From 3d04dba1fbc623ae38a4f897492b31dc0babf5cc Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 5 Oct 2024 08:03:18 +0000 Subject: [PATCH] Auto-Update: 2024-10-05T08:00:17.239853+00:00 --- CVE-2024/CVE-2024-87xx/CVE-2024-8743.json | 60 +++++++++++++++++++++++ README.md | 20 +++----- _state.csv | 19 +++---- 3 files changed, 76 insertions(+), 23 deletions(-) create mode 100644 CVE-2024/CVE-2024-87xx/CVE-2024-8743.json diff --git a/CVE-2024/CVE-2024-87xx/CVE-2024-8743.json b/CVE-2024/CVE-2024-87xx/CVE-2024-8743.json new file mode 100644 index 00000000000..b702fc5062a --- /dev/null +++ b/CVE-2024/CVE-2024-87xx/CVE-2024-8743.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2024-8743", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-10-05T07:15:12.297", + "lastModified": "2024-10-05T07:15:12.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Bit File Manager \u2013 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. This is due to a lack of proper checks on allowed file types. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an administrator, to upload .css and .js files, which could lead to Stored Cross-Site Scripting." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3161219/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/314520d5-bd9d-46c1-b903-5e5cb3bb3417?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 87feacbb3f5..c7bd0c4068a 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-10-05T04:00:17.575723+00:00 +2024-10-05T08:00:17.239853+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-10-05T03:15:02.447000+00:00 +2024-10-05T07:15:12.297000+00:00 ``` ### Last Data Feed Release @@ -33,28 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -264534 +264535 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `1` -- [CVE-2024-47841](CVE-2024/CVE-2024-478xx/CVE-2024-47841.json) (`2024-10-05T02:15:02.470`) -- [CVE-2024-9385](CVE-2024/CVE-2024-93xx/CVE-2024-9385.json) (`2024-10-05T02:15:02.600`) -- [CVE-2024-9455](CVE-2024/CVE-2024-94xx/CVE-2024-9455.json) (`2024-10-05T02:15:02.827`) -- [CVE-2024-9528](CVE-2024/CVE-2024-95xx/CVE-2024-9528.json) (`2024-10-05T03:15:02.447`) +- [CVE-2024-8743](CVE-2024/CVE-2024-87xx/CVE-2024-8743.json) (`2024-10-05T07:15:12.297`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` +Recently modified CVEs: `0` -- [CVE-2023-23640](CVE-2023/CVE-2023-236xx/CVE-2023-23640.json) (`2024-10-05T02:04:13.263`) -- [CVE-2024-31294](CVE-2024/CVE-2024-312xx/CVE-2024-31294.json) (`2024-10-05T02:01:28.300`) -- [CVE-2024-41715](CVE-2024/CVE-2024-417xx/CVE-2024-41715.json) (`2024-10-05T02:16:15.997`) -- [CVE-2024-45987](CVE-2024/CVE-2024-459xx/CVE-2024-45987.json) (`2024-10-05T02:21:24.450`) -- [CVE-2024-8318](CVE-2024/CVE-2024-83xx/CVE-2024-8318.json) (`2024-10-05T02:10:34.703`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 318af0c7634..e1e00d45900 100644 --- a/_state.csv +++ b/_state.csv @@ -217553,7 +217553,7 @@ CVE-2023-23637,0,0,8303c2e888f4a7f7be3861e3dd96442a11d683fc03173c478fa0af6f42917 CVE-2023-23638,0,0,c798c27985bf183b36d281532d811c42a95db85432ae20ee49e04ec4e03cbf8b,2023-11-07T04:07:50.990000 CVE-2023-23639,0,0,609b39ace6a6dec0659c782fcf6da5dd20dad42cd06a4def317a7a1aa722e692,2024-10-05T01:37:41.107000 CVE-2023-2364,0,0,ef2fa89d6009c2c0b9501247c770157813a8ca3461f78ce280790e9fc931b9dc,2024-05-17T02:22:53.063000 -CVE-2023-23640,0,1,3cbb88c0f5af99ec512e3dba8b675700fb698479049cd57ca836ed757a4e1fd6,2024-10-05T02:04:13.263000 +CVE-2023-23640,0,0,3cbb88c0f5af99ec512e3dba8b675700fb698479049cd57ca836ed757a4e1fd6,2024-10-05T02:04:13.263000 CVE-2023-23641,0,0,9e0bf1ea6e96cfa227eb36bfb2991b91b3191e168b28cc245f74934ce61a383b,2023-05-22T20:02:44.160000 CVE-2023-23645,0,0,909a4faff18d07c3f737541bddbf0bd492484422035c2726de49e50d80365a67,2024-05-17T18:36:05.263000 CVE-2023-23646,0,0,698f6d9b297a7cdc5bc16f33439d1b1197291570102d6e92f6330ae41b0473dc,2023-07-26T01:11:44.107000 @@ -251175,7 +251175,7 @@ CVE-2024-31290,0,0,0f179f60c298c3b186585b91ce98871100ea32c9c7a621a2993d35ca67bdb CVE-2024-31291,0,0,c952666de994b16b43c7a33e04dca2ff218752cddd6e30ff48fef4e55e8982cf,2024-04-08T18:48:40.217000 CVE-2024-31292,0,0,3504dd44cc43ee78a8cd50949942b1dbb9d71a35bec54315a7d8b7561798c985,2024-04-08T18:48:40.217000 CVE-2024-31293,0,0,d20d156a0f8c87d673a5cdec66f54fecd5aa8889f6ab87bd7bd7bf0942a8285b,2024-04-15T13:15:51.577000 -CVE-2024-31294,0,1,d0a7d4843372e24e4cc04ee14520ab11080aa2c28445f84ac289e01a70efb681,2024-10-05T02:01:28.300000 +CVE-2024-31294,0,0,d0a7d4843372e24e4cc04ee14520ab11080aa2c28445f84ac289e01a70efb681,2024-10-05T02:01:28.300000 CVE-2024-31295,0,0,37dba956c7cb8ce01666b5ea152d0441b7649235a44c66cce9a88302fababc75,2024-05-17T18:36:05.263000 CVE-2024-31296,0,0,dd2f2950324e5c8dc05ecfdeaf16703477baaedac80f2e8ee5c00844b0d341be,2024-04-08T18:48:40.217000 CVE-2024-31297,0,0,f6e46aa48a8ed8a8a82c7ddf5442e06c8e41c73375e1b3244f5db8687886d057,2024-04-10T19:49:51.183000 @@ -258162,7 +258162,7 @@ CVE-2024-41709,0,0,6713bfc73e81c65bc7923627db30413fcbe413ec587fff89449c3abd86e7e CVE-2024-4171,0,0,87597e8caa4479ab69c883527c35fc22af72d614757313d16953f50dcfa107c2,2024-06-04T19:20:31.980000 CVE-2024-41710,0,0,60d485e1ae4ab9a6a76b69400c8e45c5632e291398c40e0cff7baeda3bb118be,2024-08-14T18:35:06.257000 CVE-2024-41711,0,0,a7d50100784e2b53720ec9203abd546adbf9c7f45f11894e83b991465b2f1919,2024-08-14T16:35:15.033000 -CVE-2024-41715,0,1,1e19e0d2e95094d001e574e5ec8e07025bc6520ada6d3a3d444b19001a84d7c8,2024-10-05T02:16:15.997000 +CVE-2024-41715,0,0,1e19e0d2e95094d001e574e5ec8e07025bc6520ada6d3a3d444b19001a84d7c8,2024-10-05T02:16:15.997000 CVE-2024-41716,0,0,add00a3b8bb5c856cb11efe54462b72e0907045ad71076c98ae404e938cc3293,2024-09-13T19:53:47.723000 CVE-2024-41718,0,0,7651686104923551937c1bf922db9a37da5f3ad1631e564fe3c0dca9a6e79a72,2024-09-03T11:15:15.050000 CVE-2024-41719,0,0,9153c34983715c653b1c300082bd1504f28f779a4622f52f1934f7c462bf8faf,2024-08-19T18:40:35.203000 @@ -260414,7 +260414,7 @@ CVE-2024-45983,0,0,47a651db6002a6bfd3e82bafffaac1886e81f4692dc67d6e4d2483e3dc577 CVE-2024-45984,0,0,829531605b75a351fb56301753b24a33b57031b7baaa6c10937b46d15b07e739,2024-09-30T12:46:20.237000 CVE-2024-45985,0,0,91f6b11d4a0e69e50043609710335a2e6ecb9c0b2023813e0b5e8a7a41eb0525,2024-09-30T12:46:20.237000 CVE-2024-45986,0,0,a85d3ec3755f724362fff27a6a522f83d6b30d560b1ead4324df3dd3027d06bf,2024-09-30T12:46:20.237000 -CVE-2024-45987,0,1,f32b18c92e6963d060ce6ae4c06d24935f9488838fb2d7a9da7659071011b899,2024-10-05T02:21:24.450000 +CVE-2024-45987,0,0,f32b18c92e6963d060ce6ae4c06d24935f9488838fb2d7a9da7659071011b899,2024-10-05T02:21:24.450000 CVE-2024-45989,0,0,ab3f6bd3392b087dcb35df06d536b3edd1a33ced94d9672493bfe0cf20988e7e,2024-09-30T12:46:20.237000 CVE-2024-4599,0,0,97a585846a1cde14c82c7df8029410945eada1b1651bcc856b8e29367f63ecca,2024-05-07T13:39:32.710000 CVE-2024-45993,0,0,350b08a6cc2d250cbd03f88d3d0b93865e2ed8a596686ac9cdf0d0569cd66a5b,2024-10-04T13:51:25.567000 @@ -261076,7 +261076,7 @@ CVE-2024-4782,0,0,37dcdb14f7d23ae467b62646ac8eb504448e2a7781e3c175892c72dc54d3ae CVE-2024-4783,0,0,413c0436e6758a988a0c847533b21e34b17a9d936626eba8cda1a5d1f87e0181,2024-05-24T01:15:30.977000 CVE-2024-4784,0,0,4cc2a5a387e2d44a289947f3cae3cd294fd9977dc8f62a4a2754567f4ad78544,2024-08-23T16:59:30.430000 CVE-2024-47840,0,0,2af3bee25b1702c6dc0adb76f7b5b59a4851969bef12b213034c47b48b258b47,2024-10-05T01:15:12.107000 -CVE-2024-47841,1,1,e32c6a2687c1cf875cccdae8a34e0555fe82273a17ace5908bee3b8a19718fea,2024-10-05T02:15:02.470000 +CVE-2024-47841,0,0,e32c6a2687c1cf875cccdae8a34e0555fe82273a17ace5908bee3b8a19718fea,2024-10-05T02:15:02.470000 CVE-2024-47845,0,0,635ba9bccad8551fc613f2e237296c21ce817ceedb4be2a9be383ddcc98a411f,2024-10-05T01:15:12.237000 CVE-2024-47846,0,0,0adcd7063b2395a255cabd8e399537ae86a6a3562396b07a91b6e9c6e645b7d7,2024-10-05T01:15:12.360000 CVE-2024-47847,0,0,8bb581ee5c6b46cd381ad9ae39d7ff2309c88adf7df1ab8b12d4cb89a0115fa3,2024-10-05T01:15:12.493000 @@ -263952,7 +263952,7 @@ CVE-2024-8310,0,0,7c8549a7a64d3579b34aa56e199885805550ab7f5a2102b636629253bc8a75 CVE-2024-8311,0,0,5b6832ab4de9e09983d490e9b9cfb24e40403bdf974bac09340ae2b77983823b,2024-09-18T19:12:52.810000 CVE-2024-8316,0,0,3b475263f4e092896f126b94bae35b22c4bf5a5b5af6a3f22b6258e0c397de01,2024-10-03T01:01:37.380000 CVE-2024-8317,0,0,75ca94f8a803caa3f0996235375e7a6ab4757d251a8a35a9b32dc3ad55213ecc,2024-09-11T17:46:03.753000 -CVE-2024-8318,0,1,1b5c2a7dc9b75888f87897ddfaf12f7c73553720d33dcd65ceff4420ae5bb680,2024-10-05T02:10:34.703000 +CVE-2024-8318,0,0,1b5c2a7dc9b75888f87897ddfaf12f7c73553720d33dcd65ceff4420ae5bb680,2024-10-05T02:10:34.703000 CVE-2024-8319,0,0,19bee7e43deb1719502aef7eb4c05b0fb28cffea0ae04999821f01ddbcc0e265,2024-09-03T14:43:13.787000 CVE-2024-8320,0,0,67cff6908a40f6de0a5d55f45cee63784fe7b54f56159b5877dcd792142b0c2f,2024-09-12T21:51:58.960000 CVE-2024-8321,0,0,595129502821252825346a9a34e636ff1fd5806e1274bb50a0e529e9f41ab2d6,2024-09-12T21:53:22.677000 @@ -264228,6 +264228,7 @@ CVE-2024-8737,0,0,a8f5a9ac08b3915d238b7b0f4fdae19f4d9de463f7b6e5257b850817c52f34 CVE-2024-8738,0,0,8d7254f4f1af2919bab9c4b9c8e7ac85cdc1b41f46ed454e2ea854234d64d13d,2024-09-26T16:48:19.490000 CVE-2024-8741,0,0,b4e1d7f7dfc20b3d40ed40689f6d2a74196871e98895f038c49cf39f3f685863,2024-10-02T16:37:16.407000 CVE-2024-8742,0,0,22ad08a64cc55234113e83ee811bd639e6d0a7f5c2878d141833012213ce6335,2024-09-27T16:28:07.827000 +CVE-2024-8743,1,1,59b2b24ac341db38092f7dd2a074edcfffa9c8083c75b055ad0bfe96a8f73499,2024-10-05T07:15:12.297000 CVE-2024-8747,0,0,c8071dd8d89406610db13dc6a04dbbb98461ebd7257641ae31a11de6b1ad5c9f,2024-09-26T19:23:12.477000 CVE-2024-8749,0,0,dc7dd50ec6adedb45c385a82f706a7ab45f55e506e70a64a626b0d8f521f6289,2024-09-18T18:53:54.860000 CVE-2024-8750,0,0,6aa000b45a0c694359dda91e7e992492dcd4e93d6e7b8c131ee0a86fa36b5620,2024-09-18T20:38:42.123000 @@ -264498,7 +264499,7 @@ CVE-2024-9372,0,0,10044aa8051896e85376f9c9a7c998e54b899918a5f49add6f2a59ddb1044a CVE-2024-9375,0,0,a9c3ca594e219c636214fd2ce314e67161e6c9af25ea164279fc4bb791df9806,2024-10-04T13:50:43.727000 CVE-2024-9378,0,0,7a8325e6b9b9ab5f87224c3f7949059cac46c7e9016e933e1570af8b9833e04e,2024-10-04T13:50:43.727000 CVE-2024-9384,0,0,4f253b4f2066223670f6dee57b053f19faa6b05364caf5542c3a801535a8dd5a,2024-10-04T13:50:43.727000 -CVE-2024-9385,1,1,25145b57342f5b34ee7029dc6487a689ca1bdddfcf7cbc091b96c1c491d1b304,2024-10-05T02:15:02.600000 +CVE-2024-9385,0,0,25145b57342f5b34ee7029dc6487a689ca1bdddfcf7cbc091b96c1c491d1b304,2024-10-05T02:15:02.600000 CVE-2024-9391,0,0,7d6eba489d698d80c25274418cf61f043b91561cc903d053b7833bff789db601,2024-10-04T13:51:25.567000 CVE-2024-9392,0,0,beca44e590b21e5502ca4e733f60749ac893cd13053addd71013500d8f613300,2024-10-04T13:51:25.567000 CVE-2024-9393,0,0,96bdaf874ad6083dd8fd8845ba7fe8bf267c5ff001eb7dd6e7d50847bf69aa1b,2024-10-04T13:51:25.567000 @@ -264523,7 +264524,7 @@ CVE-2024-9435,0,0,dd30383dc280040df042a11097fa6cc76ccaa80c55710936c096ba1dc41cad CVE-2024-9440,0,0,843a4b0691140c8544f03abfab0d72b48e96752c7147156cb98041d58d09b93a,2024-10-04T13:50:43.727000 CVE-2024-9441,0,0,1eef796e7a879df6819e9c253093e433508e2bb2fbba7042830a70bc7a4951a7,2024-10-04T13:50:43.727000 CVE-2024-9445,0,0,0c93ce7f42df628ab9963b0c4991253722d7526551714beaaf6a06be3b0d53b0,2024-10-04T13:50:43.727000 -CVE-2024-9455,1,1,e56132275ab5f83c0555e60cbf6c95a62b60c6ca9fa821a9c8c48f4cfb3933ca,2024-10-05T02:15:02.827000 +CVE-2024-9455,0,0,e56132275ab5f83c0555e60cbf6c95a62b60c6ca9fa821a9c8c48f4cfb3933ca,2024-10-05T02:15:02.827000 CVE-2024-9460,0,0,b1e465c88eb90ead630b69c31ba7996284434b6d6cb7ca81e044245f760d2699,2024-10-04T13:50:43.727000 CVE-2024-9481,0,0,d47799c935f3894a1eb77a57851e2857614dcde60b18ca54bd2e7df5819c5f83,2024-10-04T13:50:43.727000 CVE-2024-9482,0,0,f3165a4a24a2f9114d882c0f7f29d9fd657c327243b8585b7ba3adb352065c7e,2024-10-04T13:50:43.727000 @@ -264532,4 +264533,4 @@ CVE-2024-9484,0,0,09a6a45178e5434bfb1cb0415a67ebc11284aea03e94bd83c401b848478b5c CVE-2024-9513,0,0,10f22e26d94cea8688c054ad49deba44171c8b07bc6c0d1de3fa45dd9ff56e5a,2024-10-04T13:50:43.727000 CVE-2024-9514,0,0,a53f44accfe30910c541c9413b06e85ad70baafde1404ed3bbfe26f781762e2e,2024-10-04T14:15:05.910000 CVE-2024-9515,0,0,61876f9f404131a68b50426992d9bacb784e56537f2a34f2232f3fbcd09a799e,2024-10-04T14:15:06.210000 -CVE-2024-9528,1,1,a67033828dc64ab8097f9cad1507ec37a96a1d18a16a5e9dfac7c1b08408a02f,2024-10-05T03:15:02.447000 +CVE-2024-9528,0,0,a67033828dc64ab8097f9cad1507ec37a96a1d18a16a5e9dfac7c1b08408a02f,2024-10-05T03:15:02.447000