admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-15T10:00:17.644444+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-15 10:03:16 +00:00
parent c68644915f
commit 5381e159e6
17 changed files with 877 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
CVE-2024/CVE-2024-440xx/CVE-2024-44053.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44053",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T09:15:02.013",
"lastModified": "2024-09-15T09:15:02.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mohammad Arif Opor Ayam allows Reflected XSS.This issue affects Opor Ayam: from n/a through 1.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/opor-ayam/wordpress-opor-ayam-theme-1-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44054.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44054",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T09:15:02.290",
"lastModified": "2024-09-15T09:15:02.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Fluida allows Stored XSS.This issue affects Fluida: from n/a through 1.8.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/fluida/wordpress-fluida-theme-1-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44056.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44056",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T09:15:02.800",
"lastModified": "2024-09-15T09:15:02.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Mantra allows Stored XSS.This issue affects Mantra: from n/a through 3.3.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mantra/wordpress-mantra-theme-3-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44057.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44057",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T09:15:03.270",
"lastModified": "2024-09-15T09:15:03.270",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Nirvana allows Stored XSS.This issue affects Nirvana: from n/a through 1.6.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/nirvana/wordpress-nirvana-theme-1-6-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44058.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44058",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T09:15:03.883",
"lastModified": "2024-09-15T09:15:03.883",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Parabola allows Stored XSS.This issue affects Parabola: from n/a through 2.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/parabola/wordpress-parabola-theme-2-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44059.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44059",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T09:15:04.613",
"lastModified": "2024-09-15T09:15:04.613",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MediaRon LLC Custom Query Blocks allows Stored XSS.This issue affects Custom Query Blocks: from n/a through 5.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/post-type-archive-mapping/wordpress-custom-query-blocks-plugin-5-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44060.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44060",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:11.367",
"lastModified": "2024-09-15T08:15:11.367",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jennifer Hall Filmix allows Reflected XSS.This issue affects Filmix: from n/a through 1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/filmix/wordpress-filmix-theme-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44062.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44062",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:12.710",
"lastModified": "2024-09-15T08:15:12.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.6.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-field-template/wordpress-custom-field-template-plugin-2-6-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-440xx/CVE-2024-44063.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-44063",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:12.940",
"lastModified": "2024-09-15T08:15:12.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/happyforms/wordpress-happyforms-plugin-1-26-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-454xx/CVE-2024-45455.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45455",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:13.150",
"lastModified": "2024-09-15T08:15:13.150",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-meta-seo/wordpress-wp-meta-seo-plugin-4-5-13-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-454xx/CVE-2024-45456.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45456",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:13.350",
"lastModified": "2024-09-15T08:15:13.350",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-meta-seo/wordpress-wp-meta-seo-plugin-4-5-13-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-454xx/CVE-2024-45457.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45457",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:13.547",
"lastModified": "2024-09-15T08:15:13.547",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Stored XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-13-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-454xx/CVE-2024-45458.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45458",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:13.763",
"lastModified": "2024-09-15T08:15:13.763",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.13."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-13-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-454xx/CVE-2024-45459.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45459",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:13.963",
"lastModified": "2024-09-15T08:15:13.963",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Product Slider for WooCommerce allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through 1.13.50."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-products-slider/wordpress-product-slider-for-woocommerce-by-pickplugins-plugin-1-13-50-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-454xx/CVE-2024-45460.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45460",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-09-15T08:15:14.173",
"lastModified": "2024-09-15T08:15:14.173",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Manu225 Flipping Cards allows Stored XSS.This issue affects Flipping Cards: from n/a through 1.30."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/flipping-cards/wordpress-flipping-cards-plugin-1-30-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

26
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-15T04:00:17.343016+00:00
2024-09-15T10:00:17.644444+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-15T03:15:02.153000+00:00
2024-09-15T09:15:04.613000+00:00
```
### Last Data Feed Release
@ -33,16 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
262886
262901
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `15`
- [CVE-2024-8866](CVE-2024/CVE-2024-88xx/CVE-2024-8866.json) (`2024-09-15T02:15:01.900`)
- [CVE-2024-8867](CVE-2024/CVE-2024-88xx/CVE-2024-8867.json) (`2024-09-15T03:15:01.840`)
- [CVE-2024-8868](CVE-2024/CVE-2024-88xx/CVE-2024-8868.json) (`2024-09-15T03:15:02.153`)
- [CVE-2024-44053](CVE-2024/CVE-2024-440xx/CVE-2024-44053.json) (`2024-09-15T09:15:02.013`)
- [CVE-2024-44054](CVE-2024/CVE-2024-440xx/CVE-2024-44054.json) (`2024-09-15T09:15:02.290`)
- [CVE-2024-44056](CVE-2024/CVE-2024-440xx/CVE-2024-44056.json) (`2024-09-15T09:15:02.800`)
- [CVE-2024-44057](CVE-2024/CVE-2024-440xx/CVE-2024-44057.json) (`2024-09-15T09:15:03.270`)
- [CVE-2024-44058](CVE-2024/CVE-2024-440xx/CVE-2024-44058.json) (`2024-09-15T09:15:03.883`)
- [CVE-2024-44059](CVE-2024/CVE-2024-440xx/CVE-2024-44059.json) (`2024-09-15T09:15:04.613`)
- [CVE-2024-44060](CVE-2024/CVE-2024-440xx/CVE-2024-44060.json) (`2024-09-15T08:15:11.367`)
- [CVE-2024-44062](CVE-2024/CVE-2024-440xx/CVE-2024-44062.json) (`2024-09-15T08:15:12.710`)
- [CVE-2024-44063](CVE-2024/CVE-2024-440xx/CVE-2024-44063.json) (`2024-09-15T08:15:12.940`)
- [CVE-2024-45455](CVE-2024/CVE-2024-454xx/CVE-2024-45455.json) (`2024-09-15T08:15:13.150`)
- [CVE-2024-45456](CVE-2024/CVE-2024-454xx/CVE-2024-45456.json) (`2024-09-15T08:15:13.350`)
- [CVE-2024-45457](CVE-2024/CVE-2024-454xx/CVE-2024-45457.json) (`2024-09-15T08:15:13.547`)
- [CVE-2024-45458](CVE-2024/CVE-2024-454xx/CVE-2024-45458.json) (`2024-09-15T08:15:13.763`)
- [CVE-2024-45459](CVE-2024/CVE-2024-454xx/CVE-2024-45459.json) (`2024-09-15T08:15:13.963`)
- [CVE-2024-45460](CVE-2024/CVE-2024-454xx/CVE-2024-45460.json) (`2024-09-15T08:15:14.173`)
### CVEs modified in the last Commit

21
_state.csv
View File

@ -259110,7 +259110,16 @@ CVE-2024-4401,0,0,48f8e641129f81284635fb93c6fe88c5c5fc547b585fa75e650b46a3bc3c0b
CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000
CVE-2024-4404,0,0,3ae3ea086edb9bd484931090d5df4b9ee138a4bfd155faf3c535f115da6a15de,2024-06-17T12:42:04.623000
CVE-2024-4405,0,0,45cc63f187ac8ca241b3f6f4ea8115546cfb9789c95e5b84e970d2850f40bb92,2024-05-02T18:00:37.360000
CVE-2024-44053,1,1,5e074093c8a83d5b8131bc3d4f2079a0f8e3b0989e822366d3e11964243746e7,2024-09-15T09:15:02.013000
CVE-2024-44054,1,1,5b33cacdf53e2936c71fb462e9af31b57726285303037a6f5e1c3ebffe1f54c2,2024-09-15T09:15:02.290000
CVE-2024-44056,1,1,36802a51a1f141563f7ae2ec10595be0015cdd15e5bba88bceddaf65752682ba,2024-09-15T09:15:02.800000
CVE-2024-44057,1,1,857b861e7d299092a8eee5852b3c381c958661ccc50f472ae205e3d0045f6273,2024-09-15T09:15:03.270000
CVE-2024-44058,1,1,431ed220de913710e4f04a7c10d35ccbeceaf08dbac3a3de71029ec7f9f9f3d5,2024-09-15T09:15:03.883000
CVE-2024-44059,1,1,71f7db7650b1dc6a337bbf53f26c4bad6ea712583035cade612aa7600468f790,2024-09-15T09:15:04.613000
CVE-2024-4406,0,0,4d2edf89174eefb11c1e35948c69459d7b4d6dd1a09c10eb7a0704c1561ef984,2024-05-02T18:00:37.360000
CVE-2024-44060,1,1,7b8ed16da225ee3029be54091c9ae12a145fad43d62c91fa6f35db279aa36327,2024-09-15T08:15:11.367000
CVE-2024-44062,1,1,1644938a0273933f0faedd2cf5d72e06b6802cec154810df682c483da3d0df3c,2024-09-15T08:15:12.710000
CVE-2024-44063,1,1,345a218a7ef7a40ba13b180d84bc880cce7e5c93decfb3e39bbb7c8786febf07,2024-09-15T08:15:12.940000
CVE-2024-44067,0,0,f6acc392be4d580c3750239c741db14e9e0b23cb38f1820ef772266e93e1673a,2024-08-20T20:35:34.497000
CVE-2024-44069,0,0,2eb956dd06d71bb925b0fe816cbe078cd7c5c9a8647e07e8d081256cc543fa9f,2024-08-19T12:59:59.177000
CVE-2024-44070,0,0,897c04ba9a67e5ea511bddee651919522720d2ac02cb9c6411d8cfecd25984e1,2024-08-30T16:19:49.587000
@ -259620,7 +259629,13 @@ CVE-2024-45448,0,0,baaac6177753b9ef1526bea7e39de3dc043a4ca1913a07543e6e5e11685c2
CVE-2024-45449,0,0,16fcc8f3add1fcba18b36fc04f0c4a19c97d176cb514abd9722e7bafd45dc227,2024-09-06T14:38:08.067000
CVE-2024-4545,0,0,864a22773c6eaa7a20fdb4cf4c4b7a2709a2c8e64cfe98132d05364d67e97af4,2024-05-14T16:11:39.510000
CVE-2024-45450,0,0,aa5d1afac94647878136a29faab537df333625d6375aa0ea38189e29e05bb108,2024-09-12T19:30:22.863000
CVE-2024-45455,1,1,b4cf4fde6876b53f4e7fab33b129eab1ab20c61d4bbe2f8cdba2416abce11d35,2024-09-15T08:15:13.150000
CVE-2024-45456,1,1,081c1a09c229ea27d066d82a17ffbfa6a4152d86ca7e79f1bf4c1f8f6c724fce,2024-09-15T08:15:13.350000
CVE-2024-45457,1,1,ca78a7432951c5dc247ffc0d181692d008e90d64444293988a110264323b267f,2024-09-15T08:15:13.547000
CVE-2024-45458,1,1,6d88def5c36012ecdf6b48989da8064b23c7d4b35513c96f45ebc7124752eb2c,2024-09-15T08:15:13.763000
CVE-2024-45459,1,1,ca234fa487f89818483abf850b9dabb20e2d2562a2007dcbb1b042aafb9ffa04,2024-09-15T08:15:13.963000
CVE-2024-4546,0,0,da973c82a9042d639d29e7a0c2ffb48d440dea200e6df21027887041c43a68db,2024-05-16T13:03:05.353000
CVE-2024-45460,1,1,87156fe69c7ba5be2401d5a4a8dca1dc6bd17b02e5e00b518fd9dc1bd705e762,2024-09-15T08:15:14.173000
CVE-2024-4547,0,0,e03413ba2a3d643e986abd6a70d4989a4412faae98e55cc280c4859673ba647d,2024-05-06T16:00:59.253000
CVE-2024-4548,0,0,c312b0154ade9cb7e93b29cf6468875ea09abcdae811bc20c1f6b28cb1f08ef2,2024-05-06T16:00:59.253000
CVE-2024-45488,0,0,02812af338aadc4a80122f84f222d800d57fc191e3e2ef216830d55dc271ef45,2024-08-30T19:35:06.870000
@ -262882,6 +262897,6 @@ CVE-2024-8862,0,0,ec2b207d96c7760f5e1e7153b1b5c7effc37c64513a38b1cbd5a5ea70ece38
CVE-2024-8863,0,0,9f3f56473b876f05177eae6c3b009fe96b9edd6d27c3210bc8a6603ae1c78f86,2024-09-14T23:15:11.967000
CVE-2024-8864,0,0,5eeeeeb9301601019e9ecb754cc0a968b222f29465c0230ea52287773b3fe009,2024-09-15T01:15:10.153000
CVE-2024-8865,0,0,a39e4f34a05995643d58a4005fb4dc7690ae0140dbe8fa6fe9528f952dddbf70,2024-09-15T01:15:10.423000
CVE-2024-8866,1,1,31ba295c4f71cde54a98742cdc5d78078f4e8b948563abaa4e1dbb696b00e6f1,2024-09-15T02:15:01.900000
CVE-2024-8867,1,1,dd10831ef551fea3afb47529263b42e62dd84766cc54a4058c7ce2170e3f8ac1,2024-09-15T03:15:01.840000
CVE-2024-8868,1,1,4c0844b52c07af19f806d758bc94eea8b81aa10285bf079a34c6dd0100e86840,2024-09-15T03:15:02.153000
CVE-2024-8866,0,0,31ba295c4f71cde54a98742cdc5d78078f4e8b948563abaa4e1dbb696b00e6f1,2024-09-15T02:15:01.900000
CVE-2024-8867,0,0,dd10831ef551fea3afb47529263b42e62dd84766cc54a4058c7ce2170e3f8ac1,2024-09-15T03:15:01.840000
CVE-2024-8868,0,0,4c0844b52c07af19f806d758bc94eea8b81aa10285bf079a34c6dd0100e86840,2024-09-15T03:15:02.153000

Can't render this file because it is too large.