admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-04-09T20:00:38.123132+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-04-09 20:03:28 +00:00
parent e2738ddd14
commit 618c8552f8
164 changed files with 8134 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
CVE-2022/CVE-2022-49xx/CVE-2022-4965.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2022-4965",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:11.913",
"lastModified": "2024-04-09T19:15:11.913",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Invitation Code Content Restriction Plugin from CreativeMinds plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018target_id\u2019 parameter in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://www.cminds.com/changelog/?id=255",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3d0f705-2458-4cc6-8730-997314084f24?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2023/CVE-2023-64xx/CVE-2023-6486.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6486",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:12.203",
"lastModified": "2024-04-09T19:15:12.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Spectra \u2013 WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS metabox in all versions up to and including 2.10.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://advisory.abay.sh/cve-2023-6486",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3042670%40ultimate-addons-for-gutenberg%2Ftrunk&old=3037142%40ultimate-addons-for-gutenberg%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4933a30-974f-487d-9444-b0ea1283a09c?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://youtu.be/t5K745dBsT0",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-66xx/CVE-2023-6694.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6694",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:12.390",
"lastModified": "2024-04-09T19:15:12.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Themer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplied custom fields. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b8428a92-8b0a-4a9a-8f7e-571c252973c2?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://www.wpbeaverbuilder.com/change-logs/",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-66xx/CVE-2023-6695.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6695",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:12.563",
"lastModified": "2024-04-09T19:15:12.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Themer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the 'wpbb' shortcode. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data including arbitrary user_meta values."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4165cff7-457d-4790-8678-84c4365a191a?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://www.wpbeaverbuilder.com/change-logs/",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-67xx/CVE-2023-6777.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6777",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:12.743",
"lastModified": "2024-04-09T19:15:12.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 9.0.34 due to the plugin adding the API key to several plugin files. This makes it possible for unauthenticated attackers to obtain the developer's Google API key. While this does not affect the security of sites using this plugin, it allows unauthenticated attackers to make requests using this API key with the potential of exhausting requests resulting in an inability to use the map functionality offered by the plugin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3058300%40wp-google-maps&new=3058300%40wp-google-maps&sfp_email=&sfph_mail=#file673",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/509cccbd-3aa0-45f1-84a0-387d678ebf65?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-67xx/CVE-2023-6799.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6799",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:12.920",
"lastModified": "2024-04-09T19:15:12.920",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Reset \u2013 Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.99 via the use of insufficiently random snapshot names. This makes it possible for unauthenticated attackers to extract sensitive data including site backups by brute-forcing the snapshot filenames."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/wp-reset/tags/1.99&old=3059287&new_path=/wp-reset/tags/2.0&new=3059287&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68f41e88-ed36-4361-bddd-41495a540cd9?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-69xx/CVE-2023-6964.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6964",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:13.090",
"lastModified": "2024-04-09T19:15:13.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.26 via the 'kadence_import_get_new_connection_data' AJAX action. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3019592%40kadence-blocks&old=2996625%40kadence-blocks&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b01ad77f-2349-48bb-b4e9-f7cbce435de9?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2023/CVE-2023-69xx/CVE-2023-6965.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-6965",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:13.273",
"lastModified": "2024-04-09T19:15:13.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Pods \u2013 Custom Content Types and Fields plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2). This is due to the fact that the plugin allows the use of a file inclusion feature via shortcode. This makes it possible for authenticated attackers, with contributor access or higher, to create pods and users (with default role)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/pods/trunk/classes/PodsView.php#L750",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3039486%40pods%2Ftrunk&old=3039467%40pods%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c5d330cd-ad1f-451e-bf41-39cfeb296cf0?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2023/CVE-2023-69xx/CVE-2023-6967.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-6967",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:13.457",
"lastModified": "2024-04-09T19:15:13.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Pods \u2013 Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor level access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/pods/trunk/classes/PodsView.php#L750",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3039486%40pods%2Ftrunk&old=3039467%40pods%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1aa7d0c2-27ec-47ad-8baa-c281c273078e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-69xx/CVE-2023-6993.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6993",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:13.633",
"lastModified": "2024-04-09T19:15:13.633",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Custom post types, Custom Fields & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and custom post meta in all versions up to, and including, 5.0.4 due to insufficient input sanitization and output escaping on user supplied post meta values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3063871%40custom-post-types&new=3063871%40custom-post-types&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2b1449a9-6c89-4dec-8107-86cf8a295025?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2023/CVE-2023-69xx/CVE-2023-6999.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-6999",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:13.820",
"lastModified": "2024-04-09T19:15:13.820",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Pods \u2013 Custom Content Types and Fields plugin for WordPress is vulnerable to Remote Code Exxecution via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2). This makes it possible for authenticated attackers, with contributor level access or higher, to execute code on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/pods/trunk/classes/PodsView.php#L750",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3039486%40pods%2Ftrunk&old=3039467%40pods%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9108d5f-7b8b-478d-ba9d-f895bdb7dbf2?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-70xx/CVE-2023-7046.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-7046",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:13.993",
"lastModified": "2024-04-09T19:15:13.993",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Encryption \u2013 One Click Free SSL Certificate & SSL / HTTPS Redirect to Force HTTPS, SSL Score plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.0 via exposed Private key files. This makes it possible for unauthenticated attackers to extract sensitive data including TLS Certificate Private Keys"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3066915%40wp-letsencrypt-ssl&new=3066915%40wp-letsencrypt-ssl&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ab99751-24b7-41db-8a27-d86eda3eeee5?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-03xx/CVE-2024-0376.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0376",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:14.170",
"lastModified": "2024-04-09T19:15:14.170",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Wrapper Link Widget in all versions up to, and including, 4.10.16 due to insufficient input sanitization and output escaping on user supplied URLs. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3022824/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f9eb9cb-ead9-4ddf-b40b-a0ce2f4910f6?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-05xx/CVE-2024-0588.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0588",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:14.363",
"lastModified": "2024-04-09T19:15:14.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Paid Memberships Pro \u2013 Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmpro_lifter_save_streamline_option() function. This makes it possible for unauthenticated attackers to enable the streamline setting with Lifter LMS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3058329/paid-memberships-pro/tags/3.0/includes/compatibility/lifterlms.php?old=2952976&old_path=paid-memberships-pro/trunk/includes/compatibility/lifterlms.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6fd87d34-2e7f-4c75-8816-b39820309077?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-05xx/CVE-2024-0598.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0598",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:14.537",
"lastModified": "2024-04-09T19:15:14.537",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message settings in all versions up to and including 3.2.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This primarily affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://advisory.abay.sh/cve-2024-0598",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3023068%40kadence-blocks&new=3023068%40kadence-blocks&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/989bd778-c7b2-41c5-ac4a-2f1a4e594f0d?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-06xx/CVE-2024-0626.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0626",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:14.723",
"lastModified": "2024-04-09T19:15:14.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callback_handler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-06xx/CVE-2024-0662.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0662",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:14.957",
"lastModified": "2024-04-09T19:15:14.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FancyBox for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions 3.0.2 to 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3058912%40fancybox-for-wordpress&new=3058912%40fancybox-for-wordpress&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/55f8d7e6-7bcd-4556-932b-7bf422db0b39?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-08xx/CVE-2024-0826.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0826",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:15.130",
"lastModified": "2024-04-09T19:15:15.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/qi-addons-for-elementor/trunk/inc/shortcodes/info-button/class-qiaddonsforelementor-info-button-shortcode.php#L695",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3044865%40qi-addons-for-elementor%2Ftrunk&old=3025062%40qi-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=#file39",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40a883e8-7ce0-4fca-a585-428b67144694?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0872.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0872",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:15.307",
"lastModified": "2024-04-09T19:15:15.307",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive user meta data which can include session tokens and user emails."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3036986/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/acc261eb-fafa-4e9d-b7ab-a449f14a7638?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0873.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0873",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:15.480",
"lastModified": "2024-04-09T19:15:15.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'watu-basic-chart' shortcode in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3036986/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c31732fa-eb35-4932-bee6-08955a14b010?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0899.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0899",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:15.647",
"lastModified": "2024-04-09T19:15:15.647",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The s2Member \u2013 Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 230815 via the API. This makes it possible for unauthenticated attackers to see the contents of those posts and pages."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3051411%40s2member%2Ftrunk&old=3037346%40s2member%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80bfb470-a3df-497f-940d-051ccaa6215b?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-09xx/CVE-2024-0952.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0952",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:15.823",
"lastModified": "2024-04-09T19:15:15.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in all versions up to, and including, 1.12.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with accounting manager or admin privileges or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3060269/erp/tags/1.13.0/modules/accounting/includes/functions/people.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3ba06f9-de51-49ea-87c1-4583e939314b?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-12xx/CVE-2024-1289.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1289",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:15.990",
"lastModified": "2024-04-09T19:15:15.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.6.3 due to missing validation on a user controlled key when looking up order information. This makes it possible for authenticated attackers to obtain information on orders placed by other users and guests, which can be leveraged to sign up for paid courses that were purchased by guests. Emails of other users are also exposed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3042945%40learnpress%2Ftags%2F4.2.6.3&new=3061851%40learnpress%2Ftags%2F4.2.6.4",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c410d91-08cc-496d-9c8e-c57f107399da?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1308.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1308",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:16.163",
"lastModified": "2024-04-09T19:15:16.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Cloak Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'permalink_settings_save' function in all versions up to, and including, 1.0.33. This makes it possible for unauthenticated attackers to modify the affiliate permalink base, driving traffic to malicious sites via the plugin's affiliate links."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-cloak-affiliate-links/tags/1.0.33/woocommerce-cloak-affiliate-links.php#L396",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/woocommerce-cloak-affiliate-links/tags/1.0.33&old=3055367&new_path=/woocommerce-cloak-affiliate-links/tags/1.0.34&new=3055367&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3c731e39-998e-44d2-8cf9-4d9c39731c5d?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1315.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1315",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:16.340",
"lastModified": "2024-04-09T19:15:16.340",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing or incorrect nonce validation on the 'rtcl_update_user_account' function. This makes it possible for unauthenticated attackers to change the administrator user's password and email address via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This locks the administrator out of the site and prevents them from resetting their password, while granting the attacker access to their account."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.0.1/app/Controllers/Ajax/PublicUser.php#L445",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.0.5/app/Controllers/Ajax/PublicUser.php#L445",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5439651e-5557-4b13-813a-4fc0ad876104?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1352.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1352",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:16.517",
"lastModified": "2024-04-09T19:15:16.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on the rtcl_import_location() rtcl_import_category() functions in all versions up to, and including, 3.0.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to create terms."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/classified-listing/trunk/app/Controllers/Ajax/Import.php?rev=2824166",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/classified-listing/trunk/app/Controllers/Ajax/Import.php?rev=3061893",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f5da4cdd-15c7-41a6-be2f-e31bd407ae05?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1387.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1387",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:16.683",
"lastModified": "2024-04-09T19:15:16.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to insufficient authorization on the duplicate_thing() function in all versions up to, and including, 3.10.4. This makes it possible for attackers, with contributor-level access and above, to clone arbitrary posts (including private and password protected ones) which may lead to information exposure."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/trunk/classes/clone-handler.php#L58",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3064385/happy-elementor-addons/trunk/classes/clone-handler.php?contextall=1&old=3044937&old_path=%2Fhappy-elementor-addons%2Ftrunk%2Fclasses%2Fclone-handler.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aff10d5a-a2d0-461a-b52b-a25b647eaab4?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1412.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1412",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:16.860",
"lastModified": "2024-04-09T19:15:16.860",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018message\u2019 and 'error' parameters in all versions up to, and including, 1.11.26 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Note - the issue was partially patched in 1.11.25, but could still potentially be exploited under some circumstances."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://memberpress.com/change-log/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/882631ab-ef16-4158-adbc-60ad177ae6b8?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1424.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1424",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:17.040",
"lastModified": "2024-04-09T19:15:17.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The GiveWP \u2013 Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3050712%40give%2Ftrunk&old=3046618%40give%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1710f84-e3c1-4fbc-841e-c7c9ccf3a2e5?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1458.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1458",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:17.203",
"lastModified": "2024-04-09T19:15:17.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018text_alignment\u2019 attribute of the Animated Text widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3048237/addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e28b78c3-c370-4076-836e-9f61acba064c?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1461.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1461",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:17.377",
"lastModified": "2024-04-09T19:15:17.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018style\u2019 attribute of the Team Members widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3048237/addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9d37248-d024-4465-a1e6-d8f2d3a2e02f?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1463.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1463",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:17.540",
"lastModified": "2024-04-09T19:15:17.540",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Course, Lesson, and Quiz title and content in all versions up to, and including, 4.2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with LP Instructor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3042945%40learnpress%2Ftags%2F4.2.6.3&new=3061851%40learnpress%2Ftags%2F4.2.6.4",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abb4b617-884b-4e72-812f-5f23a0976ab6?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1464.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1464",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:17.703",
"lastModified": "2024-04-09T19:15:17.703",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018style\u2019 attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3048237/addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ce6e40e-b090-447a-9bf9-6337d30e7da3?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1465.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1465",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:17.890",
"lastModified": "2024-04-09T19:15:17.890",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018carousel_skin\u2019 attribute of the Posts Carousel widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3048237/addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96bdd465-e4ca-4a32-b38a-a2a51598a3a9?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1466.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1466",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:18.073",
"lastModified": "2024-04-09T19:15:18.073",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018slider_style\u2019 attribute of the Posts Multislider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-27986 may be a duplicate of this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3048237/addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/604975b9-fe2f-4d8f-af13-995f08d72e8f?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-14xx/CVE-2024-1498.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1498",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:18.247",
"lastModified": "2024-04-09T19:15:18.247",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Photo Stack Widget in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/tags/3.10.2/widgets/photo-stack/widget.php#L598",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3044937%40happy-elementor-addons%2Ftrunk&old=3042474%40happy-elementor-addons%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f43e1eed-09f8-44b3-b6fa-d0344f331dd7?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-15xx/CVE-2024-1571.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1571",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:18.417",
"lastModified": "2024-04-09T19:15:18.417",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video Embed parameter in all versions up to, and including, 9.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with access to the recipe dashboard (which is administrator-only by default but can be assigned to arbitrary capabilities), to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3046892/wp-recipe-maker/trunk/includes/public/class-wprm-recipe-sanitizer.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c098b35-606e-4dde-8683-4c90f518ddb5?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-15xx/CVE-2024-1587.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1587",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:18.580",
"lastModified": "2024-04-09T19:15:18.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post content."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://themes.trac.wordpress.org/browser/newsmatic/1.3.0/inc/template-functions.php#L634",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd2ea430-48ce-43c3-ba3d-8ef5f91460ce?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-16xx/CVE-2024-1637.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1637",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:18.740",
"lastModified": "2024-04-09T19:15:18.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The 360 Javascript Viewer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and nonce exposure on several AJAX actions in all versions up to, and including, 1.7.12. This makes it possible for authenticated attackers, with subscriber access or higher, to update plugin settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/360deg-javascript-viewer/trunk/admin/pages/class-jsv-360-admin_page_abstract.php#L42",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3047449/360deg-javascript-viewer/trunk/admin/pages/class-jsv-360-admin_page_abstract.php?contextall=1&old=3015478&old_path=%2F360deg-javascript-viewer%2Ftrunk%2Fadmin%2Fpages%2Fclass-jsv-360-admin_page_abstract.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1ba33c84-5198-4c77-8995-d0a315d68990?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-16xx/CVE-2024-1641.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1641",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:18.917",
"lastModified": "2024-04-09T19:15:18.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Accordion plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'accordions_duplicate_post_as_draft' function in all versions up to, and including, 2.2.96. This makes it possible for authenticated attackers, with contributor access and above, to duplicate arbitrary posts, allowing access to the contents of password-protected posts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/accordions/tags/2.2.96/includes/duplicate-post.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/accordions/tags/2.2.96&old=3050599&new_path=/accordions/tags/2.2.97&new=3050599&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e7e7c70-4d07-4550-9cf8-5135b87b67ca?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-17xx/CVE-2024-1774.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1774",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:19.087",
"lastModified": "2024-04-09T19:15:19.087",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Customily Product Personalizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via user cookies in all versions up to, and including, 1.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. We unfortunately could not get in touch with the vendor through various means to disclose this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://www.customily.com/woocommerce",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f8aa38b-85c5-45a7-b5cd-9ecd43a3c340?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-17xx/CVE-2024-1790.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1790",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:19.267",
"lastModified": "2024-04-09T19:15:19.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WordPress Infinite Scroll \u2013 Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. This is limited to Windows instances."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ajax-load-more/trunk/admin/functions/layouts.php#L14",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/admin/functions/layouts.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3056137/ajax-load-more/tags/7.1.0/core/functions.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86090ab4-9f1d-4a92-a302-118524a5ffaa?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-17xx/CVE-2024-1792.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1792",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:19.457",
"lastModified": "2024-04-09T19:15:19.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.10.1 via deserialization of untrusted input from the text_datetime_timestamp_timezone field. This makes it possible for authenticated attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. Please note that the plugin is a developer toolkit. For the vulnerability to become exploitable, the presence of a metabox activation in your code (via functions.php for example) is required."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3062907/cmb2/trunk?contextall=1&old=2683046&old_path=%2Fcmb2%2Ftrunk",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3f37ef5-ddf5-4bd5-b6aa-121dda22fb01?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-17xx/CVE-2024-1794.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1794",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:19.623",
"lastModified": "2024-04-09T19:15:19.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Forminator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. 3gpp file) in all versions up to, and including, 1.29.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3047085%40forminator&old=3028842%40forminator&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23feb72c-7e6f-436b-b56e-dc6185302d31?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-18xx/CVE-2024-1812.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1812",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:19.783",
"lastModified": "2024-04-09T19:15:19.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Everest Forms plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.7 via the 'font_url' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3049743/everest-forms",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4561441-d147-4c02-a837-c1656e17627d?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-18xx/CVE-2024-1813.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1813",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:19.973",
"lastModified": "2024-04-09T19:15:19.973",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.11.0 via deserialization of untrusted input in the job_board_applicant_list_columns_value function. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code when a submitted job application is viewed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3051715%40simple-job-board&old=3038476%40simple-job-board&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89584034-4a93-42a6-8fef-55dc3895c45c?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-18xx/CVE-2024-1850.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1850",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:20.153",
"lastModified": "2024-04-09T19:15:20.153",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized access, modification or deletion of posts due to a missing capability check on functions hooked by AJAX actions in all versions up to, and including, 3.3. This makes it possible for authenticated attackers, with subscriber access or higher, to view all posts generated with this plugin (even in non-published status), create new posts (and publish them), publish unpublished post or perform post deletions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3056020%40ai-post-generator&new=3056020%40ai-post-generator&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3057511%40ai-post-generator&new=3057511%40ai-post-generator&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43fc47ca-15ca-4817-b1b8-389245725e73?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-18xx/CVE-2024-1852.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1852",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:20.323",
"lastModified": "2024-04-09T19:15:20.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page which is the edit users page. This vulnerability was partially patched in version 3.4.9.2, and was fully patched in 3.4.9.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-members/trunk/includes/class-wp-members-user-profile.php#L566",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-members/trunk/includes/class-wp-members-user.php#L524",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-members/trunk/includes/vendor/rocketgeek-utilities/includes/utilities.php#L168",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/033069d2-8e0f-4c67-b18c-fdd471d85f87?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-18xx/CVE-2024-1893.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1893",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:20.503",
"lastModified": "2024-04-09T19:15:20.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018property_status\u2019 shortcode attribute in all versions up to, and including, 3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/easy-property-listings/tags/3.5.2/lib/includes/functions.php#L1846",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/easy-property-listings/tags/3.5.2&old=3056209&new_path=/easy-property-listings/tags/3.5.3&new=3056209&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a7ac96db-2d9a-4eaf-8916-a02e3e64ca4a?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-19xx/CVE-2024-1904.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1904",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:20.680",
"lastModified": "2024-04-09T19:15:20.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The MasterStudy LMS plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the search_posts function in all versions up to, and including, 3.2.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to expose draft post titles and excerpts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3050967/masterstudy-lms-learning-management-system",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1be686d3-16b1-4ec7-b304-848ca4d7162c?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-19xx/CVE-2024-1934.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1934",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:20.840",
"lastModified": "2024-04-09T19:15:20.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Compress \u2013 Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wps_local_compress::__construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset the CDN region and set a malicious URL to deliver images."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-compress-image-optimizer/tags/6.10.35/addons/legacy/compress.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3054445@wp-compress-image-optimizer/trunk&old=3048575@wp-compress-image-optimizer/trunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88a46a24-6d46-44cc-ac01-70a1c329cb51?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-19xx/CVE-2024-1948.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1948",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.013",
"lastModified": "2024-04-09T19:15:21.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block content in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3055393#file4",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cbe4748-6e87-4332-b84f-615aec67bcec?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-19xx/CVE-2024-1960.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1960",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.177",
"lastModified": "2024-04-09T19:15:21.177",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +12 Modules \u2013 All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/trunk/includes/addons/special_day_offer.php#L784",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/woolentor-addons/trunk/includes/addons/special_day_offer.php#L805",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3044764/woolentor-addons/tags/2.8.2/includes/addons/special_day_offer.php?old=2704778&old_path=woolentor-addons/trunk/includes/addons/special_day_offer.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/32b70801-d80f-40dc-8321-e12ac0b8c695?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-19xx/CVE-2024-1974.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1974",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.343",
"lastModified": "2024-04-09T19:15:21.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ht-mega-for-elementor/trunk/includes/widgets/htmega_weather.php#L401",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3048999/ht-mega-for-elementor/tags/2.4.7/includes/widgets/htmega_weather.php?old=2939273&old_path=ht-mega-for-elementor/trunk/includes/widgets/htmega_weather.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/11b5f0a1-bf22-46be-a165-c62f1077da0f?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-19xx/CVE-2024-1984.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1984",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.513",
"lastModified": "2024-04-09T19:15:21.513",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=221417%40graphene%2F2.9.3&old=164915%40graphene%2F2.9",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e2f19051-fe80-469c-a514-ec3a848a4015?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-19xx/CVE-2024-1990.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1990",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.703",
"lastModified": "2024-04-09T19:15:21.703",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The RegistrationMagic \u2013 Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the \u2018id\u2019 parameter of the RM_Form shortcode in all versions up to, and including, 5.3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3049490/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3057216/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6478cdbc-a20e-4fe2-bbd6-8a550e5da895?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-19xx/CVE-2024-1991.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1991",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:21.883",
"lastModified": "2024-04-09T19:15:21.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The RegistrationMagic \u2013 Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the update_users_role() function in all versions up to, and including, 5.3.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/trunk//services/class_rm_user_services.php#L1205",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3049490/custom-registration-form-builder-with-submission-manager#file24",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/766e3966-157a-4db3-9179-813032343f76?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-19xx/CVE-2024-1999.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1999",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:22.043",
"lastModified": "2024-04-09T19:15:22.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget's anchor style parameter in all versions up to, and including, 3.2.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.2.25/includes/blocks/class-kadence-blocks-testimonial-block.php#L88",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3047463%40kadence-blocks%2Ftrunk&old=3042198%40kadence-blocks%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5fd4dbe-6f44-45ef-9d49-4bc624fdcc57?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-20xx/CVE-2024-2018.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2018",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:24.447",
"lastModified": "2024-04-09T19:15:24.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry->roles parameter in all versions up to, and including, 4.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. One demonstrated attack included the injection of a PHP Object."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://melapress.com/support/kb/wp-activity-log-plugin-changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f060ea1-01e2-4e5b-82ba-b5cdd0d8290a?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-20xx/CVE-2024-2026.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2026",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:24.617",
"lastModified": "2024-04-09T19:15:24.617",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/content-protector/trunk/inc/class-ps-public.php#L48",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/880f1f3f-857c-46da-a65c-082348260f89?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-20xx/CVE-2024-2027.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2027",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:25.887",
"lastModified": "2024-04-09T19:15:25.887",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its style attributes in all versions up to, and including, 4.22.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3050229%40real-media-library-lite%2Ftrunk&old=3041112%40real-media-library-lite%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/67a44d4c-da3f-4c3d-997b-1417c6906a9c?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-20xx/CVE-2024-2033.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2033",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:26.267",
"lastModified": "2024-04-09T19:15:26.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.5 via the get_assign_host_id AJAX action. This makes it possible for authenticated attackers, with subscriber access or higher, to enumerate usernames, emails and IDs of all users on a site."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3054964/video-conferencing-with-zoom-api/trunk?contextall=1&old=3048839&old_path=%2Fvideo-conferencing-with-zoom-api%2Ftrunk",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0966057b-8a3c-4d3c-84cb-cf36f1d97922?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-20xx/CVE-2024-2039.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2039",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:26.720",
"lastModified": "2024-04-09T19:15:26.720",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Stackable \u2013 Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post(v2) block title tag in all versions up to, and including, 3.12.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3058710/stackable-ultimate-gutenberg-blocks/tags/3.12.12/src/deprecated/v2/block/blog-posts/index.php?old=3037996&old_path=stackable-ultimate-gutenberg-blocks/tags/3.12.11/src/deprecated/v2/block/blog-posts/index.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/daa30b1b-cb8f-43fd-8329-c64b4024408f?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-20xx/CVE-2024-2081.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2081",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:26.960",
"lastModified": "2024-04-09T19:15:26.960",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Best WordPress Gallery Plugin \u2013 FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the foogallery_attachment_modal_save action in all versions up to, and including, 2.4.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://github.com/fooplugins/foogallery",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3057349%40foogallery&old=3039397%40foogallery&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e2edeb63-56ad-45e7-9e85-cdf0a8ef41e7?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-20xx/CVE-2024-2093.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2093",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:27.650",
"lastModified": "2024-04-09T19:15:27.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The VK All in One Expansion Unit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.95.0.1 via social meta tags. This makes it possible for unauthenticated attackers to view limited password protected content."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://github.com/vektor-inc/vk-all-in-one-expansion-unit/pull/1072",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050823%40vk-all-in-one-expansion-unit&new=3050823%40vk-all-in-one-expansion-unit&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ea2b5dca-42a5-49d4-800d-b268572968a9?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2112.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2112",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:28.017",
"lastModified": "2024-04-09T19:15:28.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web \u2013 Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.15.22 via the signature functionality. This makes it possible for unauthenticated attackers to extract sensitive data including user signatures."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/form-maker/tags/1.15.22&old=3057012&new_path=/form-maker/tags/1.15.23&new=3057012&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5652f9c3-3cc9-4541-8209-40117b4d25d9?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2117.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2117",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:28.177",
"lastModified": "2024-04-09T19:15:28.177",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Website Builder \u2013 More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Path Widget in all versions up to, and including, 3.20.2 due to insufficient output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3058940%40elementor&new=3058940%40elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8d7448a-b8a6-4b0b-92df-a15272fc56bf?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2125.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2125",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:28.390",
"lastModified": "2024-04-09T19:15:28.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Env\u00edaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on the gallery_add function. This makes it possible for unauthenticated attackers to upload malicious files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/envialosimple-email-marketing-y-newsletters-gratis/trunk/api/gallery.php#L29",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2b39abc8-9281-4d58-a9ec-877c5bae805a?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2138.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2138",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:28.597",
"lastModified": "2024-04-09T19:15:28.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Animated Box widget in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3050010/jetwidgets-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f807b605-68a8-4340-a275-776eac0936fa?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2165.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2165",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:28.763",
"lastModified": "2024-04-09T19:15:28.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The SEOPress \u2013 On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt parameter in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3056025%40wp-seopress%2Ftrunk&old=3047913%40wp-seopress%2Ftrunk&sfp_email=&sfph_mail=#file14",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/46e66230-06d6-452e-a7aa-862b2bb8c27d?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2181.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2181",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:28.957",
"lastModified": "2024-04-09T19:15:28.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3046905/wpzoom-addons-for-beaver-builder",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6baa44c7-1c13-45ad-9fb5-da06933f3cd0?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2183.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2183",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:29.127",
"lastModified": "2024-04-09T19:15:29.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-30424 is likely a duplicate of this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3046905/wpzoom-addons-for-beaver-builder",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/781987af-3753-46ec-9d56-fb8b6ef42277?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2185.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2185",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:29.297",
"lastModified": "2024-04-09T19:15:29.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3046905/wpzoom-addons-for-beaver-builder",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/03564cae-df90-454b-8379-6ad9f22b7389?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2186.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2186",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:29.457",
"lastModified": "2024-04-09T19:15:29.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Members widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3046905/wpzoom-addons-for-beaver-builder",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/746385e0-6bb9-47f2-a3e7-72f8e28be731?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2187.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2187",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:29.627",
"lastModified": "2024-04-09T19:15:29.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3046905/wpzoom-addons-for-beaver-builder",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/02fceb91-7691-4629-b18b-57959e9f3f62?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-21xx/CVE-2024-2198.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2198",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:29.797",
"lastModified": "2024-04-09T19:15:29.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018cntctfrm_contact_address\u2019 parameter in all versions up to, and including, 4.2.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3047840/contact-form-plugin",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5eb66ca3-768e-4d8c-a0fa-74e78250aee3?source=cve",
"source": "security@wordfence.com"
}
]
}

75
CVE-2024/CVE-2024-224xx/CVE-2024-22423.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2024-22423",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-04-09T18:15:08.150",
"lastModified": "2024-04-09T18:15:08.150",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using `--exec` with `%q` by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in `--exec`, along with this vulnerable behavior, was added to `yt-dlp` in version 2021.04.11. yt-dlp version 2024.04.09 fixes this issue by properly escaping `%`. It replaces them with `%%cd:~,%`, a variable that expands to nothing, leaving only the leading percent. It is recommended to upgrade yt-dlp to version 2024.04.09 as soon as possible. Also, always be careful when using `--exec`, because while this specific vulnerability has been patched, using unvalidated input in shell commands is inherently dangerous. For Windows users who are not able to upgrade, avoid using any output template expansion in `--exec` other than `{}` (filepath); if expansion in `--exec` is needed, verify the fields you are using do not contain `\"`, `|` or `&`; and/or instead of using `--exec`, write the info json and load the fields from it instead."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://github.com/yt-dlp/yt-dlp/commit/de015e930747165dbb8fcd360f8775fd973b7d6e",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/yt-dlp/yt-dlp/commit/ff07792676f404ffff6ee61b5638c9dc1a33a37a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2021.04.11",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2024.04.09",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-42h4-v29r-42qg",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-hjq6-52gw-2g7p",
"source": "security-advisories@github.com"
}
]
}

47
CVE-2024/CVE-2024-22xx/CVE-2024-2200.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2200",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:29.960",
"lastModified": "2024-04-09T19:15:29.960",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018cntctfrm_contact_subject\u2019 parameter in all versions up to, and including, 4.2.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3047840/contact-form-plugin",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28524702-3428-4fca-afe8-71b3f2dd983d?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-22xx/CVE-2024-2222.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-2222",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:30.153",
"lastModified": "2024-04-09T19:15:30.153",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajax_callback_delete_attachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber access or higher, to delete arbitrary media uploads."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-classifieds-and-directory-pro/trunk/admin/admin.php#L757",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/advanced-classifieds-and-directory-pro/trunk/public/user.php#L689",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3054455%40advanced-classifieds-and-directory-pro%2Ftrunk&old=3012747%40advanced-classifieds-and-directory-pro%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc5da189-838d-4c0b-a734-283c4da36473?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-22xx/CVE-2024-2226.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2226",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:30.320",
"lastModified": "2024-04-09T19:15:30.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access and higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3050429/otter-blocks",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/217d3148-d411-4fff-a4f6-d5d02ef207af?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-22xx/CVE-2024-2261.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2261",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:30.483",
"lastModified": "2024-04-09T19:15:30.483",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data including emails and street addresses."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/event-tickets/tags/5.8.2&old=3059268&new_path=/event-tickets/tags/5.8.3&new=3059268&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2e42dd1c-adf7-471a-a14a-9038c56413a2?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-22xx/CVE-2024-2287.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2287",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:30.643",
"lastModified": "2024-04-09T19:15:30.643",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.9.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/knight-lab-timelinejs/tags/3.9.3.3&old=3051910&new_path=/knight-lab-timelinejs/tags/3.9.3.4&new=3051910&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/afb3e68e-6f79-4c46-b41e-8fd6eb43c755?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-22xx/CVE-2024-2289.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2289",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:30.813",
"lastModified": "2024-04-09T19:15:30.813",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link in multiple elements in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3051551/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a22c7b45-752c-482d-8812-888d5bc3d630?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-23xx/CVE-2024-2302.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2302",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:30.990",
"lastModified": "2024-04-09T19:15:30.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Easy Digital Downloads \u2013 Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.9. This makes it possible for unauthenticated attackers to download the debug log via Directory Listing. This file may include PII."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/easy-digital-downloads/trunk/includes/class-edd-logging.php#L621",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060808%40easy-digital-downloads%2Ftrunk&old=3042139%40easy-digital-downloads%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0837ba20-4b47-4cc8-9eb3-322289513d79?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2305.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2305",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:31.153",
"lastModified": "2024-04-09T19:15:31.153",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BootstrapCard link in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/bb-bootstrap-cards/tags/1.1.2&old=3056277&new_path=/bb-bootstrap-cards/tags/1.1.3&new=3056277&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac0dfaac-cce6-45f7-ad5b-d7dcb66453bd?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2306.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2306",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:31.340",
"lastModified": "2024-04-09T19:15:31.340",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Revslider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg upload in all versions up to, and including, 6.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure revslider can be extended to authors."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://www.sliderrevolution.com/documentation/changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f6af1e90-9bad-470b-9e00-137000c0450c?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2024/CVE-2024-23xx/CVE-2024-2311.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-2311",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:31.517",
"lastModified": "2024-04-09T19:15:31.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Avada theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.11.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://gist.github.com/Xib3rR4dAr/8b0f2bf40092e00851fe2f57f15e947e",
"source": "security@wordfence.com"
},
{
"url": "https://gist.github.com/Xib3rR4dAr/af52a553c02936479461189d53c1d4fe",
"source": "security@wordfence.com"
},
{
"url": "https://gist.github.com/Xib3rR4dAr/d3c36f7befe7d380ed240d3cb141d64c",
"source": "security@wordfence.com"
},
{
"url": "https://gist.github.com/Xib3rR4dAr/ebb7e1dee2b073b8a478c2f663521b30",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff6ff104-44c8-49a9-bebd-abb82e8e1cd6?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2325.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2325",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:31.683",
"lastModified": "2024-04-09T19:15:31.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchll parameter in all versions up to, and including, 7.6.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3050134/link-library",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b93af9cc-cd9a-4bbb-8cb1-bf45c59e469c?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2327.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2327",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:31.847",
"lastModified": "2024-04-09T19:15:31.847",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Global Elementor Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link URL in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wordpress.org/plugins/global-elementor-buttons/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d84f9b06-9127-4526-8f17-21608ec2f601?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-23xx/CVE-2024-2334.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2334",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:32.017",
"lastModified": "2024-04-09T19:15:32.017",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Template Kit \u2013 Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the template upload functionality in all versions up to, and including, 1.0.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/template-kit-import/trunk/vendor/template-kit-import/inc/class-importer.php#L61",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3058805/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6203a15d-f90f-4147-8e43-afc424bbb750?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2335.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2335",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:32.190",
"lastModified": "2024-04-09T19:15:32.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elements Plus! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widget link URLs in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/elements-plus/tags/2.16.2&old=3051181&new_path=/elements-plus/tags/2.16.3&new=3051181&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9efb7dc8-d0a1-4707-a465-6a55b2d4a426?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2336.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2336",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:32.353",
"lastModified": "2024-04-09T19:15:32.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Popup Maker \u2013 Popup for opt-ins, lead gen, & more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3053244%40popup-maker%2Ftrunk&old=2989642%40popup-maker%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40e1215c-ac00-4fd6-b428-a57cef95aed1?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2340.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2340",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:32.520",
"lastModified": "2024-04-09T19:15:32.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with a file upload mechanism."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://avada.com/documentation/avada-changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8db8bbc3-43ca-4ef5-a44d-2987c8597961?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2341.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2341",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:32.687",
"lastModified": "2024-04-09T19:15:32.687",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the keys parameter in all versions up to, and including, 1.6.7.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3054815%40simply-schedule-appointments%2Ftrunk&old=3054636%40simply-schedule-appointments%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e4930b03-9142-464e-98ae-a910dfa46f2a?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2342.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2342",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:32.870",
"lastModified": "2024-04-09T19:15:32.870",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the customer_id parameter in all versions up to, and including, 1.6.7.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3054815%40simply-schedule-appointments%2Ftrunk&old=3054636%40simply-schedule-appointments%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0c0dd466-a78a-4b79-b9bd-5363f69d9a4c?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-23xx/CVE-2024-2343.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2343",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:33.033",
"lastModified": "2024-04-09T19:15:33.033",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the form_to_url_action function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://avada.com/documentation/avada-changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://gist.github.com/Xib3rR4dAr/55d41870c7ce0e95f454d00100bc10dc",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87ca07ac-6080-45d7-a8f5-74a918adec43?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-23xx/CVE-2024-2344.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2344",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:33.190",
"lastModified": "2024-04-09T19:15:33.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted attackers, with editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://avada.com/documentation/avada-changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://gist.github.com/Xib3rR4dAr/05a32f63d75082ab05de27e313e70fa3",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccf0d2ca-2891-45d1-8ea2-90dd435b359f?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-23xx/CVE-2024-2347.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-2347",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:33.353",
"lastModified": "2024-04-09T19:15:33.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Astra theme for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://themes.trac.wordpress.org/changeset/221725/astra",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed914e67-4cf7-49b1-96be-ed8c604e6dce?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-23xx/CVE-2024-2348.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-2348",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-04-09T19:15:33.523",
"lastModified": "2024-04-09T19:15:33.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Meta widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051383%40gum-elementor-addon&new=3051383%40gum-elementor-addon&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ade1eddf-cfcc-4956-8015-8d9a592cc252?source=cve",
"source": "security@wordfence.com"
}
]
}

20
CVE-2024/CVE-2024-242xx/CVE-2024-24245.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-24245",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-04-09T19:15:22.410",
"lastModified": "2024-04-09T19:15:22.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool component."
}
],
"metrics": {},
"references": [
{
"url": "https://www.clamxav.com/version-history/",
"source": "cve@mitre.org"
}
]
}

Some files were not shown because too many files have changed in this diff Show More