From 18aeb7670069e4a4c2ab4029566a8341f2b3d148 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 13 Apr 2024 10:03:28 +0000
Subject: [PATCH] Auto-Update: 2024-04-13T10:00:38.273636+00:00

---
 CVE-2023/CVE-2023-64xx/CVE-2023-6494.json | 47 +++++++++++++++++++++++
 CVE-2024/CVE-2024-36xx/CVE-2024-3662.json | 47 +++++++++++++++++++++++
 README.md                                 | 16 ++++----
 _state.csv                                | 10 +++--
 4 files changed, 107 insertions(+), 13 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-64xx/CVE-2023-6494.json
 create mode 100644 CVE-2024/CVE-2024-36xx/CVE-2024-3662.json

diff --git a/CVE-2023/CVE-2023-64xx/CVE-2023-6494.json b/CVE-2023/CVE-2023-64xx/CVE-2023-6494.json
new file mode 100644
index 00000000000..5b80c85663b
--- /dev/null
+++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6494.json
@@ -0,0 +1,47 @@
+{
+  "id": "CVE-2023-6494",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-04-13T09:15:06.917",
+  "lastModified": "2024-04-13T09:15:06.917",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3069323%40woo-smart-quick-view&new=3069323%40woo-smart-quick-view&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45ac52e1-9f0e-499e-9125-2581940f5bdd?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-36xx/CVE-2024-3662.json b/CVE-2024/CVE-2024-36xx/CVE-2024-3662.json
new file mode 100644
index 00000000000..8d03b65425e
--- /dev/null
+++ b/CVE-2024/CVE-2024-36xx/CVE-2024-3662.json
@@ -0,0 +1,47 @@
+{
+  "id": "CVE-2024-3662",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-04-13T09:15:07.217",
+  "lastModified": "2024-04-13T09:15:07.217",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WPZOOM Social Feed Widget & Block plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpzoom_instagram_clear_data() function in all versions up to, and including, 2.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete all Instagram images installed on the site."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3069664%40instagram-widget-by-wpzoom&new=3069664%40instagram-widget-by-wpzoom&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3a70510-51c8-49c3-933b-79e79dfb8611?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index cbd707b973b..d4be0b60693 100644
--- a/README.md
+++ b/README.md
@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-04-13T06:00:38.161438+00:00
+2024-04-13T10:00:38.273636+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-04-13T05:15:48.923000+00:00
+2024-04-13T09:15:07.217000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,23 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-245403
+245405
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `2`
 
-- [CVE-2024-2583](CVE-2024/CVE-2024-25xx/CVE-2024-2583.json) (`2024-04-13T05:15:48.923`)
+- [CVE-2023-6494](CVE-2023/CVE-2023-64xx/CVE-2023-6494.json) (`2024-04-13T09:15:06.917`)
+- [CVE-2024-3662](CVE-2024/CVE-2024-36xx/CVE-2024-3662.json) (`2024-04-13T09:15:07.217`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `3`
+Recently modified CVEs: `0`
 
-- [CVE-2024-24680](CVE-2024/CVE-2024-246xx/CVE-2024-24680.json) (`2024-04-13T04:15:09.307`)
-- [CVE-2024-26811](CVE-2024/CVE-2024-268xx/CVE-2024-26811.json) (`2024-04-13T04:15:09.577`)
-- [CVE-2024-27351](CVE-2024/CVE-2024-273xx/CVE-2024-27351.json) (`2024-04-13T04:15:09.670`)
 
 
 ## Download and Usage
diff --git a/_state.csv b/_state.csv
index e7a06b4a8b9..ff0033e724c 100644
--- a/_state.csv
+++ b/_state.csv
@@ -237593,6 +237593,7 @@ CVE-2023-6486,0,0,2852c688030b05f345f0ff9f0e876ab8d345b734861d6146e29b6ccbab426a
 CVE-2023-6488,0,0,a2d2155218f4cd12cbd7cf86a1d373ca9d8739c736f0c67e222296ebea42699d,2023-12-22T19:30:36.993000
 CVE-2023-6489,0,0,8be5137422e44d9e775f7530defb6286a84af9abdf8da8a38a11072ad60f9cbc,2024-04-12T12:43:57.400000
 CVE-2023-6493,0,0,f1b44774d19dee2dde0db6057c1c8da6a9052c466b0c843005cf7e84e74e5bad,2024-01-10T15:10:40.807000
+CVE-2023-6494,1,1,cfc92d07e37a7f4476cf6dd15f9993af88d71c2ba7888f584e4f8ae1591cb6ee,2024-04-13T09:15:06.917000
 CVE-2023-6496,0,0,87b56518aaf4afd4545cd371dac346e93b19b056714958fa1a42154914cf88c5,2024-01-17T20:24:42.663000
 CVE-2023-6497,0,0,5c328723b0d6eb2b6ecefa341ec54fae28ffb5f772896759b50e3e0ea4100eb7,2024-02-01T04:14:30.527000
 CVE-2023-6498,0,0,9f7d3ecac1b2f6231548f9f23508f6f54f57fff8c183129d647c8665a44041de,2024-01-10T16:53:30.670000
@@ -241840,7 +241841,7 @@ CVE-2024-2464,0,0,258119b056e9fce5dd31506f1eb25477966980981d44726c57b4011817bcc3
 CVE-2024-2465,0,0,8a7263ec4d3d7ab7fb04bd888fa4508d9ece49d5518f3ba48a9225f207c19c22,2024-03-21T15:24:35.093000
 CVE-2024-2466,0,0,9b693c57905d5c9df2784625e99d8311f4169bf72ecd0a55d11b3cf49c2f3f64,2024-03-27T12:29:30.307000
 CVE-2024-2468,0,0,acae2326336f2322a6baa0f217a4c4dd168ec20ba1dcea9f5e39d94f312a5562,2024-03-25T01:51:01.223000
-CVE-2024-24680,0,1,90a203aaf060e4044917c114d2bfec83f78b1fd0045bb8b450f8b0096d150149,2024-04-13T04:15:09.307000
+CVE-2024-24680,0,0,90a203aaf060e4044917c114d2bfec83f78b1fd0045bb8b450f8b0096d150149,2024-04-13T04:15:09.307000
 CVE-2024-24681,0,0,09faa6afb97dca8c5a40342ef46ed8da48a59db97ae4367588d4084f35b12a3b,2024-03-28T08:15:26.453000
 CVE-2024-24683,0,0,5dcfcb131b936f6ead6cae5418b28b2fe1bb1011c1c921fe73c5d9bd261bf34a,2024-03-19T13:26:46
 CVE-2024-2469,0,0,5f0ba848120e9c83605604062f6a47531d4f6cd19b0b6128c0eca205857bcc92,2024-03-21T12:58:51.093000
@@ -242468,7 +242469,7 @@ CVE-2024-2581,0,0,bbca2c21d80fa560c1d39d6b410fd6ea665570857f1537976b36f5e1dd30a9
 CVE-2024-25811,0,0,16bc914d8679efc822d508644be05dd9aca3ce1bfb45b311a9a5b65ad61ab2e4,2024-03-21T12:58:51.093000
 CVE-2024-25817,0,0,8244c17ffec667dd25976664571f96aed86930fb569e330976ea19223cb10648,2024-03-06T15:18:08.093000
 CVE-2024-25828,0,0,c8378dce7510c383d40b9ac3674d553ee8ef2c5f2caf844957f30776ab7a0ce5,2024-02-22T19:07:27.197000
-CVE-2024-2583,1,1,3976178f10637a0f1e66729bb8233efcdb8cf56312e305151043ecfc831167c9,2024-04-13T05:15:48.923000
+CVE-2024-2583,0,0,3976178f10637a0f1e66729bb8233efcdb8cf56312e305151043ecfc831167c9,2024-04-13T05:15:48.923000
 CVE-2024-25830,0,0,984f4675a1a8367fa6046b4f24bfdf3bdf9d7d0b9d5540044a528390cd375cfc,2024-02-29T13:49:29.390000
 CVE-2024-25831,0,0,4f3f47c1489f73aab6a653b88d9c545d05e1116805e7fd54593219fd0604c164,2024-02-29T13:49:29.390000
 CVE-2024-25832,0,0,c7de0a8f6d6bc7ded7477878b19770d9a94ca714bc65a76614e4ddd77fbc8435,2024-02-29T13:49:29.390000
@@ -243162,7 +243163,7 @@ CVE-2024-26808,0,0,4f31bc304a07232a3baf91061957b820ea1892642e797b2566eb9414b09af
 CVE-2024-26809,0,0,9fe73261a4fc78e6c4eacdd5a51592c430457963a39614d59847053f3066f6fb,2024-04-04T12:48:22.650000
 CVE-2024-2681,0,0,cb05086c2c8d183d14408cf45e04435cc7af702ab8c219dc1bd4df4ce50beae6,2024-04-11T01:25:32.153000
 CVE-2024-26810,0,0,8258d06b87c2ee0865663681013faa6f86b788a0534c70735d33ebe3382a5082,2024-04-10T15:16:04.580000
-CVE-2024-26811,0,1,cee29b2b278372d159ec8640ea5ad6aca2c80b1bf221aa5dbd03d1b241f20b51,2024-04-13T04:15:09.577000
+CVE-2024-26811,0,0,cee29b2b278372d159ec8640ea5ad6aca2c80b1bf221aa5dbd03d1b241f20b51,2024-04-13T04:15:09.577000
 CVE-2024-26812,0,0,a664584a1298bea5471d70ccbf705e6ceec4d310a83d2767afd1b5c2c1bf40b8,2024-04-10T15:16:04.683000
 CVE-2024-26813,0,0,4c4f638ce8eee2493d635f8fa9fa2dcfa78bcffda2b95c03bd9897a64272ebf6,2024-04-10T15:16:04.730000
 CVE-2024-26814,0,0,be227a06b909e3857d6aa06ff8430a4cb98fc8ed8c299e693a9519701c6ff75a,2024-04-10T15:16:04.777000
@@ -243352,7 +243353,7 @@ CVE-2024-27345,0,0,fe911dc85212419c00cd206bd5ce379cb6ba140e18be3c5480a17f10aedd8
 CVE-2024-27346,0,0,386b701029626639fdc143fc77e569108911d00594cd7781652dc458bf9d469e,2024-04-03T17:24:18.150000
 CVE-2024-2735,0,0,ff920486529d1f84ac9361983e7636408ed8db1301446daf522c5d6cf104818f,2024-04-10T13:23:38.787000
 CVE-2024-27350,0,0,5597abb0ceda36739a00afc67d358c9c0f6015c501af0eb35c72e1c96465f58f,2024-02-26T16:32:25.577000
-CVE-2024-27351,0,1,e5505530871c697c674195d8ffd42c312d6a761b119915763b01b65b4bd9b691,2024-04-13T04:15:09.670000
+CVE-2024-27351,0,0,e5505530871c697c674195d8ffd42c312d6a761b119915763b01b65b4bd9b691,2024-04-13T04:15:09.670000
 CVE-2024-27354,0,0,3ace96f0cae30cfccef0c08e69f46a230792c5572ff398d91aa2a719b3624556,2024-03-21T02:52:19.927000
 CVE-2024-27355,0,0,f69927749d318ce3d471850deb21bc77767a9c94b5f501be3a1713c1109a5c66,2024-03-21T02:52:19.970000
 CVE-2024-27356,0,0,2464f4bdc7cd759969915038df7055199f0bd02c6d9b1a8ceb85c7588507e9ba,2024-02-27T14:20:06.637000
@@ -245387,6 +245388,7 @@ CVE-2024-3619,0,0,e46a3b263395cb61cb97e22d10d38e54d57de91c1d7f1832b85e56c338bf09
 CVE-2024-3620,0,0,a7eeb1bc049879e174341aab349252fb94be8452f8b1f4ee171cd19f6ef0b10d,2024-04-11T12:47:44.137000
 CVE-2024-3621,0,0,84afe5bfc8ac11b311e81571bedd8fcb4ae60929cf687215eae135d692582687,2024-04-11T12:47:44.137000
 CVE-2024-3652,0,0,a467de8b64f8147acdef48edc35752a89afb7d5856e17302ea9c57335ed0f61c,2024-04-11T12:47:44.137000
+CVE-2024-3662,1,1,b9d7db6c67e8f8f119c6ee8dfa0315eaec60a4fa65abb2b74bae6f5364f4bb1c,2024-04-13T09:15:07.217000
 CVE-2024-3685,0,0,5dbf2f4fea69e09c737fc66bbcb0aca348f1b9b76e80a25bce70b4ae49f51189,2024-04-12T13:15:20.653000
 CVE-2024-3686,0,0,17ac801e41417a54d8da3c3eae094294f3578a0955392bf4edb9b7729c614b66,2024-04-12T14:15:08.003000
 CVE-2024-3687,0,0,eb99608dc87c56e6186fd94e39f8bc837aa01ec2cd25192b288dc56ab3bfbb09,2024-04-12T14:15:08.250000