Auto-Update: 2025-01-18T09:00:19.793530+00:00

CVE-2024/CVE-2024-123xx/CVE-2024-12385.json

@@ -0,0 +1,72 @@
+{
+  "id": "CVE-2024-12385",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:06.667",
+  "lastModified": "2025-01-18T07:15:06.667",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WP Abstracts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2. This is due to missing nonce validation on the wpabstracts_load_status() and wpabstracts_delete_abstracts() functions. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/wp-abstracts-manuscripts-manager/trunk/abstracts/abstracts.manage.php#L148",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/wp-abstracts-manuscripts-manager/trunk/abstracts/abstracts.manage.php#L205",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3223874/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/wp-abstracts-manuscripts-manager/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79af711e-d044-447e-9802-8be648a3843d?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-126xx/CVE-2024-12696.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-12696",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:08.117",
+  "lastModified": "2025-01-18T07:15:08.117",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Picture Gallery \u2013 Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's videowhisper_picture_upload_guest shortcode in all versions up to, and including, 1.5.22 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3224277/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/picture-gallery/#developers",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a116c846-72df-4701-893a-744a26b191d6?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-133xx/CVE-2024-13317.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13317",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:08.290",
+  "lastModified": "2025-01-18T07:15:08.290",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to missing or incorrect nonce validation on the 'shipworks-wordpress' page. This makes it possible for unauthenticated attackers to update the services username and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3223835%40shipworks-e-commerce-bridge&new=3223835%40shipworks-e-commerce-bridge&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/503c00f5-59e5-4ca2-ac3d-a3f38a993f0d?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-133xx/CVE-2024-13385.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-13385",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:08.463",
+  "lastModified": "2025-01-18T07:15:08.463",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The JSM Screenshot Machine Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ssm' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/jsmoriss/screenshot-machine-shortcode/blob/main/screenshot-machine-shortcode.php#L92-L119",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3224419%40screenshot-machine-shortcode&new=3224419%40screenshot-machine-shortcode&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/91019c36-bf33-4cd6-ac54-86c118d086fe?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-133xx/CVE-2024-13391.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13391",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:08.637",
+  "lastModified": "2025-01-18T07:15:08.637",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The MicroPayments \u2013 Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_content_upload_guest' shortcode in all versions up to, and including, 2.9.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3224254%40paid-membership&new=3224254%40paid-membership&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1b3948ef-11be-450d-ad20-e4bebc16e790?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-133xx/CVE-2024-13392.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13392",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T08:15:24.327",
+  "lastModified": "2025-01-18T08:15:24.327",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Rate Star Review Vote \u2013 AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_reviews' shortcode in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3224268%40rate-star-review&new=3224268%40rate-star-review&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eb5a85ba-9545-4d64-ac7c-6b856e4ab354?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-133xx/CVE-2024-13393.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13393",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:08.810",
+  "lastModified": "2025-01-18T07:15:08.810",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Video Share VOD \u2013 Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_videos' shortcode in all versions up to, and including, 2.6.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3224274%40video-share-vod&new=3224274%40video-share-vod&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9e85d85-76cd-4606-918b-87f07098c967?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-134xx/CVE-2024-13432.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13432",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:08.983",
+  "lastModified": "2025-01-18T07:15:08.983",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Webcamconsult plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.0. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3223211%40webcamconsult&new=3223211%40webcamconsult&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3cdad887-dafa-4cf8-ac78-87b9b9b989e2?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-134xx/CVE-2024-13433.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13433",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:09.160",
+  "lastModified": "2025-01-18T07:15:09.160",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Utilities for MTG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mtglink' shortcode in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://wordpress.org/plugins/utilities-for-mtg/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fe82b7ee-d09b-4eeb-a7d6-914b8b24368b?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-135xx/CVE-2024-13517.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13517",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:09.350",
+  "lastModified": "2025-01-18T07:15:09.350",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Easy Digital Downloads \u2013 eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 4.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3131805%40easy-digital-downloads&new=3131805%40easy-digital-downloads&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8d745937-4b0a-480a-9771-8af3288ee98f?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-135xx/CVE-2024-13519.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2024-13519",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:09.510",
+  "lastModified": "2025-01-18T07:15:09.510",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The MarketKing \u2014 Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's settings in all versions up to, and including, 1.9.80 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Shop Manager-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 4.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "HIGH",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 1.3,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3180752%40marketking-multivendor-marketplace-for-woocommerce&new=3180752%40marketking-multivendor-marketplace-for-woocommerce&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5061e0be-1785-476a-9528-d6f95656bd61?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-03xx/CVE-2025-0369.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2025-0369",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:09.720",
+  "lastModified": "2025-01-18T07:15:09.720",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The JetEngine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018list_tag\u2019 parameter in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://crocoblock.com/changelog/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://crocoblock.com/plugins/jetengine/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f27979a8-0e68-4a45-9e3e-3667d88361d8?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-05xx/CVE-2025-0515.json

@@ -0,0 +1,60 @@
+{
+  "id": "CVE-2025-0515",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-18T07:15:09.903",
+  "lastModified": "2025-01-18T07:15:09.903",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Buzz Club \u2013 Night Club, DJ and Music Festival Event WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the 'cmsmasters_hide_admin_notice' function in all versions up to, and including, 2.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 'hide' on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny service to legitimate users or be used to set some values to true such as registration."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://themeforest.net/item/buzz-club-night-club-dj-music-festival-event-wordpress-theme/17973992",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44ad056b-8995-4068-8b05-4fefb8d2ff0a?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-01-18T07:00:20.112859+00:00
+2025-01-18T09:00:19.793530+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-01-18T06:15:28.160000+00:00
+2025-01-18T08:15:24.327000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,19 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-278032
+278045
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `6`
+Recently added CVEs: `13`
 
-- [CVE-2024-13515](CVE-2024/CVE-2024-135xx/CVE-2024-13515.json) (`2025-01-18T06:15:26.410`)
+- [CVE-2024-12385](CVE-2024/CVE-2024-123xx/CVE-2024-12385.json) (`2025-01-18T07:15:06.667`)
-- [CVE-2024-13516](CVE-2024/CVE-2024-135xx/CVE-2024-13516.json) (`2025-01-18T06:15:27.627`)
+- [CVE-2024-12696](CVE-2024/CVE-2024-126xx/CVE-2024-12696.json) (`2025-01-18T07:15:08.117`)
-- [CVE-2024-9020](CVE-2024/CVE-2024-90xx/CVE-2024-9020.json) (`2025-01-18T06:15:27.787`)
+- [CVE-2024-13317](CVE-2024/CVE-2024-133xx/CVE-2024-13317.json) (`2025-01-18T07:15:08.290`)
-- [CVE-2025-0308](CVE-2025/CVE-2025-03xx/CVE-2025-0308.json) (`2025-01-18T06:15:27.880`)
+- [CVE-2024-13385](CVE-2024/CVE-2024-133xx/CVE-2024-13385.json) (`2025-01-18T07:15:08.463`)
-- [CVE-2025-0318](CVE-2025/CVE-2025-03xx/CVE-2025-0318.json) (`2025-01-18T06:15:28.017`)
+- [CVE-2024-13391](CVE-2024/CVE-2024-133xx/CVE-2024-13391.json) (`2025-01-18T07:15:08.637`)
-- [CVE-2025-0554](CVE-2025/CVE-2025-05xx/CVE-2025-0554.json) (`2025-01-18T06:15:28.160`)
+- [CVE-2024-13392](CVE-2024/CVE-2024-133xx/CVE-2024-13392.json) (`2025-01-18T08:15:24.327`)
+- [CVE-2024-13393](CVE-2024/CVE-2024-133xx/CVE-2024-13393.json) (`2025-01-18T07:15:08.810`)
+- [CVE-2024-13432](CVE-2024/CVE-2024-134xx/CVE-2024-13432.json) (`2025-01-18T07:15:08.983`)
+- [CVE-2024-13433](CVE-2024/CVE-2024-134xx/CVE-2024-13433.json) (`2025-01-18T07:15:09.160`)
+- [CVE-2024-13517](CVE-2024/CVE-2024-135xx/CVE-2024-13517.json) (`2025-01-18T07:15:09.350`)
+- [CVE-2024-13519](CVE-2024/CVE-2024-135xx/CVE-2024-13519.json) (`2025-01-18T07:15:09.510`)
+- [CVE-2025-0369](CVE-2025/CVE-2025-03xx/CVE-2025-0369.json) (`2025-01-18T07:15:09.720`)
+- [CVE-2025-0515](CVE-2025/CVE-2025-05xx/CVE-2025-0515.json) (`2025-01-18T07:15:09.903`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -245297,6 +245297,7 @@ CVE-2024-12381,0,0,68b33f6b694aa45ef73ff06945e737e58ccb7b1c7ea2cfeb4d826136c48b3
 CVE-2024-12382,0,0,f70294886a1865641a484753f3298929660ab1bd7002caff75777615f01f2e87,2024-12-13T19:24:25.137000
 CVE-2024-12383,0,0,19d74999b8b2bcff68543eb20d97d9dc601a395c1ae1c74bde3b1e01160ff201,2025-01-07T06:15:15.790000
 CVE-2024-12384,0,0,f1312e19de6c9643af9162852b5499e7f57a4620a6ff1aef3fac1b374cc11e84,2025-01-07T06:15:15.983000
+CVE-2024-12385,1,1,bd27b8de2a8bf347b81c17ba55cbeae7a249079146eefd7019f3832fea0a17d9,2025-01-18T07:15:06.667000
 CVE-2024-1239,0,0,e372911200db947b5d23f4c5c4ab976b80519731ada570ba51a10f8cbec0919a,2025-01-17T18:34:30.327000
 CVE-2024-12393,0,0,f3d3d4aeb55dacdbdda4d3e84dd9efd2b47893e24f5c1cd3a62a5960b9b718f2,2024-12-11T17:15:14.657000
 CVE-2024-12394,0,0,c9fba954279bfd0e370c88894a9572158e1b0315e8ae3de4dd675a4e1ed310f4,2025-01-09T11:15:13.310000
@@ -245531,6 +245532,7 @@ CVE-2024-12692,0,0,8b53a26a0cc42a23dac5c38dee635e34fe5ff00e8738afb8bd1ea85dad7db
 CVE-2024-12693,0,0,c4f94ffd5f7d3b684a1f1d67fedf841d735528fd88fd85faafce8d3cf44b4de0,2025-01-06T15:15:10.593000
 CVE-2024-12694,0,0,9800fbc5ca389434bdda7fa0de83799fcd1088c52cf84f2bdcf95dc149b6c72f,2025-01-03T14:15:23.560000
 CVE-2024-12695,0,0,c12cc3a1c005ac4ce33f9efb358fc8de53ca6da21a9008edd22e7d591fcee580,2025-01-06T15:15:10.753000
+CVE-2024-12696,1,1,d1ead7033a6e2be6fb25030368ea579d6f3346dffe0927d781791c3283abc801,2025-01-18T07:15:08.117000
 CVE-2024-12697,0,0,2459466c74ec5bec9acd976593eaf1864bd447490d29e2029863b77f5d045147,2024-12-21T07:15:09.587000
 CVE-2024-12698,0,0,3d9cdcbe538ab50d5f6959e4225d81bf3f0e9f88aa4025e53f307853d2e0961c,2024-12-18T05:15:07.840000
 CVE-2024-12699,0,0,f1f15e132ae79e83fce4e52614f661803aa78c84f19a0d2adbe2c9bee934bb41,2025-01-07T10:15:07.143000
@@ -245983,6 +245985,7 @@ CVE-2024-1331,0,0,b8018aa4d406613d3ec27aefa47c4e3b21af15db4ddfb753850f1de6f3ba1f
 CVE-2024-13310,0,0,34b833dc43272c485330d8f4a3479ba2fe514cfb2fea7226b333743fa866e9aa,2025-01-09T21:15:28.867000
 CVE-2024-13311,0,0,043082a8dd739b5eb445323387334add04ddcec723a1cf1ae43347104de3b9ea,2025-01-09T21:15:28.970000
 CVE-2024-13312,0,0,1596f306a61a66773ca721f46a9f359accd6e8bc761ac287ef2d071eacd93640,2025-01-09T21:15:29.077000
+CVE-2024-13317,1,1,eb3492561747721a0d7f4fa0b869fb0f375e7101ac215917441dbc77811ea0df,2025-01-18T07:15:08.290000
 CVE-2024-13318,0,0,bd9b3dd8797a6a8e50fbc0881ed502b3d6c9d2df54bdf8f89c7bd4c9f15cb658,2025-01-10T12:15:24.257000
 CVE-2024-1332,0,0,43a2cb0465d1ed7fa77b51d32b9ef650ccc5cd8e8f972f53915014a8e37bc428,2024-11-21T08:50:21.220000
 CVE-2024-13323,0,0,b6dbf1bc72030da4865adfe9c77484b3543649561b1053256d05d5821de18e27,2025-01-14T06:15:15.480000
@@ -246002,9 +246005,13 @@ CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0
 CVE-2024-13377,0,0,d2e5e5b6c9d72523b231e2a995e42c2db86bf26fcce0b464f64d583457d9feaf,2025-01-17T10:15:07.240000
 CVE-2024-13378,0,0,d33d502ff2fbbc3f8d0f87c3c71df788e9b8939d004587a73c5e70f72d603643,2025-01-17T10:15:07.457000
 CVE-2024-1338,0,0,dc2761903a1c29795472be9ec50c80e554c7222ddc44792707b7eb37ea2462f8,2024-12-31T16:51:41.113000
+CVE-2024-13385,1,1,6f29c8cca86431254e1ca86d9c73dbeef35ebe61a664c2905fda6bccefc454b8,2025-01-18T07:15:08.463000
 CVE-2024-13386,0,0,33296b5ae68cf2b5e3d42fc886f9e8ca0ae875dfd7724d3675314a55698f5a38,2025-01-17T07:15:27.300000
 CVE-2024-13387,0,0,6dc34c1690f397ff8c8c3331579d380bce906690020b30857f4fdc2d82342f2f,2025-01-16T10:15:09.103000
 CVE-2024-1339,0,0,a64c4c68c8a9a926adb37b05ad26ad3fdfdc4a14ba534fc12b29b0c3bcb239b6,2024-12-31T16:52:24.407000
+CVE-2024-13391,1,1,e7acab54105bf4f38620685dee0bbab545cf1b4e9861fb1671386ed9297e5404,2025-01-18T07:15:08.637000
+CVE-2024-13392,1,1,1560437f9cf945c5be390892a52113808014e082874bd0da969623c97d9eff53,2025-01-18T08:15:24.327000
+CVE-2024-13393,1,1,a93037e85f094eb3a9df95f7bbdb2b755a92afcfb1bc7976d270f6c0ef2b780d,2025-01-18T07:15:08.810000
 CVE-2024-13394,0,0,b6fcea27182fbefcf0642745a1f133fbfca8eb302a1dddd2465056b203356454,2025-01-15T06:15:16.150000
 CVE-2024-13398,0,0,afa7226aa36d2342cdb8d1a80328718fbb9eaa4907248797313456fb74721e56,2025-01-17T05:15:08.613000
 CVE-2024-1340,0,0,779cbb4786989b99b13d0df5bfadd47a6bb17fb76227d8a826f245b565dc9020,2024-11-21T08:50:22.180000
@@ -246012,6 +246019,8 @@ CVE-2024-13401,0,0,f754cbd15da36955b29dc5ce5207f7954441bed0a94266e365beadbad26fe
 CVE-2024-1341,0,0,090bf84c5ce2b0dfeca3a04f998237d36add49409b51be286587af2f8364beb8,2024-11-21T08:50:22.300000
 CVE-2024-1342,0,0,2f41e6eac1e33a309fc72543d371a67df7cdf22eae12449849cd3aab8e438d93,2024-10-14T22:15:03.180000
 CVE-2024-1343,0,0,419883927ae3b083384516246fa6e1f74b7f4f2e309a0068972246a296f53ead,2024-11-21T08:50:22.433000
+CVE-2024-13432,1,1,7d75f67ac18cf32d5dc44570eb7cf156c877d943529d3637d5b0bb399b86a599,2025-01-18T07:15:08.983000
+CVE-2024-13433,1,1,b744d44080e2e33c41984f231e71d8cc1252181c511f568444c5c86671c3eb05,2025-01-18T07:15:09.160000
 CVE-2024-13434,0,0,06f5e53ce83d8ab46e394913c5ab424798bc131d3e7a4d2c9991445259740085,2025-01-17T05:15:09.290000
 CVE-2024-1344,0,0,597c0cc8c6eb641f90ae3a9870d3e75470a230889fbaee8e504503cb0f59d32c,2024-11-21T08:50:22.543000
 CVE-2024-1345,0,0,0c76ed0a957ae2e29015c6df7057e5c17f3081f7b68ed33d0e7f09f33dcdc4ff,2024-11-21T08:50:22.667000
@@ -246023,8 +246032,10 @@ CVE-2024-1350,0,0,ce11ba75737d3c0dc14aea45038ee6ef39f1db647d13879ee3f248d09a8169
 CVE-2024-13502,0,0,e35d372750cc88cf9cffae844c3d280bfcd57c36093969e074e189ae9463f58a,2025-01-17T14:15:31.147000
 CVE-2024-13503,0,0,7576f806eda86dcd6b291425bfcddf3d4f266c37af3d5042d8bdb800498b7aa7,2025-01-17T14:15:31.317000
 CVE-2024-1351,0,0,0ee767ddd9bd942759d1902d3186de90141de07710cd1c9cc0aaf86395d89b28,2024-11-21T08:50:23.450000
-CVE-2024-13515,1,1,9c375e4239ee12fbc562375c345cfda5a849d6fb2775b7f77148bc29db2bffc1,2025-01-18T06:15:26.410000
+CVE-2024-13515,0,0,9c375e4239ee12fbc562375c345cfda5a849d6fb2775b7f77148bc29db2bffc1,2025-01-18T06:15:26.410000
-CVE-2024-13516,1,1,eba414603b972f65f10f7cf853b9c9e3b40669e2a413f223b52ac5eaf1fb3274,2025-01-18T06:15:27.627000
+CVE-2024-13516,0,0,eba414603b972f65f10f7cf853b9c9e3b40669e2a413f223b52ac5eaf1fb3274,2025-01-18T06:15:27.627000
+CVE-2024-13517,1,1,648053532f79f5283d5e5013413aa51010bd614d2fa8ab99c641ab7d5b15d86b,2025-01-18T07:15:09.350000
+CVE-2024-13519,1,1,91071072a08ea24827f5d5bc615943726188f0b2d2b9d39683465c01c81a2c7d,2025-01-18T07:15:09.510000
 CVE-2024-1352,0,0,80e73adafdfe15b995501384770910e119d96dba6ac79b22584e1c2a8e29f667,2025-01-17T17:23:55.973000
 CVE-2024-1353,0,0,afe5e84ebbb775598783ab5b808c4fd20532e7440cc7da3552115f2ac18ba752,2024-11-21T08:50:23.700000
 CVE-2024-1354,0,0,5af9747793c0c7f9d624ad8210334d43a11a7e2ffd1bfd24e0f893306f01668b,2024-11-21T08:50:23.843000
@@ -276254,7 +276265,7 @@ CVE-2024-9009,0,0,eeb88ddbe5b876be2da9458977e863a4a7e2f8f749b5ec4c67398617f01067
 CVE-2024-9011,0,0,5f917ba5d6e9e414a668fa259efdc89c2355605a5666ae5f81812d44488e6ab9,2024-09-25T17:48:14.820000
 CVE-2024-9014,0,0,220003038e0ed1cc49a0befe3090135c41cd16a5f829c2d65bd6cc8f984c0497,2024-09-26T13:32:55.343000
 CVE-2024-9018,0,0,9d5f9a71065cb5737c3eb97e3b8fce2545d7a7505edc442df3224ec9cdcd8b15,2024-10-07T19:20:48.293000
-CVE-2024-9020,1,1,e5d01320e0bd87d659fe948b5f9ce3d9a3dc4c2dbd0f80d37232759f033fa622,2025-01-18T06:15:27.787000
+CVE-2024-9020,0,0,e5d01320e0bd87d659fe948b5f9ce3d9a3dc4c2dbd0f80d37232759f033fa622,2025-01-18T06:15:27.787000
 CVE-2024-9021,0,0,38ce15408413883ac2962e131e46ff98aae3d8ba8d1d410ba95b4f315f4dd5ce,2024-10-10T12:57:21.987000
 CVE-2024-9022,0,0,b97de3f37f13459888a48b84864cef3e3e6492a34af924d2e6bb02f8326a41fe,2024-10-15T14:34:12.063000
 CVE-2024-9023,0,0,566271d29d8f54a0a61ddaf86501114bfe67a778e35c5f516ed0b6b3612b9879,2024-10-01T14:39:38.370000
@@ -277145,9 +277156,9 @@ CVE-2025-0299,0,0,3081f6deab5547666aabb0e346ae06d6f615099839721c542410106d67cb7c
 CVE-2025-0300,0,0,8b048794f60fe275045fdbb30c1864513f09183fd67ca00f819acbe6a078dfaf,2025-01-07T17:15:32.090000
 CVE-2025-0301,0,0,cda9ba0b82510401c2a22912601ff18ed3f9b7d844758d6122fa1a90dc462c4a,2025-01-07T18:15:21.460000
 CVE-2025-0306,0,0,4d323f73db0781dad08a71cd877278ed734b33cabf11626e82510c57e39603e9,2025-01-09T04:15:13
-CVE-2025-0308,1,1,f89e0b2f51bdc31095df6c5f8dd7a032387c24a0f205d06445d4128d7f7c613d,2025-01-18T06:15:27.880000
+CVE-2025-0308,0,0,f89e0b2f51bdc31095df6c5f8dd7a032387c24a0f205d06445d4128d7f7c613d,2025-01-18T06:15:27.880000
 CVE-2025-0311,0,0,366f4de7a1625931fb622647148fc1b4e4ac9da9319c64a1d46f443dbcb2d417,2025-01-16T21:29:36.977000
-CVE-2025-0318,1,1,18fbca098a2261f52e0f9c17a94d13e877ff02eac8f34202aac0d050b892d79d,2025-01-18T06:15:28.017000
+CVE-2025-0318,0,0,18fbca098a2261f52e0f9c17a94d13e877ff02eac8f34202aac0d050b892d79d,2025-01-18T06:15:28.017000
 CVE-2025-0328,0,0,983a37850e7593e52c7049d9c87a360510a226adf3c659d5ad2fe111082fc07f,2025-01-09T17:15:17.330000
 CVE-2025-0331,0,0,dbc642b98482c7a868d38d7a4b1240421a9e262e76044ff9bb695321876694a4,2025-01-09T17:15:17.933000
 CVE-2025-0333,0,0,3183afb9350c8085fce656cea7939729bf7b0c3b383c8f7105e9da54dedb25bd,2025-01-09T17:15:18.077000
@@ -277168,6 +277179,7 @@ CVE-2025-0349,0,0,5c5bde0373ec0c26c713a0d565cd6e4461e0dfe3c3d54fa435cc26640f811d
 CVE-2025-0354,0,0,d346f95fc15ab97802a71c3b9eea7692ca5351a1209bc93508539ce9d3279e05,2025-01-15T08:15:26.330000
 CVE-2025-0355,0,0,33e06caab68d0194ce530505431588240b2a7740117cb710b974201c33bb57f0,2025-01-15T08:15:26.493000
 CVE-2025-0356,0,0,536ff409278f7933d4a453ae82fd41c47596f9a16213b1ee32a364925d5f4dda,2025-01-15T08:15:26.650000
+CVE-2025-0369,1,1,60e0263b7bdd9bb8b2fbff594a1f912ed9cb257670ae53622ab1064bad30f4a5,2025-01-18T07:15:09.720000
 CVE-2025-0390,0,0,e8680a8850f5f93c327358a0bafb5800686853499fcfad6c845505a58dd62509,2025-01-11T08:15:26.527000
 CVE-2025-0391,0,0,92a57f196719fdf887816695b3a83526079e0969236a36b3dfc45b775c9f93d0,2025-01-11T09:15:05.937000
 CVE-2025-0392,0,0,aa9606366d99278451746d2e901d7f278b325bf8d4482ec56713b1565fb0cf2e,2025-01-11T11:15:06.657000
@@ -277235,6 +277247,7 @@ CVE-2025-0492,0,0,8a17b017a98a002e0eca45e84c80fdbdf21fc23599e7b8c3264d472e991510
 CVE-2025-0500,0,0,7c3466d64b8c8ab9f735aa3c3f46ce64626b7310542fe424f3c28d5da1451b7e,2025-01-15T19:15:27.003000
 CVE-2025-0501,0,0,fbfcc714bfa842cdf14ebe8af7abc835756e267ba83725e6c74f3794f29c6547,2025-01-15T19:15:27.190000
 CVE-2025-0502,0,0,3f983c4e65bc0e78af8f9f866ec1bd6cbe586e74611a52dc0d65bfadf6586674,2025-01-15T18:15:24.650000
+CVE-2025-0515,1,1,04ba16d00bf299820d0a2921e327edb4cf22faf321c246adae3849e409768183,2025-01-18T07:15:09.903000
 CVE-2025-0518,0,0,f6f7f54f47c0cc56f86ba02b126d49c24a3e7530d58da45540d2064eda773818,2025-01-16T17:15:12.577000
 CVE-2025-0527,0,0,d2b51becab8c01f94a687e28d364a879eb752a601305b6821988eb5f9c5bbc2f,2025-01-17T14:15:32.840000
 CVE-2025-0528,0,0,6c404f196d5f78f3d36dbdeae73139303627cc7e51e1d652340c0b4eab91a824,2025-01-17T15:15:12.430000
@@ -277250,7 +277263,7 @@ CVE-2025-0537,0,0,d2d5f6c3ed1aba0629c7b9914597be74a65e836badbe3287071391416aeb4d
 CVE-2025-0538,0,0,665829c176e139d24899162f51dc3f75a7743136ae8d080cfb4406eda703598f,2025-01-17T21:15:10.847000
 CVE-2025-0540,0,0,0fe6a3968060e1d9e108f736a24030b6ee6db8d0695d6022f7d1a51c2ca09a50,2025-01-17T21:15:11.037000
 CVE-2025-0541,0,0,422e97928ac96e00be4b8b72ccf9ce9a6f4a23518705054b1953468a190b5cd0,2025-01-17T22:15:29.337000
-CVE-2025-0554,1,1,7cdbd44c1d3cc981944ecd6d5c9c3ad7d1c5de5034144b9547e97228edf48404,2025-01-18T06:15:28.160000
+CVE-2025-0554,0,0,7cdbd44c1d3cc981944ecd6d5c9c3ad7d1c5de5034144b9547e97228edf48404,2025-01-18T06:15:28.160000
 CVE-2025-20016,0,0,3fa4bc97a0a3d288bd5925fa89275b3fac40424bcf9581fb156684828af784ae,2025-01-14T10:15:07.500000
 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000
 CVE-2025-20036,0,0,fd9f374b8914b94f087a22b827ae9aa005122afe6c3b9fb7f7ca385e01f1379b,2025-01-15T17:15:18.950000