Auto-Update: 2025-01-18T05:00:20.249364+00:00

2025-07-09 16:05:11 +00:00 · 2025-01-18 05:03:46 +00:00 · 2025-01-18 05:03:46 +00:00 · 368b02ba3d
commit 368b02ba3d
parent 0161780baf
3 changed files with 74 additions and 5 deletions
--- a/CVE-2024/CVE-2024-120xx/CVE-2024-12071.json
+++ b/CVE-2024/CVE-2024-120xx/CVE-2024-12071.json
@ -0,0 +1,68 @@
+{
+  "id": "CVE-2024-12071",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T04:15:06.690",
+  "lastModified": "2025-01-18T04:15:06.690",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Evergreen Content Poster \u2013 Auto Post and Schedule Your Best Content to Social Media plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_network_post() function in all versions up to, and including, 1.4.4. This makes it possible for unauthenticated attackers to delete arbitrary posts and pages."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/evergreen-content-poster/trunk/admin/class-evergreen_content_poster-admin.php#L333",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/evergreen-content-poster/trunk/includes/class-evergreen_content_poster.php#L345",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3224190%40evergreen-content-poster&new=3224190%40evergreen-content-poster&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa07f48f-370f-4985-a6fc-a94ed5c59ed4?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-01-18T03:00:22.416979+00:00
+2025-01-18T05:00:20.249364+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-01-18T01:15:07.633000+00:00
+2025-01-18T04:15:06.690000+00:00
 ```

 ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-278025
+278026
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2025-23209](CVE-2025/CVE-2025-232xx/CVE-2025-23209.json) (`2025-01-18T01:15:07.633`)
+- [CVE-2024-12071](CVE-2024/CVE-2024-120xx/CVE-2024-12071.json) (`2025-01-18T04:15:06.690`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -245053,6 +245053,7 @@ CVE-2024-12064,0,0,5bbffd5016c2c66c65f1cad07469a2c9304ddde32e6765225186e453c653a
 CVE-2024-12066,0,0,b8b74ff74daf8006195a72a7866cbbcaf66d537ba02c482e9dfaf1c6e82963a9,2024-12-21T07:15:08.907000
 CVE-2024-12067,0,0,1e92db34fdb6070fa741c6f0fc31b2e9eacb1c54540470e816605dc679b61bb9,2025-01-09T11:15:11.647000
 CVE-2024-1207,0,0,7ca2a33c54192dfcfa7fe7f99bed16fbfa1215b4ac8ba5de485b890ce26af06c,2024-11-21T08:50:02.457000
+CVE-2024-12071,1,1,4892a0257a8e38f22462c3c3c3105d7a454d8d7732fd022887412193b58ae3a5,2025-01-18T04:15:06.690000
 CVE-2024-12072,0,0,a174c14ab62255e805373ea4d76cdd13bc3d9cbde3ba4a3927979f9e7d419d41,2024-12-12T06:15:23.383000
 CVE-2024-12073,0,0,d6db2f0c4889187ac33654deef83fc5d0350b2e32b900f5fdab17885bff03ab5,2025-01-07T06:15:15.367000
 CVE-2024-12077,0,0,fc51d2e5a9f19fe3fbf82780f8b1560f161bbef921778ce0625a7b0a0068014e,2025-01-07T08:15:24.927000
@ -277813,7 +277814,7 @@ CVE-2025-23205,0,0,5dde18f3e1001012d88c0b2d8c423eb8fb8c3ba6cae70cd1181e6ed64426f
 CVE-2025-23206,0,0,ea12574764f66c161153bcbbbe1a91d389bf6c6631d0c7b641a3ca1fa029cc28,2025-01-17T21:15:12.003000
 CVE-2025-23207,0,0,e5de4237889cfabf27065c43b82af396f478aa914ba2d9d161effc65eaba9de4,2025-01-17T22:15:29.523000
 CVE-2025-23208,0,0,722b719f9dcffb0743a2a700fd962fc8d87ee9dd12d5c90b42efdfb8cdbc3a0a,2025-01-17T23:15:13.107000
-CVE-2025-23209,1,1,b5f5728016cefcd5c65fac9ec6e4863e254ca00e3ac538f16ec17bdaa0bbd53c,2025-01-18T01:15:07.633000
+CVE-2025-23209,0,0,b5f5728016cefcd5c65fac9ec6e4863e254ca00e3ac538f16ec17bdaa0bbd53c,2025-01-18T01:15:07.633000
 CVE-2025-23366,0,0,9c322475015bf02d1585352d78c1a1b463f803a5f9fa5af211a6e73349c16f8f,2025-01-14T18:16:06.290000
 CVE-2025-23423,0,0,b6f59e601cdbaad011f370832d8ff10b7231d5875d4fb9da3b536bb65b8259e8,2025-01-16T20:15:33.573000
 CVE-2025-23424,0,0,af50c9c9dec5ab1ce79e37d50537a1d0fe21f0f1e703c32c29cd7fa3dc996735,2025-01-16T20:15:33.723000