Auto-Update: 2024-06-22T02:00:18.046566+00:00

2025-05-30 18:21:17 +00:00 · 2024-06-22 02:03:09 +00:00 · 2024-06-22 02:03:09 +00:00 · 26d33579b9
commit 26d33579b9
parent aeb4cd5073
3 changed files with 93 additions and 26 deletions
--- a/CVE-2024/CVE-2024-61xx/CVE-2024-6120.json
+++ b/CVE-2024/CVE-2024-61xx/CVE-2024-6120.json
@ -0,0 +1,75 @@
+{
+  "id": "CVE-2024-6120",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-06-22T00:15:09.690",
+  "lastModified": "2024-06-22T00:15:09.690",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all posts, pages, and uploaded files, as well as download and install a limited set of demo plugins."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L446",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L469",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L497",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L519",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L541",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L570",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L595",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/sparkle-demo-importer/tags/1.4.7/sparkle-demo-importer.php#L627",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f411d17-5b0d-4a4a-afa8-7efebf6965f2?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-21T23:55:18.388837+00:00
+2024-06-22T02:00:18.046566+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-21T22:15:11.157000+00:00
+2024-06-22T00:15:09.690000+00:00
 ```

 ### Last Data Feed Release
@ -27,35 +27,26 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2024-06-21T00:00:08.672158+00:00
+2024-06-22T00:00:08.652437+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-254930
+254931
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `8`
+Recently added CVEs: `1`

- [CVE-2012-6664](CVE-2012/CVE-2012-66xx/CVE-2012-6664.json) (`2024-06-21T22:15:09.767`)
- [CVE-2014-5470](CVE-2014/CVE-2014-54xx/CVE-2014-5470.json) (`2024-06-21T22:15:10.417`)
- [CVE-2022-42974](CVE-2022/CVE-2022-429xx/CVE-2022-42974.json) (`2024-06-21T22:15:10.557`)
- [CVE-2024-34452](CVE-2024/CVE-2024-344xx/CVE-2024-34452.json) (`2024-06-21T22:15:10.877`)
- [CVE-2024-34989](CVE-2024/CVE-2024-349xx/CVE-2024-34989.json) (`2024-06-21T22:15:10.947`)
- [CVE-2024-36532](CVE-2024/CVE-2024-365xx/CVE-2024-36532.json) (`2024-06-21T22:15:11.020`)
- [CVE-2024-37654](CVE-2024/CVE-2024-376xx/CVE-2024-37654.json) (`2024-06-21T22:15:11.087`)
- [CVE-2024-37694](CVE-2024/CVE-2024-376xx/CVE-2024-37694.json) (`2024-06-21T22:15:11.157`)
+- [CVE-2024-6120](CVE-2024/CVE-2024-61xx/CVE-2024-6120.json) (`2024-06-22T00:15:09.690`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

- [CVE-2024-27622](CVE-2024/CVE-2024-276xx/CVE-2024-27622.json) (`2024-06-21T22:15:10.647`)
- [CVE-2024-29025](CVE-2024/CVE-2024-290xx/CVE-2024-29025.json) (`2024-06-21T22:15:10.750`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -57657,7 +57657,7 @@ CVE-2012-6660,0,0,4204af3ea712772dc4d2606f2cf6e50a4341f1ad86d3a699d4638987ff7995
 CVE-2012-6661,0,0,f39755d71d5dcc549a8db5e512206dba577042eda0dc3867bbe57bd93b2c2a66,2014-11-05T03:32:38.557000
 CVE-2012-6662,0,0,1e751bc515057f0a0c08389a90d61351cc4d3ce27e4b7bbe699da54113df605c,2018-07-14T01:29:00.267000
 CVE-2012-6663,0,0,3f87372a88dc5ad47844a9ccc94a467ebb7601db36607697bda1bc45ab17e576,2020-01-28T20:10:46.747000
-CVE-2012-6664,1,1,4d32d0ecd8f188cf0d9d9bcc0d971ec37c249a31850ecd4f8b74cc0e68f17a7b,2024-06-21T22:15:09.767000
+CVE-2012-6664,0,0,4d32d0ecd8f188cf0d9d9bcc0d971ec37c249a31850ecd4f8b74cc0e68f17a7b,2024-06-21T22:15:09.767000
 CVE-2012-6665,0,0,4c489dc740807bb39593fa609a1515059c128f2ac44b714b33a3cf55b66a3194,2014-11-18T16:54:06.737000
 CVE-2012-6666,0,0,962b7cb2904b2d0ca796b3fd595fd8726e2100a0e8fd30af14539bc437b2ae26,2020-02-11T17:40:31.837000
 CVE-2012-6667,0,0,41abfcc68b31ea0d99df1ebdea5c67ae9abb0258c45c1107f8327c663f06ea92,2018-01-29T13:07:10.593000
@ -69393,7 +69393,7 @@ CVE-2014-5464,0,0,8deeb0281b9db4f212ca4efdc66134ce9c70ee9145596f228ca92cc47c5e63
 CVE-2014-5465,0,0,e8b4208809e03f584a6bb3cd21c0f2caf8fc4911bc0406369f6e78ca20d1fd36,2014-09-03T20:15:36.530000
 CVE-2014-5466,0,0,db9eafbbaf858dce0cad9d969bef5c12f1cdb630be454ce3009b8131d8762879,2014-12-17T19:31:00.807000
 CVE-2014-5468,0,0,812685be9ec8145ad2039b5d3daf489a0510c1859c48812122bc52998a08515c,2020-02-11T16:02:39.280000
-CVE-2014-5470,1,1,4d4ee6a8bbf3c1575a3c9a9cd5e71a3b04c2585195cd4920d156c6c260ad74ac,2024-06-21T22:15:10.417000
+CVE-2014-5470,0,0,4d4ee6a8bbf3c1575a3c9a9cd5e71a3b04c2585195cd4920d156c6c260ad74ac,2024-06-21T22:15:10.417000
 CVE-2014-5471,0,0,511c8895ca38af1a8d65229a32673dc6b2ea2427c860430ddaa267c61dd3f125,2023-11-07T02:20:50.287000
 CVE-2014-5472,0,0,a2fdef957a40c099c9f524e19471baf211bdbb59c08d4930abb8cfc2e4fbac0d,2023-11-07T02:20:50.383000
 CVE-2014-5500,0,0,d3411653c84229d5b2a0ee341eae110722fede3a1b2b0df5c988c79a9ce8736e,2020-01-28T21:17:09.127000
@ -208192,7 +208192,7 @@ CVE-2022-42970,0,0,684351571c726e3643d500eb09cd3f89b360763f0fd695f8bb69c804dc28d
 CVE-2022-42971,0,0,a1a760e3587785043d9b78a199e09a9c4c8e485ce4f48cc34275b0d788d0cab8,2023-02-08T19:43:51.890000
 CVE-2022-42972,0,0,5f3b3d9ac192cbb1a45d6a773c5e886c09251dfb9ca13b3ca9cb8c11930ec490,2023-02-08T19:40:51.330000
 CVE-2022-42973,0,0,0f6e1ea59a6d9a4bb4e66c46715b9ab0d86461aefc26a6b95446083a3d658078,2023-02-08T19:00:42.387000
-CVE-2022-42974,1,1,49f443c5827a338ddd14ea16dbc2f0da9897a889efbc29752336cec27fa650b5,2024-06-21T22:15:10.557000
+CVE-2022-42974,0,0,49f443c5827a338ddd14ea16dbc2f0da9897a889efbc29752336cec27fa650b5,2024-06-21T22:15:10.557000
 CVE-2022-42975,0,0,f256f7d52b33ef16660e0ebf6c4ccc6fe1ffaf6c18f82025b01cf1cab52da7cb,2022-10-20T14:12:10.597000
 CVE-2022-42977,0,0,4fbf7f5ca129c3ea9e7ba51c6d4ee0d909c52d7d9db35f31f31607b56dc98718,2023-08-08T14:22:24.967000
 CVE-2022-42978,0,0,02efb548f6368a021b2a0aa5395451ba1b2aaa35e6f5787da8fad0ffe5e4b189,2022-11-17T04:59:09.643000
@ -247211,7 +247211,7 @@ CVE-2024-27613,0,0,55e42cf2e4639a6096ea75af39dc974125f1048dbd4b80fc4aa61dc42e00d
 CVE-2024-27619,0,0,ac27585ed59a6668049d75158e75afc441f45955e396bf2ead784d9f82b5977e,2024-04-01T01:12:59.077000
 CVE-2024-2762,0,0,c5473e01add4107889b1ba4d796385b867989c7b4247e2eca6fa883ac1d5266d,2024-06-13T18:36:09.010000
 CVE-2024-27620,0,0,4bfc993d4e14e5106dd7a82c3dc44aa0baefcf2c7d47f57f47fe77723c791abe,2024-04-08T18:48:40.217000
-CVE-2024-27622,0,1,5fceb86cc079ea325ba370df7656c4a57ff5c2e77dedb7073d4f94d2ce8efc53,2024-06-21T22:15:10.647000
+CVE-2024-27622,0,0,5fceb86cc079ea325ba370df7656c4a57ff5c2e77dedb7073d4f94d2ce8efc53,2024-06-21T22:15:10.647000
 CVE-2024-27623,0,0,2fddee8e74e15c6e7895f22777fd9ac33928389d1ff6851e7ceeb0e05ed9e8b4,2024-03-05T14:27:46.090000
 CVE-2024-27625,0,0,d6b6da55ca3f292d09b4a714bcb504e227f68a5bde518c62e1054c68c65c7b4c,2024-03-05T14:27:46.090000
 CVE-2024-27626,0,0,03b059cdacd9bd4fdf434fcdc21be78daba5dd8b1b09db34c5aaed65f0885289,2024-03-21T12:58:51.093000
@ -248031,7 +248031,7 @@ CVE-2024-29021,0,0,456c09464e4f95665d704dc4e093723601c54deee0b072b36b2d708a61f0e
 CVE-2024-29022,0,0,4db19a3f2419aaa80a88ebcbb0e457191b072f3fcd418cd9e058914c4af75d81,2024-04-15T13:15:31.997000
 CVE-2024-29023,0,0,d903e95cdcdb4595e1169062d882080dea4ff3e1a9b90bac61480e111ad31319,2024-04-15T13:15:31.997000
 CVE-2024-29024,0,0,956c59560b7cf752c83fc101e3db1baf7896ab3619a15c2cec1bf122c43cd6a6,2024-04-01T01:12:59.077000
-CVE-2024-29025,0,1,a6999c16eef8a0b9185ccf5f77c300f46e58b01a13b7e8df5c0cf5ef43816d90,2024-06-21T22:15:10.750000
+CVE-2024-29025,0,0,a6999c16eef8a0b9185ccf5f77c300f46e58b01a13b7e8df5c0cf5ef43816d90,2024-06-21T22:15:10.750000
 CVE-2024-29026,0,0,7a7fbf8ee06d6c65b29d9a77f81f2fa0ae26dbe8caea4211ae9fe81298d43766,2024-03-21T12:58:51.093000
 CVE-2024-29027,0,0,19d697e74c890b515278322ccfb5abb998957045cfc2c03ab1afb6aaa02ec45c,2024-03-20T13:00:16.367000
 CVE-2024-29028,0,0,47d5a2beef5bf6f095867703e1beb5a1973cc12afc4b0ddaac5579d664bd222c,2024-04-19T16:19:49.043000
@ -251463,7 +251463,7 @@ CVE-2024-34448,0,0,2ee47d576d9de678e8b37edc8c4fb672f63b76bc5fc5740404718a42f40a4
 CVE-2024-34449,0,0,97d09fdadfd613905dbfd9871f1d974c32ae8fd0c469e4b64fe2252427eb7288,2024-06-04T19:20:00.563000
 CVE-2024-3445,0,0,2031eee497e177f244890449ab10d2f196dd08d103f846fc9b20779b1f74d465,2024-05-17T02:39:56.830000
 CVE-2024-34451,0,0,e70710b537fe2eeb930751f9cb9f8206f6cd9179f5b8e341e64ba4d6bec23b04,2024-06-17T12:42:04.623000
-CVE-2024-34452,1,1,2334b13963677fe15aa1df4f4d0c3bfced186e52ba6ea069fb1effa59ff65005,2024-06-21T22:15:10.877000
+CVE-2024-34452,0,0,2334b13963677fe15aa1df4f4d0c3bfced186e52ba6ea069fb1effa59ff65005,2024-06-21T22:15:10.877000
 CVE-2024-34453,0,0,9363deaf6a5ec68194d671cadb0973a2ba23402d3e2800c4f9eea6dbd677c5cd,2024-05-06T12:44:56.377000
 CVE-2024-34454,0,0,5a4e256350d1e944e58328b51d73ec47802d2b17d3b93d5d7c62570b2e291430,2024-05-28T12:39:28.377000
 CVE-2024-34455,0,0,cf6832f7361884f15470d2143d9f538281f7bb0657fc697433a93775fe331b3f,2024-05-07T18:15:08.417000
@ -251722,7 +251722,7 @@ CVE-2024-34974,0,0,519613cdbc229706fafa4388ed0de03632496af6e2fd3a5450a4996c9b966
 CVE-2024-3498,0,0,5a88bde38eadc03f84603569fdec38fe83a6606de78277714e78faa80a5569cc,2024-06-17T12:42:04.623000
 CVE-2024-34982,0,0,ef460a32eb987949d8c2a373dc7919974bee9f6e2b2a3c53ead2e4138396cd2a,2024-05-17T18:35:35.070000
 CVE-2024-34987,0,0,262d3ccca2f7e7df7be241d8326c4714ae2b44466572454690af1a110c26db06,2024-06-18T19:15:59.873000
-CVE-2024-34989,1,1,8b6b6014c5b52a35449706cfa58a6728031aebb0f65d9df003ca411259b06d82,2024-06-21T22:15:10.947000
+CVE-2024-34989,0,0,8b6b6014c5b52a35449706cfa58a6728031aebb0f65d9df003ca411259b06d82,2024-06-21T22:15:10.947000
 CVE-2024-3499,0,0,38e1f3a6ce5aff826b19a73a4f796b980cc1161eaf58f8fada2f6f87e54573a4,2024-05-02T18:00:37.360000
 CVE-2024-34990,0,0,954e9cad148d93781e06727d2db5247f2f552d787151dbf2d18611cf67a55aa3,2024-06-20T12:43:25.663000
 CVE-2024-34993,0,0,88520e58b3968956ee44832ef9bca602378dea4f2524d5113c2eaf5052b0d026,2024-06-20T12:43:25.663000
@ -252702,7 +252702,7 @@ CVE-2024-36523,0,0,779ff20f3e54c54b68fa38cf8a73a6874fca821f18024ef38fb974b398395
 CVE-2024-36527,0,0,78d7584b160535d1351b569ab12493248c714d50ee4dfafee49cf0501ef01071,2024-06-20T12:44:22.977000
 CVE-2024-36528,0,0,f25edd031c479e2eb08ab34031d71804f3bb9f2a7bd4f1a1d0b25d391d002135,2024-06-10T18:06:22.600000
 CVE-2024-36531,0,0,991b1a5a568679e84b92f85516ddb5ed86f9e4a97046e45c71aa818ce6df4847,2024-06-10T18:06:22.600000
-CVE-2024-36532,1,1,59588622f628a9e766e59400afc9655121bcb429e9640a58ed6291563d38616d,2024-06-21T22:15:11.020000
+CVE-2024-36532,0,0,59588622f628a9e766e59400afc9655121bcb429e9640a58ed6291563d38616d,2024-06-21T22:15:11.020000
 CVE-2024-3654,0,0,954800a828ed246c147def14a6599156bd18a3e2cc72072dd62b0ab02b4bbf53,2024-04-19T16:19:49.043000
 CVE-2024-36543,0,0,96dadbfc1ecb488523e1445b9cca4f88005d70a44d460cd8a195bc76559786cc,2024-06-20T12:44:22.977000
 CVE-2024-36547,0,0,6660ddee6e567c7988e43d4b24008e0896770307b9894b7b829c762e8a195005,2024-06-06T15:16:11.897000
@ -253117,7 +253117,7 @@ CVE-2024-37643,0,0,dd4dd1cf62f3e08f00b2f338cadf964b79fd48d825ed68a41a2bd5d2e825e
 CVE-2024-37644,0,0,5f7f97e28e218e3fb348230aa8347ee3b0354d72853f4d6c2591e151f0231333,2024-06-17T12:42:04.623000
 CVE-2024-37645,0,0,1f2d6a8f87fac13d3d11d6cbec3b695ad44ed6f32f14768d5b077122546347a3,2024-06-17T12:42:04.623000
 CVE-2024-3765,0,0,4fdba2eb80818b350bc57cc64ca06a70a8e5d2cec5cc9e99a6b5fff1df632742,2024-05-17T02:40:06.923000
-CVE-2024-37654,1,1,bfe186dd8770e8a9781221dcafdd78b7e079c590fc95991e151268f2e9524093,2024-06-21T22:15:11.087000
+CVE-2024-37654,0,0,bfe186dd8770e8a9781221dcafdd78b7e079c590fc95991e151268f2e9524093,2024-06-21T22:15:11.087000
 CVE-2024-3766,0,0,332312c4ae938e5b9f3b0590f4ebc42c71b180341fc998112e3b0be5e6d60da1,2024-06-20T16:15:14.380000
 CVE-2024-37661,0,0,81e23698cd648834aff1e39e66ffecdc62f564b919dc4643e362915df5fa1b2a,2024-06-20T12:44:22.977000
 CVE-2024-37662,0,0,2581d16ac0c1e64ed9489a4956fd58fc745c5ab4cf8c43694c38d8d5ee60569c,2024-06-20T12:44:22.977000
@ -253133,7 +253133,7 @@ CVE-2024-37675,0,0,2d85884f52ce751c1f86857c3080dbca34070b59adfb64d2a979b44418ef3
 CVE-2024-37676,0,0,271c181410aeef63099cc3810bbe7ece43a1293b5e30299840a89bd5cddc9e2d,2024-06-21T11:22:01.687000
 CVE-2024-3768,0,0,778d3eea8bf87c1f80239f04628ed71cfd577dabb0ce88459344c4cd4d61bb16,2024-05-17T02:40:07.203000
 CVE-2024-3769,0,0,a35a1a6580261497cd040b87c6b68395a49a236a06454712c9a126123641e120,2024-05-17T02:40:07.297000
-CVE-2024-37694,1,1,b5443d606b3fdcb928d14f416949c0c2b3a5fcdf4505d05407ccf938b25cfe71,2024-06-21T22:15:11.157000
+CVE-2024-37694,0,0,b5443d606b3fdcb928d14f416949c0c2b3a5fcdf4505d05407ccf938b25cfe71,2024-06-21T22:15:11.157000
 CVE-2024-37699,0,0,4dbc4cc43381178db8164cc7fab8921d282a1da18f386f777bcca4060de1fdc6,2024-06-21T11:22:01.687000
 CVE-2024-3770,0,0,8954a3ad0db5fc9b48d9243a1de01e444d03084d0f8b5d5da9ebc562e8f0e6a6,2024-05-17T02:40:07.387000
 CVE-2024-3771,0,0,1bf22922ed0657906343b6368a2362d22a78a1ff9d5272db064e582b3b0855d4,2024-05-17T02:40:07.477000
@ -254885,6 +254885,7 @@ CVE-2024-6113,0,0,2758e7c3cd85245ae6a2ad9a4a7217abac687e9fa00a3d92e721d936abed15
 CVE-2024-6114,0,0,dc0a82373381e9c7cd4b1e6c5bf523878ecb08863d5210f6468d495d6395d8da,2024-06-20T12:44:01.637000
 CVE-2024-6115,0,0,a9f6dd92ef3b2f9b6542508effdf3ace054749ced1343c5fd4f924ccbd13328b,2024-06-20T12:44:01.637000
 CVE-2024-6116,0,0,5843dd08daba10a4f1c43a634f4172ccf9c702c464ac49dc5f784b4aa5e3fcb5,2024-06-20T12:44:01.637000
+CVE-2024-6120,1,1,92c47b803dd834323f58d34f6d6933e7d3feee2a7f49e89f30d9740f74ae0640,2024-06-22T00:15:09.690000
 CVE-2024-6125,0,0,85b92914638eb24a081146fd823c584c2333b183768ef26d618955e83646311b,2024-06-20T12:44:01.637000
 CVE-2024-6128,0,0,cd2531d89b3a76f4be34b5ead44f5b65458326ae9dfb5c97dcd0243e237eb5b3,2024-06-21T16:15:12.570000
 CVE-2024-6129,0,0,dfa20fd20a0a3099fcdc2f66c56de27040819ee45bd7efe66cb95f894b77d645,2024-06-20T12:44:01.637000