mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-30 18:21:17 +00:00
Auto-Update: 2024-06-08T10:00:17.990436+00:00
This commit is contained in:
cad-safe-bot
parent
73245bb396
commit
5757879ddd
75
CVE-2024/CVE-2024-44xx/CVE-2024-4468.json
Normal file
75
CVE-2024/CVE-2024-44xx/CVE-2024-4468.json
Normal file
@ -0,0 +1,75 @@
|
||||
{
|
||||
"id": "CVE-2024-4468",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-08T08:15:08.870",
|
||||
"lastModified": "2024-06-08T08:15:08.870",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L10",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L16",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php#L7",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L12",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L16",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Tools.php#L231",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLB_Discount/Admin/ExportDiscountsCsv.php",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3098413/salon-booking-system/trunk/src/SLN/Admin/Tools.php",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8b73f864-68b5-4ba8-93a3-37f2564cc240?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
51
CVE-2024/CVE-2024-56xx/CVE-2024-5654.json
Normal file
51
CVE-2024/CVE-2024-56xx/CVE-2024-5654.json
Normal file
@ -0,0 +1,51 @@
|
||||
{
|
||||
"id": "CVE-2024-5654",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-06-08T09:15:09.420",
|
||||
"lastModified": "2024-06-08T09:15:09.420",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'execute_post_data_cg7_free' function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site configuration settings, including WP_DEBUG, WP_DEBUG_LOG, SCRIPT_DEBUG, and SAVEQUERIES."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 2.5
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/cf7-google-sheets-connector/trunk/includes/class-gs-service.php#L52",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3099184/",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c0da4d55-5025-47cf-9f45-377d8943fc94?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
16
README.md
16
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-06-08T08:00:18.230952+00:00
|
||||
2024-06-08T10:00:17.990436+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-06-08T07:15:08.630000+00:00
|
||||
2024-06-08T09:15:09.420000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,19 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
253028
|
||||
253030
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `6`
|
||||
Recently added CVEs: `2`
|
||||
|
||||
- [CVE-2024-4661](CVE-2024/CVE-2024-46xx/CVE-2024-4661.json) (`2024-06-08T06:15:09.463`)
|
||||
- [CVE-2024-5087](CVE-2024/CVE-2024-50xx/CVE-2024-5087.json) (`2024-06-08T06:15:09.883`)
|
||||
- [CVE-2024-5091](CVE-2024/CVE-2024-50xx/CVE-2024-5091.json) (`2024-06-08T07:15:08.280`)
|
||||
- [CVE-2024-5613](CVE-2024/CVE-2024-56xx/CVE-2024-5613.json) (`2024-06-08T06:15:10.143`)
|
||||
- [CVE-2024-5638](CVE-2024/CVE-2024-56xx/CVE-2024-5638.json) (`2024-06-08T06:15:10.433`)
|
||||
- [CVE-2024-5758](CVE-2024/CVE-2024-57xx/CVE-2024-5758.json) (`2024-06-08T07:15:08.630`)
|
||||
- [CVE-2024-4468](CVE-2024/CVE-2024-44xx/CVE-2024-4468.json) (`2024-06-08T08:15:08.870`)
|
||||
- [CVE-2024-5654](CVE-2024/CVE-2024-56xx/CVE-2024-5654.json) (`2024-06-08T09:15:09.420`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
14
_state.csv
14
_state.csv
@ -252295,6 +252295,7 @@ CVE-2024-4461,0,0,ad05f4e37257e33f27f784f842f8dfa34f685ff06dd273bc6842a04c51c93b
|
||||
CVE-2024-4462,0,0,c8f7490df4b9ef7118fdef5b7ade6db6ae196f6576f8cec5720233f982c7a0b4,2024-06-04T16:57:41.053000
|
||||
CVE-2024-4463,0,0,aaa5b32073fcbc7160927d348961b4790302ca7b8c414e16cdb6cacefbfd98b3,2024-05-14T16:11:39.510000
|
||||
CVE-2024-4466,0,0,d6c981370b54d7938faad670495d8ca5b736025a1a2ded921b62354a18385ccc,2024-05-03T12:48:41.067000
|
||||
CVE-2024-4468,1,1,88cf66c715de98275f67dd40f9b724cb990e5cec123245ca018bd38c046dac1b,2024-06-08T08:15:08.870000
|
||||
CVE-2024-4469,0,0,f3178a2eee38f00518ebe4258fe6dd45f453ef4ce408e801402017fce62c2cef,2024-05-31T13:01:46.727000
|
||||
CVE-2024-4470,0,0,a1486a2c35813e6b458e62c6cab3ba58a94b094bc9cbcdae130972a477a7e8d0,2024-05-21T12:37:59.687000
|
||||
CVE-2024-4471,0,0,9792233119a62c3ea240ba8e0af602c011f72a48705fdc1ef6f6e423f04dac09,2024-05-24T01:15:30.977000
|
||||
@ -252434,7 +252435,7 @@ CVE-2024-4652,0,0,5a9d123e7dc162b2780d21e171c5f7bd67b56d13b67e6af24f7924f686cdd9
|
||||
CVE-2024-4653,0,0,695819124007e1fa87749621ef4d62ddcb026ccafa0c20f99f5ec61618107b32,2024-06-04T19:20:44.990000
|
||||
CVE-2024-4654,0,0,eca077048d127add67f133585649496d1af539c8d39e41b186d99947e2c0e50e,2024-06-04T19:20:45.100000
|
||||
CVE-2024-4656,0,0,23093c7ec18a8f42da4c8fc1c86b9aa6984d979cf63954576e1d332548405180,2024-05-15T16:40:19.330000
|
||||
CVE-2024-4661,1,1,9fbaf20a2a4023621b875e18bdb3d2aff2559af3db0eb8acd873a8948e489e71,2024-06-08T06:15:09.463000
|
||||
CVE-2024-4661,0,0,9fbaf20a2a4023621b875e18bdb3d2aff2559af3db0eb8acd873a8948e489e71,2024-06-08T06:15:09.463000
|
||||
CVE-2024-4662,0,0,271820e0248036cdcfeea2da470b958f93caba3600263b2df375c674d931507f,2024-05-24T01:15:30.977000
|
||||
CVE-2024-4666,0,0,dde8d66c76bdf850b898b9f95df0d92f0ac3da730c1f32826d61843a6ef06bf5,2024-05-15T16:40:19.330000
|
||||
CVE-2024-4668,0,0,3c2f34d91ee8c9aacf0f125fe94ffbbe9a611b8f1a54ab65e0473cea71baad6f,2024-05-30T13:15:41.297000
|
||||
@ -252700,10 +252701,10 @@ CVE-2024-5073,0,0,7de160448d11dc97e5a2a9338d2dd6c82b34c616c4ba587347e360e1f76b10
|
||||
CVE-2024-5084,0,0,92d8976ac3f9e8cdb8733c073caf2586c8f5a42e4f2b053a805034733b1a3630,2024-05-24T01:15:30.977000
|
||||
CVE-2024-5085,0,0,e4f2e80bdbf4fc55d46c60837ef7c898ce9ad88d4ef317ea9d17542cafaf4d9d,2024-05-24T01:15:30.977000
|
||||
CVE-2024-5086,0,0,931e0bac2fddd1d3017185ad2896bc6a71c950877469373fd8fb74c0da6b675a,2024-05-29T13:02:09.280000
|
||||
CVE-2024-5087,1,1,8822edfeee9e85081daf477a7e8db96f54ff46460ef0f227e4a6bc796b0ad3cd,2024-06-08T06:15:09.883000
|
||||
CVE-2024-5087,0,0,8822edfeee9e85081daf477a7e8db96f54ff46460ef0f227e4a6bc796b0ad3cd,2024-06-08T06:15:09.883000
|
||||
CVE-2024-5088,0,0,670ed03c49211ecb2fb7d707640c3762718821887df98f6c48b414573abc37eb,2024-05-20T13:00:34.807000
|
||||
CVE-2024-5089,0,0,1b747912b9ca78f56cee36088b5d02d248b45a5a454d24110a362b62386eddf1,2024-06-06T09:15:14.897000
|
||||
CVE-2024-5091,1,1,3cb2c8d2aaf8e9bdd9a04f261ee4f81286f6997c08f9c10d407b389e3f509d63,2024-06-08T07:15:08.280000
|
||||
CVE-2024-5091,0,0,3cb2c8d2aaf8e9bdd9a04f261ee4f81286f6997c08f9c10d407b389e3f509d63,2024-06-08T07:15:08.280000
|
||||
CVE-2024-5092,0,0,42d960073f235db3a1d896466f3bea026be5b117dc5effbb8a82da60874fb373,2024-05-22T12:46:53.887000
|
||||
CVE-2024-5093,0,0,d2d6eaa6c80785824276c0a81dd265ac7bb3ca056730de7cd7f1d7d5170a9109,2024-06-04T19:20:58.343000
|
||||
CVE-2024-5094,0,0,7a79bbb94993c5d6d42caf9102d6d20e95bbb63461ef3c32deb62744d29b150a,2024-06-04T19:20:58.470000
|
||||
@ -253002,16 +253003,17 @@ CVE-2024-5599,0,0,f4a52e1bfb366a6202506629155ecd183236e8f05f71acf047338b6dce70d1
|
||||
CVE-2024-5607,0,0,9601597658129a089207c1a0e7e7267aceda952302ad39754d738e7307549543,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5609,0,0,f28c83e3e9d04345913d36de3bfdbd0d644d73b3d20045d9399b3368319c8d47,2024-06-06T19:16:09.920000
|
||||
CVE-2024-5612,0,0,24bfbb6efa391db3014703335fcf10e8f670f2b2b154031d8b7a312f92d36720,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5613,1,1,0d89c830f74da5e4556fd81db0683c4f1981721786d112d907fe6a72a0a645a6,2024-06-08T06:15:10.143000
|
||||
CVE-2024-5613,0,0,0d89c830f74da5e4556fd81db0683c4f1981721786d112d907fe6a72a0a645a6,2024-06-08T06:15:10.143000
|
||||
CVE-2024-5615,0,0,2b9f4fbf88dd4ea6ff55678ac9c0762fd6b29ae2ea4765ff6af29ac25e53e3d4,2024-06-06T14:17:35.017000
|
||||
CVE-2024-5629,0,0,2b19d175fd80b16aa424307957676ae3dd964a506cce5329fc9e2ea04d26ec96,2024-06-06T14:17:35.017000
|
||||
CVE-2024-5635,0,0,2f4fd95f40cb43c9475682f37f78b479557c0ba40bc4b87c84bd3a410bdbca2c,2024-06-05T12:53:50.240000
|
||||
CVE-2024-5636,0,0,91c7633063fc0e25ae4bc27fef13e1ae046fa9e0ed07eb7f70c8dff04b8a3d61,2024-06-07T17:15:52.007000
|
||||
CVE-2024-5637,0,0,ac3ce2f387cb57c22df0353acef752a2e3012aca45064cc36768fafeb33c665e,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5638,1,1,14725a3e450766c0d035ba6630a270f991f80531954e6b03d07a9f1bd74d2538,2024-06-08T06:15:10.433000
|
||||
CVE-2024-5638,0,0,14725a3e450766c0d035ba6630a270f991f80531954e6b03d07a9f1bd74d2538,2024-06-08T06:15:10.433000
|
||||
CVE-2024-5640,0,0,86163b3d741cee0a4e50ef8553f0c82f1f0c15bd48d022d2d250ef0f55c23f10,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5645,0,0,c14f368d8ed33123f2e6f42b798410915cfa25d6cf41b8a76db4e578eb499f6a,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5653,0,0,283076b6ccce08ae3d1ddf9d7f5983a839d66c80929543a8a527d0bfdf86a2f9,2024-06-06T14:17:35.017000
|
||||
CVE-2024-5654,1,1,1c5c8c767c1eccff3792ccaf6f0dd4c83f865591f1ab548f604635848d844b06,2024-06-08T09:15:09.420000
|
||||
CVE-2024-5656,0,0,adabf37f78545832b9e31783c044d8f042bfbaaca432946aa95ed82eb518777b,2024-06-06T14:17:35.017000
|
||||
CVE-2024-5657,0,0,b9899ab9d953b5e4a78b96db0691f3e8b536e92241286e49b6931592afb0dbef,2024-06-06T14:17:35.017000
|
||||
CVE-2024-5658,0,0,f9a4660898e79de730b34f0f4bc7034aff51985f481860d10ff11713ac36cafd,2024-06-06T14:17:35.017000
|
||||
@ -253024,6 +253026,6 @@ CVE-2024-5732,0,0,164b158659f154321408f970302d5931abbeea5b0cb278b288a24fa0afd832
|
||||
CVE-2024-5733,0,0,912af201a333601d8ad85caf06bb206334f6fa2fa638d7d63d5571cfacf454d4,2024-06-07T14:56:05.647000
|
||||
CVE-2024-5734,0,0,6c2e32afe9f36cd041d920f75c3584a92a72063480e933c9394a66845b572658,2024-06-07T17:15:52.140000
|
||||
CVE-2024-5745,0,0,8788b99580d43fd9eb900afb700ee157c954d289b603d58451eabd57873852f0,2024-06-08T04:15:10.027000
|
||||
CVE-2024-5758,1,1,256bdf36325369b4c0dc6f8fe6e02f8840c37558f437c19f80b9b4e84e6dc39b,2024-06-08T07:15:08.630000
|
||||
CVE-2024-5758,0,0,256bdf36325369b4c0dc6f8fe6e02f8840c37558f437c19f80b9b4e84e6dc39b,2024-06-08T07:15:08.630000
|
||||
CVE-2024-5761,0,0,e0022a8d80317cd3941058bae14b514f68707790a5051038049a1d552ba8de69,2024-06-07T19:15:24.467000
|
||||
CVE-2024-5770,0,0,fe310be1d952d0455f64ae72c485c582bcaeef4aad88d85c194ca59111d07deb,2024-06-08T05:15:40.320000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user