Auto-Update: 2025-01-25T05:00:19.644483+00:00

2025-05-07 19:16:29 +00:00 · 2025-01-25 05:03:46 +00:00 · 2025-01-25 05:03:46 +00:00 · 475aee6968
commit 475aee6968
parent df66a068ec
3 changed files with 71 additions and 13 deletions
--- a/CVE-2024/CVE-2024-137xx/CVE-2024-13709.json
+++ b/CVE-2024/CVE-2024-137xx/CVE-2024-13709.json
@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13709",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-25T04:15:07.670",
+  "lastModified": "2025-01-25T04:15:07.670",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on the 'linear-debug'. This makes it possible for unauthenticated attackers to reset the plugin's cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/linear/trunk/includes/class-linear-settings.php#L1874",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/83af4ee4-2763-4706-8cb2-fa102a72be68?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-01-25T03:00:19.912311+00:00
+2025-01-25T05:00:19.644483+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-01-25T02:15:26.990000+00:00
+2025-01-25T04:15:07.670000+00:00
 ```

 ### Last Data Feed Release
@ -33,23 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-278931
+278932
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

- [CVE-2025-0357](CVE-2025/CVE-2025-03xx/CVE-2025-0357.json) (`2025-01-25T02:15:26.990`)
- [CVE-2025-24360](CVE-2025/CVE-2025-243xx/CVE-2025-24360.json) (`2025-01-25T01:15:24.047`)
- [CVE-2025-24361](CVE-2025/CVE-2025-243xx/CVE-2025-24361.json) (`2025-01-25T01:15:24.193`)
+- [CVE-2024-13709](CVE-2024/CVE-2024-137xx/CVE-2024-13709.json) (`2025-01-25T04:15:07.670`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

- [CVE-2025-23006](CVE-2025/CVE-2025-230xx/CVE-2025-23006.json) (`2025-01-25T02:00:01.990`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -246176,6 +246176,7 @@ CVE-2024-13683,0,0,fb57f44e8b2d58d524faa1dd2ea3874f278594c1d56e7f409ae90b680d7e7
 CVE-2024-1369,0,0,6f4848b431d59906fc570cd21627f350db35226c120e93c5a8a911f55c4de4fa,2024-11-21T08:50:25.857000
 CVE-2024-13698,0,0,dc17e4312525981bb14f68ea913383417af07334780551d0e9684f2f5489da45,2025-01-24T16:15:34.597000
 CVE-2024-1370,0,0,9f0498253935aff35f1be521427ae96ebc633e827d9cc62afad8ecd6626aa44f,2024-11-21T08:50:26.027000
+CVE-2024-13709,1,1,7d11e0e002d231ab97d4c4838853b33e61be12c236e56c435ef75a396b4f88ea,2025-01-25T04:15:07.670000
 CVE-2024-1371,0,0,700f360c37065b466d7daf295c0b566055365a6732e2b4756cd7fe3bd3dfd8e6,2024-11-21T08:50:26.150000
 CVE-2024-1372,0,0,ba2b445471fec156b955b505675756eb0a79c6540c94f30d84a8242b3e912ff8,2024-11-21T08:50:26.277000
 CVE-2024-1373,0,0,fe1a60358155e50861f1a17ac7fa6b7d28a7605ff8e98d9097ab1950f180ef33,2024-03-11T10:15:49.383000
@ -277540,7 +277541,7 @@ CVE-2025-0349,0,0,5c5bde0373ec0c26c713a0d565cd6e4461e0dfe3c3d54fa435cc26640f811d
 CVE-2025-0354,0,0,428d38f2781814173c07276c3123b7894bf18887b24de42981453e8b9fe91fd5,2025-01-21T04:15:07.147000
 CVE-2025-0355,0,0,60139aab38184d5553deea3c96ee67451ff405f2b0f65acb32b8c01c91586866,2025-01-21T04:15:07.877000
 CVE-2025-0356,0,0,00c4e703b995e5d2c2e4f165848b6efa20e85198e0b810bdb74efa5802e75a40,2025-01-21T04:15:07.980000
-CVE-2025-0357,1,1,637a6ef73ca88597a9faee7a213f2c9e042293b4e1599306e7baf4be91a58fdb,2025-01-25T02:15:26.990000
+CVE-2025-0357,0,0,637a6ef73ca88597a9faee7a213f2c9e042293b4e1599306e7baf4be91a58fdb,2025-01-25T02:15:26.990000
 CVE-2025-0369,0,0,60e0263b7bdd9bb8b2fbff594a1f912ed9cb257670ae53622ab1064bad30f4a5,2025-01-18T07:15:09.720000
 CVE-2025-0371,0,0,5204757392b802de2ea741b3e076d05df7ac5ea75604db8718cee7d5330989cb,2025-01-21T09:15:07.747000
 CVE-2025-0377,0,0,aa55b8120230ab743cc2893b218f537bed059fac30bd283d6a35143ffcd50fcc,2025-01-21T16:15:14.290000
@ -278366,7 +278367,7 @@ CVE-2025-22983,0,0,3f91e33a7409029e8feb1969bf0fd19dc254a37fe16ab3c9358513b3c91fd
 CVE-2025-22984,0,0,79f7e0821d57086a5b30160c1ac3f4ee3a3942289c8274a9ca479dc29c59767f,2025-01-23T17:15:26.780000
 CVE-2025-22996,0,0,c50cf62284cf751584047e7a98111e31ae9d7e05423e0e28a6dfeca6772a6ab9,2025-01-15T17:15:21.837000
 CVE-2025-22997,0,0,cbf89797792d4ad66a4f37050995306b66d6d3563ae5ce9db2b5b27779f4d42b,2025-01-15T17:15:22.193000
-CVE-2025-23006,0,1,977f772ea3b5876e891b28257119516496ae4d9450366cb495b2995cfcca3fa6,2025-01-25T02:00:01.990000
+CVE-2025-23006,0,0,977f772ea3b5876e891b28257119516496ae4d9450366cb495b2995cfcca3fa6,2025-01-25T02:00:01.990000
 CVE-2025-23011,0,0,e1ba900acd27ddaffe837f1b2cb99a0620e19220a4594e9e2e5e1cfb6f6dd686,2025-01-23T21:15:15.010000
 CVE-2025-23012,0,0,5a6363dd5cc5adf7b59d4da79cd0453ce862321fce6c24b705279a51911f41e0,2025-01-23T21:15:15.173000
 CVE-2025-23013,0,0,1fb74d6ea76ff5844d786cdd2a74f412fea41ae3954a5796fa59991a0a874edb,2025-01-16T22:15:40.520000
@ -278807,8 +278808,8 @@ CVE-2025-24337,0,0,07d30bbea6dfa209bcd4c6bc43756d477d6586721f50f7d7909041753d5de
 CVE-2025-24353,0,0,10800d697e68cd55cff6432e6a23d04d139654b7a35f7e8dc56fa2c5247f6ece,2025-01-23T18:15:33.990000
 CVE-2025-24355,0,0,df091ddf8aeeb5f247d7b78b7e73863226f57cadf3f514eb1d8aa9b7831cf7ba,2025-01-24T17:15:16.047000
 CVE-2025-24359,0,0,fe898aa41d1a6ecee2652ccd06e899fa4186d85ca361d42c0af02e968484e3d0,2025-01-24T17:15:16.197000
-CVE-2025-24360,1,1,2e9c8b6331a8a88dee1c12b547eb6d5cc111d8eab816a900e080a9ac8d56f9f8,2025-01-25T01:15:24.047000
-CVE-2025-24361,1,1,d29f3ff85909126621b45166d8a881d6bc5008d3724f4584c8a5635de601f311,2025-01-25T01:15:24.193000
+CVE-2025-24360,0,0,2e9c8b6331a8a88dee1c12b547eb6d5cc111d8eab816a900e080a9ac8d56f9f8,2025-01-25T01:15:24.047000
+CVE-2025-24361,0,0,d29f3ff85909126621b45166d8a881d6bc5008d3724f4584c8a5635de601f311,2025-01-25T01:15:24.193000
 CVE-2025-24362,0,0,bd0008c19e13cbed43d9a180a0c8a1357e3b6112b693da2df160b4b2a8f315e9,2025-01-24T18:15:32.383000
 CVE-2025-24363,0,0,39d368ed8bf973713f2f52722001ed32dc19782f4926a08e8694d7826f6928da,2025-01-24T19:15:13.633000
 CVE-2025-24397,0,0,1350cea3fe5814d5435bcd6f3428089c30106b375e343d91ae9b66932985a500,2025-01-23T17:15:27.643000