Auto-Update: 2024-06-02T06:00:37.048770+00:00

2025-07-09 16:05:11 +00:00 · 2024-06-02 06:03:28 +00:00 · 2024-06-02 06:03:28 +00:00 · 390f867b84
commit 390f867b84
parent 7da9abcab6
3 changed files with 425 additions and 400 deletions
--- a/CVE-2024/CVE-2024-43xx/CVE-2024-4344.json
+++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4344.json
@ -0,0 +1,51 @@
+{
+  "id": "CVE-2024-4344",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-06-02T05:15:47.620",
+  "lastModified": "2024-06-02T05:15:47.620",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 19.1.13. This is due to missing or incorrect nonce validation on the exec function. This makes it possible for unauthenticated attackers to disable pin protection for the admin interface of the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/wp-simple-firewall/trunk/src/lib/src/ActionRouter/Actions/SecurityAdminRemove.php",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3079504%40wp-simple-firewall%2Ftrunk&old=3079461%40wp-simple-firewall%2Ftrunk&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d3b9cde-e4d8-4217-96b4-f6ad00cd3a2d?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-02T02:00:29.205992+00:00
+2024-06-02T06:00:37.048770+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-02T00:15:38.310000+00:00
+2024-06-02T05:15:47.620000+00:00
 ```

 ### Last Data Feed Release
@ -33,47 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-252365
+252366
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

- [CVE-2024-35645](CVE-2024/CVE-2024-356xx/CVE-2024-35645.json) (`2024-06-02T00:15:37.840`)
- [CVE-2024-35646](CVE-2024/CVE-2024-356xx/CVE-2024-35646.json) (`2024-06-02T00:15:38.097`)
- [CVE-2024-35647](CVE-2024/CVE-2024-356xx/CVE-2024-35647.json) (`2024-06-02T00:15:38.310`)
+- [CVE-2024-4344](CVE-2024/CVE-2024-43xx/CVE-2024-4344.json) (`2024-06-02T05:15:47.620`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `364`
+Recently modified CVEs: `0`

- [CVE-2024-4429](CVE-2024/CVE-2024-44xx/CVE-2024-4429.json) (`2024-05-28T17:11:55.903`)
- [CVE-2024-4455](CVE-2024/CVE-2024-44xx/CVE-2024-4455.json) (`2024-05-24T13:03:05.093`)
- [CVE-2024-5039](CVE-2024/CVE-2024-50xx/CVE-2024-5039.json) (`2024-05-29T15:18:26.427`)
- [CVE-2024-5185](CVE-2024/CVE-2024-51xx/CVE-2024-5185.json) (`2024-05-29T15:18:26.427`)
- [CVE-2024-5273](CVE-2024/CVE-2024-52xx/CVE-2024-5273.json) (`2024-05-24T18:09:20.027`)
- [CVE-2024-5274](CVE-2024/CVE-2024-52xx/CVE-2024-5274.json) (`2024-05-29T01:00:04.140`)
- [CVE-2024-5310](CVE-2024/CVE-2024-53xx/CVE-2024-5310.json) (`2024-05-24T13:03:05.093`)
- [CVE-2024-5312](CVE-2024/CVE-2024-53xx/CVE-2024-5312.json) (`2024-05-24T13:03:05.093`)
- [CVE-2024-5314](CVE-2024/CVE-2024-53xx/CVE-2024-5314.json) (`2024-05-24T13:03:05.093`)
- [CVE-2024-5315](CVE-2024/CVE-2024-53xx/CVE-2024-5315.json) (`2024-05-24T13:03:05.093`)
- [CVE-2024-5318](CVE-2024/CVE-2024-53xx/CVE-2024-5318.json) (`2024-05-24T18:09:20.027`)
- [CVE-2024-5326](CVE-2024/CVE-2024-53xx/CVE-2024-5326.json) (`2024-05-30T13:15:41.297`)
- [CVE-2024-5410](CVE-2024/CVE-2024-54xx/CVE-2024-5410.json) (`2024-05-28T12:39:28.377`)
- [CVE-2024-5411](CVE-2024/CVE-2024-54xx/CVE-2024-5411.json) (`2024-05-28T12:39:28.377`)
- [CVE-2024-5413](CVE-2024/CVE-2024-54xx/CVE-2024-5413.json) (`2024-05-28T14:59:09.827`)
- [CVE-2024-5414](CVE-2024/CVE-2024-54xx/CVE-2024-5414.json) (`2024-05-28T14:59:09.827`)
- [CVE-2024-5415](CVE-2024/CVE-2024-54xx/CVE-2024-5415.json) (`2024-05-28T14:59:09.827`)
- [CVE-2024-5428](CVE-2024/CVE-2024-54xx/CVE-2024-5428.json) (`2024-05-28T14:59:09.827`)
- [CVE-2024-5515](CVE-2024/CVE-2024-55xx/CVE-2024-5515.json) (`2024-05-30T13:40:12.593`)
- [CVE-2024-5516](CVE-2024/CVE-2024-55xx/CVE-2024-5516.json) (`2024-05-30T18:19:11.743`)
- [CVE-2024-5517](CVE-2024/CVE-2024-55xx/CVE-2024-5517.json) (`2024-05-30T18:19:11.743`)
- [CVE-2024-5518](CVE-2024/CVE-2024-55xx/CVE-2024-5518.json) (`2024-05-30T18:18:58.870`)
- [CVE-2024-5519](CVE-2024/CVE-2024-55xx/CVE-2024-5519.json) (`2024-05-30T18:18:58.870`)
- [CVE-2024-5520](CVE-2024/CVE-2024-55xx/CVE-2024-5520.json) (`2024-05-30T13:15:41.297`)
- [CVE-2024-5521](CVE-2024/CVE-2024-55xx/CVE-2024-5521.json) (`2024-05-30T13:15:41.297`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv