModified": "2024-06-06T02:15:54.487",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Cowidgets \u2013 Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.1 via the 'item_style' and 'style' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Cowidgets \u2013 Elementor Addons para WordPress es vulnerable a la inclusi\u00f3n de archivos locales en todas las versiones hasta la 1.1.1 incluida a trav\u00e9s de los par\u00e1metros 'item_style' y 'style'. Esto hace posible que atacantes autenticados, con acceso de nivel Colaborador y superior, incluyan y ejecuten archivos arbitrarios en el servidor, permitiendo la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos. Esto se puede utilizar para eludir los controles de acceso, obtener datos confidenciales o lograr la ejecuci\u00f3n de c\u00f3digo en los casos en que se puedan cargar e incluir im\u00e1genes y otros tipos de archivos \"seguros\"."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5184",
|
||||
"sourceIdentifier": "disclosure@synopsys.com",
|
||||
"published": "2024-06-05T18:15:11.993",
|
||||
"lastModified": "2024-06-05T18:15:11.993",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The EmailGPT service contains a prompt injection vulnerability.\u00a0The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or execute unwanted prompts.\u00a0When engaging with EmailGPT by submitting a malicious prompt that requests harmful information, the system will respond by providing the requested data. This vulnerability can be exploited by any individual with access to the service."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El servicio EmailGPT contiene una vulnerabilidad de inyecci\u00f3n r\u00e1pida. El servicio utiliza un servicio API que permite a un usuario malintencionado inyectar un mensaje directo y hacerse cargo de la l\u00f3gica del servicio. Los atacantes pueden aprovechar el problema obligando al servicio de inteligencia artificial a filtrar los mensajes est\u00e1ndar codificados del sistema y/o ejecutar mensajes no deseados. Al interactuar con EmailGPT enviando un mensaje malicioso que solicita informaci\u00f3n da\u00f1ina, el sistema responder\u00e1 proporcionando los datos solicitados. Esta vulnerabilidad puede ser aprovechada por cualquier persona con acceso al servicio."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5188",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T11:15:49.057",
|
||||
"lastModified": "2024-06-06T11:15:49.057",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'get_manual_calendar_events' function in all versions up to, and including, 5.9.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Los complementos Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders para WordPress son vulnerables a Cross-Site Scripting Almacenado a trav\u00e9s de la funci\u00f3n 'get_manual_calendar_events' en todas las versiones hasta la 5.9.22 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y la salida se escapa. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5221",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T09:15:14.977",
|
||||
"lastModified": "2024-06-06T09:15:14.977",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Qi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Qi Blocks para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del cargador de archivos del complemento en todas las versiones hasta la 1.2.9 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de autor y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5224",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:54.690",
|
||||
"lastModified": "2024-06-06T02:15:54.690",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Easy Social Like Box \u2013 Popup \u2013 Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cardoza_facebook_like_box' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Easy Social Like Box \u2013 Popup \u2013 Sidebar Widget para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo corto 'cardoza_facebook_like_box' del complemento en todas las versiones hasta la 4.0 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5259",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T10:15:09.557",
|
||||
"lastModified": "2024-06-06T10:15:09.557",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The MultiVendorX Marketplace \u2013 WooCommerce MultiVendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018hover_animation\u2019 parameter in all versions up to, and including, 4.1.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento MultiVendorX Marketplace \u2013 WooCommerce MultiVendor Marketplace Solution para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del par\u00e1metro 'hover_animation' en todas las versiones hasta la 4.1.11 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de Colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5324",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:54.890",
|
||||
"lastModified": "2024-06-06T02:15:54.890",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Login/Signup Popup (Inline Form + Woocommerce) para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'import_settings' en las versiones 2.7.1 a 2.7.2. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, cambien opciones arbitrarias en los sitios afectados. Esto se puede utilizar para habilitar el registro de nuevos usuarios y establecer la funci\u00f3n predeterminada para los nuevos usuarios en Administrador."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5329",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T10:15:10.493",
|
||||
"lastModified": "2024-06-06T10:15:10.493",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to blind SQL Injection via the \u2018data[addonID]\u2019 parameter in all versions up to, and including, 1.5.109 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Unlimited Elements For Elementor (widgets, complementos y plantillas gratuitos) para WordPress es vulnerable a la inyecci\u00f3n SQL ciega a trav\u00e9s del par\u00e1metro 'data[addonID]' en todas las versiones hasta la 1.5.109 debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que los atacantes autenticados, con acceso de nivel de colaborador y superior, agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5342",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T02:15:55.087",
|
||||
"lastModified": "2024-06-06T02:15:55.087",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Simple Image Popup Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sips_popup' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Simple Image Popup Shortcode para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s del c\u00f3digo abreviado 'sips_popup' del complemento en todas las versiones hasta la 1.0 incluida debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5449",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:14.720",
|
||||
"lastModified": "2024-06-06T04:15:14.720",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The WP Dark Mode \u2013 WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdm_social_share_save_options function in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's settings."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento WP Dark Mode \u2013 WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n wpdm_social_share_save_options en todas las versiones hasta e incluyendo, 5.0.4. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, actualicen la configuraci\u00f3n del complemento."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5459",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-05T13:15:13.437",
|
||||
"lastModified": "2024-06-05T13:15:13.437",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on 'add_section', 'add_menu', 'add_menu_item', and 'add_menu_page' functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create menu sections, menus, food items, and new menu pages."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Restaurant Menu and Food Ordering para WordPress es vulnerable a la creaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en las funciones 'add_section', 'add_menu', 'add_menu_item' y 'add_menu_page' en todas las versiones hasta la 2.4.16 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, creen secciones de men\u00fa, men\u00fas, alimentos y nuevas p\u00e1ginas de men\u00fa."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2024-5489",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T12:15:09.227",
|
||||
"lastModified": "2024-06-06T12:15:09.227",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5615",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T04:15:15.010",
|
||||
"lastModified": "2024-06-06T04:15:15.010",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the 'opengraph_default_description' function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of password-protected blog posts."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Open Graph para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.11.2 incluida a trav\u00e9s de la funci\u00f3n 'opengraph_default_description'. Esto hace posible que atacantes no autenticados extraigan datos confidenciales, incluido el contenido parcial de publicaciones de blog protegidas con contrase\u00f1a."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5629",
|
||||
"sourceIdentifier": "cna@mongodb.com",
|
||||
"published": "2024-06-05T15:15:12.737",
|
||||
"lastModified": "2024-06-05T15:15:12.737",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una lectura fuera de los l\u00edmites en el m\u00f3dulo 'bson' de PyMongo 4.6.2 o anterior permite la deserializaci\u00f3n de BSON mal formado proporcionado por un servidor para generar una excepci\u00f3n que puede contener memoria de aplicaci\u00f3n arbitraria."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5653",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-06-05T21:15:15.247",
|
||||
"lastModified": "2024-06-05T21:15:15.247",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5. This issue affects some unknown processing of the file /tplus/UFAQD/keyEdit.aspx. The manipulation of the argument KeyID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-267185 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "Una vulnerabilidad fue encontrada en Chanjet Smooth T+system 3.5 y clasificada como cr\u00edtica. Este problema afecta un procesamiento desconocido del archivo /tplus/UFAQD/keyEdit.aspx. La manipulaci\u00f3n del argumento KeyID conduce a la inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-267185. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5656",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T05:15:49.377",
|
||||
"lastModified": "2024-06-06T05:15:49.377",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Google CSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Google CSE para WordPress es vulnerable a Cross-Site Scripting Almacenado a trav\u00e9s de la configuraci\u00f3n de administrador en todas las versiones hasta la 1.0.7 incluida debido a una sanitizaci\u00f3n de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. Esto solo afecta a las instalaciones multisitio y a las instalaciones en las que se ha deshabilitado unfiltered_html."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5657",
|
||||
"sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
|
||||
"published": "2024-06-06T11:15:49.277",
|
||||
"lastModified": "2024-06-06T11:15:49.277",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento CraftCMS Autenticaci\u00f3n de dos factores en las versiones 3.3.1, 3.3.2 y 3.3.3 revela el hash de contrase\u00f1a del usuario actualmente autenticado despu\u00e9s de enviar un TOTP v\u00e1lido."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5658",
|
||||
"sourceIdentifier": "1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a",
|
||||
"published": "2024-06-06T11:15:49.573",
|
||||
"lastModified": "2024-06-06T11:15:49.573",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento CraftCMS Autenticaci\u00f3n de dos factores hasta 3.3.3 permite la reutilizaci\u00f3n de tokens TOTP varias veces dentro del per\u00edodo de validez."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
@ -2,12 +2,16 @@
|
||||
"id": "CVE-2024-5665",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-06T08:15:40.153",
|
||||
"lastModified": "2024-06-06T08:15:40.153",
|
||||
"vulnStatus": "Received",
|
||||
"lastModified": "2024-06-06T14:17:35.017",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u2018export_settings\u2019 function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary options on affected sites."
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
"value": "El complemento Login/Signup Popup (Inline Form + Woocommerce) para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'export_settings' en las versiones 2.7.1 a 2.7.2. Esto hace posible que atacantes autenticados, con acceso a nivel de suscriptor y superior, lean opciones arbitrarias en los sitios afectados."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user