Auto-Update: 2025-01-19T07:00:19.744187+00:00

CVE-2024/CVE-2024-87xx/CVE-2024-8722.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-8722",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-19T05:15:07.987",
+  "lastModified": "2025-01-19T05:15:07.987",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dbc6ad3f-698e-4dfd-bbba-086f94831bba?source=cve",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wpallimport.com/downloads/wp-all-import-annual/?changelog=1",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-05xx/CVE-2025-0565.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-0565",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-01-19T06:15:06.820",
+  "lastModified": "2025-01-19T06:15:06.820",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "baseScore": 7.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/En0t5/vul/blob/main/zzcms/zzcsm-sql-inject.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.292526",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.292526",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.484333",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-01-19T05:00:19.365011+00:00
+2025-01-19T07:00:19.744187+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-01-19T04:15:07.090000+00:00
+2025-01-19T06:15:06.820000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,27 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-278065
+278067
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `2`
 
-- [CVE-2024-45652](CVE-2024/CVE-2024-456xx/CVE-2024-45652.json) (`2025-01-19T03:15:06.647`)
-- [CVE-2024-45653](CVE-2024/CVE-2024-456xx/CVE-2024-45653.json) (`2025-01-19T03:15:07.643`)
-- [CVE-2024-45654](CVE-2024/CVE-2024-456xx/CVE-2024-45654.json) (`2025-01-19T03:15:07.787`)
-- [CVE-2025-0564](CVE-2025/CVE-2025-05xx/CVE-2025-0564.json) (`2025-01-19T04:15:07.090`)
+- [CVE-2024-8722](CVE-2024/CVE-2024-87xx/CVE-2024-8722.json) (`2025-01-19T05:15:07.987`)
+- [CVE-2025-0565](CVE-2025/CVE-2025-05xx/CVE-2025-0565.json) (`2025-01-19T06:15:06.820`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `4`
+Recently modified CVEs: `0`
 
-- [CVE-2024-0917](CVE-2024/CVE-2024-09xx/CVE-2024-0917.json) (`2025-01-19T03:31:43.843`)
-- [CVE-2024-27317](CVE-2024/CVE-2024-273xx/CVE-2024-27317.json) (`2025-01-19T03:23:26.087`)
-- [CVE-2024-27894](CVE-2024/CVE-2024-278xx/CVE-2024-27894.json) (`2025-01-19T03:09:08.147`)
-- [CVE-2024-28098](CVE-2024/CVE-2024-280xx/CVE-2024-28098.json) (`2025-01-19T03:01:40.317`)
 
 
 ## Download and Usage

_state.csv

@@ -243188,7 +243188,7 @@ CVE-2024-0912,0,0,4f57efee87c78987c06f7ceab5e4000e0b2d703a66876a27e9fce78c8c5318
 CVE-2024-0913,0,0,fdd184df3fb1e6ddd459b097472fe6fe272697f536f754bc3e7f7dbf4d3d090e,2024-11-21T08:47:42.730000
 CVE-2024-0914,0,0,961b54ff0e9b9f81aa56dcd6cdc24b37952c07f3f53f7085b217ebd09ddf718f,2024-11-21T08:47:42.910000
 CVE-2024-0916,0,0,5a8012d33f7bb36c9ef1c1bccdc08620475d280f7448052ee484e84c13496a01,2024-11-21T08:47:43.277000
-CVE-2024-0917,0,1,8ca5d131b4caf0ae73728e0f2737e604dfa40817adb5658d847b612acaa77af7,2025-01-19T03:31:43.843000
+CVE-2024-0917,0,0,8ca5d131b4caf0ae73728e0f2737e604dfa40817adb5658d847b612acaa77af7,2025-01-19T03:31:43.843000
 CVE-2024-0918,0,0,adaf982dd698ba71a56fe214b4de6d539fe4a4f06abbbc782136a1eef6b53163,2024-11-21T08:47:44.287000
 CVE-2024-0919,0,0,4faa3b3ee004f50a348eb233a0869d4eacefe6f2d379b6009e4cef456d250b55,2024-11-21T08:47:44.490000
 CVE-2024-0920,0,0,ee99d8cd581c7af2f038b9e503ecab2633ed9070146163eae7948ec0f0b17f5d,2024-11-21T08:47:44.707000
@@ -252422,7 +252422,7 @@ CVE-2024-27313,0,0,35d4fc5dcf7fd82874d8066658bb141d6133e1d7a3505f1ab33a062d02328
 CVE-2024-27314,0,0,c7800ff43b3dde4e64855ff4c8e9e09054f2d9523de2c8225fcf94e9bdda5465,2024-11-21T09:04:18.717000
 CVE-2024-27315,0,0,d76b0fcdba6f7b4b207cb9b903ce70dcff45e546dcd16fd74a8323c6a63e3929,2024-12-31T16:16:15.510000
 CVE-2024-27316,0,0,24fdf0f9b0ad852f5d9fcb01da998781549ca6c0b793197d9e2355018b079f16,2024-11-21T09:04:18.993000
-CVE-2024-27317,0,1,76b2a59ff51f548a5b920f9a9e5de4c3dbbbe200760563bdad4794a3fa9cb613,2025-01-19T03:23:26.087000
+CVE-2024-27317,0,0,76b2a59ff51f548a5b920f9a9e5de4c3dbbbe200760563bdad4794a3fa9cb613,2025-01-19T03:23:26.087000
 CVE-2024-27318,0,0,a39bb4bb6ceefb9dab21937c537b420423d8cb9a6ce6d647023eb496b3d6b5b8,2024-11-21T09:04:19.373000
 CVE-2024-27319,0,0,ba43b558a916cdc8ea2ffc9143a26e8f5c9b0fd690315b9a58ed0750f77418cb,2024-11-21T09:04:19.507000
 CVE-2024-2732,0,0,c53ca86f62810bb8d7151754be48472811994b863d082d4f89a0e05dc2c7c2e4,2024-11-21T09:10:23.810000
@@ -252829,7 +252829,7 @@ CVE-2024-27887,0,0,27c7d91a187938663d4a01d4c87033037d24e5ace0c9df0921f49ee73def6
 CVE-2024-27888,0,0,cd0431e20853cd52fac0840f748f121c2c1ffdab2233c1cee21b2fe50a5a00fd,2024-12-10T14:51:04.667000
 CVE-2024-27889,0,0,9baa87884a3e66fc5756c9ced2a8ef947001f8941593056f52c6dadb55724bf9,2024-11-21T09:05:21.780000
 CVE-2024-2789,0,0,b1690b1b83fedf5140ce93f0eda4241364d6c80c52f2ee1616fa1c36870eb1b9,2025-01-07T18:14:48.107000
-CVE-2024-27894,0,1,ccad49273a629a1c78e24163856afe63701367571263de1e6484edc4071a1784,2025-01-19T03:09:08.147000
+CVE-2024-27894,0,0,ccad49273a629a1c78e24163856afe63701367571263de1e6484edc4071a1784,2025-01-19T03:09:08.147000
 CVE-2024-27895,0,0,d55175960df25787806e528bf2b5b0b690105cc86f51c145001c192d4b0382fc,2024-12-09T17:59:55
 CVE-2024-27896,0,0,cefb57e4fd2360f9ca76121f5d55c0879f2b9778073436f6d450ff9f01865a42,2024-11-29T15:15:16.833000
 CVE-2024-27897,0,0,e0fd628e199d1ad9f7d1973d04b30e3b226e987f2d07bcbb58339313ac383abd,2024-11-21T09:05:22.297000
@@ -253025,7 +253025,7 @@ CVE-2024-28094,0,0,e65989a468ce7112ff14a5b6de487cd35f7abbd47747bf6c735d7568c9d9e
 CVE-2024-28095,0,0,1f7d8fe8a6c56dc8dd69a3e4a3303f7c94c39f3ce605ea90cdf64f6129ed7de5,2024-11-21T09:05:48.183000
 CVE-2024-28096,0,0,a0a1b2d48a132a8f67f7924055e0d93805996700281fe9467707cabf2e784f75,2024-11-21T09:05:48.310000
 CVE-2024-28097,0,0,d328615318f60f00491ec7904bbd032058d8e0158a6c16297acf359751fa44f7,2024-11-21T09:05:48.423000
-CVE-2024-28098,0,1,9d40261cec447217dcbe8b865b335c2de4beaae87e7806bacec890457d4d35ff,2025-01-19T03:01:40.317000
+CVE-2024-28098,0,0,9d40261cec447217dcbe8b865b335c2de4beaae87e7806bacec890457d4d35ff,2025-01-19T03:01:40.317000
 CVE-2024-28099,0,0,67074bfe8335b5e423677837dbafff99c4030ec6685c157c0f1ee9942960739f,2024-11-21T09:05:48.693000
 CVE-2024-2810,0,0,f152fec8b4da4dd39d7c0040313b2d0236f2aef6a1dcaa287e4d60d1c0e11e68,2024-11-21T09:10:34.653000
 CVE-2024-28100,0,0,980f955c88bfadf6275346988b59f10331a2302846e8287402fe5dd637f02c57,2024-09-16T17:28:07.347000
@@ -266090,9 +266090,9 @@ CVE-2024-4564,0,0,ee8f47044242c05a630f54d8d399a7051500b8cbd4c8fa39ec50216846d2f2
 CVE-2024-45640,0,0,923abe7b70ac2297df80331720303a7ee55474d7dd4031afdf0c5f6c2b1c1e0c,2025-01-07T13:15:07.690000
 CVE-2024-45642,0,0,cfb188922d2de3d0a2e624109932e190c43782f5c9c1e7fb30a5b975a8a432ea,2024-11-16T00:13:06.017000
 CVE-2024-4565,0,0,7eafc37f7621bbcecc9df42111f1503d84607d3815c6d13bfc741bedf44b3a75,2024-11-21T09:43:07.187000
-CVE-2024-45652,1,1,a98f15ba10f48b9466efc3cc28e1ea6be4d5f5099bd07edd096dedcf90fa67a9,2025-01-19T03:15:06.647000
-CVE-2024-45653,1,1,23b213d8e708f895a3ae7904da1ec3db7ec809653880d7fcc6b0dd567508f27b,2025-01-19T03:15:07.643000
-CVE-2024-45654,1,1,e14d5f51432546412222a0594e7c9107c0a213bcd4e300ea857cb39c15b83600,2025-01-19T03:15:07.787000
+CVE-2024-45652,0,0,a98f15ba10f48b9466efc3cc28e1ea6be4d5f5099bd07edd096dedcf90fa67a9,2025-01-19T03:15:06.647000
+CVE-2024-45653,0,0,23b213d8e708f895a3ae7904da1ec3db7ec809653880d7fcc6b0dd567508f27b,2025-01-19T03:15:07.643000
+CVE-2024-45654,0,0,e14d5f51432546412222a0594e7c9107c0a213bcd4e300ea857cb39c15b83600,2025-01-19T03:15:07.787000
 CVE-2024-45656,0,0,bd9c2ffe8b9cbe4ee804430325ca28b90db5a453ccc34b145371cf00c3254208,2024-10-29T14:34:04.427000
 CVE-2024-4566,0,0,67793534ad65df3a22647f8471d680f58a33cea10b3409d6ba3f0ab52674e69f,2024-11-21T09:43:07.400000
 CVE-2024-45662,0,0,2a9f7cf44074655374154bd6d7ae34aabeef47c4d3ebcb5e1ff57e4b2ae36ab3,2025-01-18T17:15:07.343000
@@ -276028,6 +276028,7 @@ CVE-2024-8718,0,0,08f9f7324fe1750583259b3c93648593ad90bf879a6e322b24780fec64fd46
 CVE-2024-8719,0,0,f09775703ce33efd1a382062d7fd99b2a3df4a10d5639e789be4bdf90386ec17,2024-10-18T12:53:04.627000
 CVE-2024-8720,0,0,a92271303c4f165ef6918751e334ec6c2a5d2eedb6ef1b6e7529ea9a9bccddee,2024-10-04T13:51:25.567000
 CVE-2024-8721,0,0,b55737cb0e83f3810876edbd5f2c3fe227126cdd659227e4dbd42dea98b92ee8,2024-12-24T10:15:06.803000
+CVE-2024-8722,1,1,797d6b7fa82068b880881b15e8ef201f4d1a15ebdce9f4386bc0b1744a17d6af,2025-01-19T05:15:07.987000
 CVE-2024-8723,0,0,83a844d582685fdefc602bc8b434e71b492fde6813a7ae6c416922e3445759df,2024-10-02T17:00:23.603000
 CVE-2024-8724,0,0,79eb3fc36e2ade01b1d81ee061bd0ccc9d41db170377c76707443e9b9b4c1829,2024-09-27T15:56:00.073000
 CVE-2024-8725,0,0,46dd31707149bc30a113fe6e731b5768bd17b167e63d858b2e790e78d82762b2,2024-10-01T14:16:42.727000
@@ -277283,7 +277284,8 @@ CVE-2025-0560,0,0,a8dad0e6326d118750e8c8a516030a35fe209a3585b22295c165d1200aa061
 CVE-2025-0561,0,0,fd9b012ebdaece6d373c25b915aa1ce00990c69daaaaf36bf7683a0e1e96a65c,2025-01-19T00:15:25.077000
 CVE-2025-0562,0,0,c526f2bbf0ee53dbd7b87b3a977b73812d0b8c8e2d0a2cc04f356d0f5568981e,2025-01-19T02:15:24.380000
 CVE-2025-0563,0,0,c8aedbc0ad6c989f8bd21315356fde60bbf39135f127f9d691ff6d583ecc9784,2025-01-19T02:15:24.560000
-CVE-2025-0564,1,1,83206ab7d4a6b165cdb38999cbacf04d2d848dbd063370cc5da16a0083e91bfd,2025-01-19T04:15:07.090000
+CVE-2025-0564,0,0,83206ab7d4a6b165cdb38999cbacf04d2d848dbd063370cc5da16a0083e91bfd,2025-01-19T04:15:07.090000
+CVE-2025-0565,1,1,9e441f2e362b4078450931d0ef12dd08184a10cee05c1fd1b5de39e0c8230d42,2025-01-19T06:15:06.820000
 CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000
 CVE-2025-20036,0,0,a1d7639f0e568c5953a2962f5a2be630b5737d729f8c4f565a3eec7e4bf19549,2025-01-15T17:15:18.950000