mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-21 17:41:05 +00:00
Auto-Update: 2025-05-03T10:00:19.651807+00:00
This commit is contained in:
cad-safe-bot
parent
b17f980f88
commit
62d04e3f1f
72
CVE-2025/CVE-2025-38xx/CVE-2025-3815.json
Normal file
72
CVE-2025/CVE-2025-38xx/CVE-2025-3815.json
Normal file
@ -0,0 +1,72 @@
|
||||
{
|
||||
"id": "CVE-2025-3815",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2025-05-03T08:15:31.040",
|
||||
"lastModified": "2025-05-03T08:15:31.040",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The SurveyJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018id\u2019 parameter in all versions up to, and including, 1.12.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
|
||||
"baseScore": 6.4,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE"
|
||||
},
|
||||
"exploitabilityScore": 3.1,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/surveyjs/surveyjs-wordpress",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/surveyjs/surveyjs-wordpress/commit/6c332319c82c32d7148f77ed7ee20a9c6a5dc179",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/surveyjs/trunk/initializer.php#L165",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://surveyjs.io/stay-updated/release-notes",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c4285590-9c2f-4189-8b47-09378d8a2432?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
20
README.md
20
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2025-05-03T04:00:20.050439+00:00
|
||||
2025-05-03T10:00:19.651807+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2025-05-03T03:15:29.217000+00:00
|
||||
2025-05-03T08:15:31.040000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,24 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
292438
|
||||
292439
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `11`
|
||||
Recently added CVEs: `1`
|
||||
|
||||
- [CVE-2024-13738](CVE-2024/CVE-2024-137xx/CVE-2024-13738.json) (`2025-05-03T03:15:20.013`)
|
||||
- [CVE-2025-3779](CVE-2025/CVE-2025-37xx/CVE-2025-3779.json) (`2025-05-03T03:15:27.890`)
|
||||
- [CVE-2025-3918](CVE-2025/CVE-2025-39xx/CVE-2025-3918.json) (`2025-05-03T03:15:28.040`)
|
||||
- [CVE-2025-4168](CVE-2025/CVE-2025-41xx/CVE-2025-4168.json) (`2025-05-03T03:15:28.350`)
|
||||
- [CVE-2025-4170](CVE-2025/CVE-2025-41xx/CVE-2025-4170.json) (`2025-05-03T03:15:28.493`)
|
||||
- [CVE-2025-4172](CVE-2025/CVE-2025-41xx/CVE-2025-4172.json) (`2025-05-03T03:15:28.640`)
|
||||
- [CVE-2025-4188](CVE-2025/CVE-2025-41xx/CVE-2025-4188.json) (`2025-05-03T03:15:28.780`)
|
||||
- [CVE-2025-4198](CVE-2025/CVE-2025-41xx/CVE-2025-4198.json) (`2025-05-03T03:15:28.923`)
|
||||
- [CVE-2025-4199](CVE-2025/CVE-2025-41xx/CVE-2025-4199.json) (`2025-05-03T03:15:29.070`)
|
||||
- [CVE-2025-4222](CVE-2025/CVE-2025-42xx/CVE-2025-4222.json) (`2025-05-03T03:15:29.217`)
|
||||
- [CVE-2025-47229](CVE-2025/CVE-2025-472xx/CVE-2025-47229.json) (`2025-05-03T03:15:28.183`)
|
||||
- [CVE-2025-3815](CVE-2025/CVE-2025-38xx/CVE-2025-3815.json) (`2025-05-03T08:15:31.040`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
23
_state.csv
23
_state.csv
@ -248593,7 +248593,7 @@ CVE-2024-13734,0,0,17fab3f74e78896a40ac1961915d61db429551aa26d55adeda206fce66c88
|
||||
CVE-2024-13735,0,0,3547c31c6d72f19019bc47ce66440b94aad2dbe68a07077b91d9f59acae687cd,2025-02-25T03:45:15.060000
|
||||
CVE-2024-13736,0,0,3362a69c50f09f93ac1b8892771db3d9d5410b27ce15edc8013225c7425828fe,2025-03-06T15:08:38
|
||||
CVE-2024-13737,0,0,953343507735f2a5266f50f28008c6074bad07e93db08099c699090aa4413224,2025-03-27T00:56:46.017000
|
||||
CVE-2024-13738,1,1,a9e24d0a7b09335d3f2efc7682439cde05c7099262708fe5a19b59ede6d5e30b,2025-05-03T03:15:20.013000
|
||||
CVE-2024-13738,0,0,a9e24d0a7b09335d3f2efc7682439cde05c7099262708fe5a19b59ede6d5e30b,2025-05-03T03:15:20.013000
|
||||
CVE-2024-13739,0,0,7d1b0e1ed41ddbc98d9523d63eb2ad72317bc8ff8d3062ea0e8e7ca75a8983f1,2025-03-27T00:51:56.443000
|
||||
CVE-2024-1374,0,0,8b967aad89e76e7b7285732fb028781ee942f5f6a3c1468dd34bb1833f269dd3,2024-11-21T08:50:26.443000
|
||||
CVE-2024-13740,0,0,7ff99f97d425424bdc9a3d1a435df988f74877e53c6e3d16169a71dec8c37f3b,2025-02-24T12:41:27.353000
|
||||
@ -291598,7 +291598,7 @@ CVE-2025-37786,0,0,5e619e4c2c5e21cc0987aa127771bbd2182dadc4f24ee7d3f31eb2216fabc
|
||||
CVE-2025-37787,0,0,b524913b1d5ac48df07c4b8cc829369d8062bc11df477f17b189832cf4c1594a,2025-05-02T13:53:20.943000
|
||||
CVE-2025-37788,0,0,83be39a53b1e0cf5a9c043d3f7d780a2fd9d1a83f525cef4659715020d1c6548,2025-05-02T13:53:20.943000
|
||||
CVE-2025-37789,0,0,d2006e027ac457677e0845951c6b3ea55510106ca8b148321422c46576064849,2025-05-02T13:53:20.943000
|
||||
CVE-2025-3779,1,1,c7c819ddc14ffd56193f5819df9296e1f7449f81a3156bfb0b75f8f4eb3b61d4,2025-05-03T03:15:27.890000
|
||||
CVE-2025-3779,0,0,c7c819ddc14ffd56193f5819df9296e1f7449f81a3156bfb0b75f8f4eb3b61d4,2025-05-03T03:15:27.890000
|
||||
CVE-2025-37790,0,0,edad4793cbbae1a7e9a34936565c19f2ae9770b3a2367f14386a1c686759ad97,2025-05-02T13:53:20.943000
|
||||
CVE-2025-37791,0,0,5f31a3c6f24336286f680cc68000f4fa5ef61cdeaa48f413f2206e1d3f1382d9,2025-05-02T13:53:20.943000
|
||||
CVE-2025-37792,0,0,94e8295b404c53f4cc3ad337c57f8622a79675bccb54ae6a016c936d1dbffcda,2025-05-02T13:53:20.943000
|
||||
@ -291640,6 +291640,7 @@ CVE-2025-3808,0,0,c9d9b38c3b98d0e004f3d362b1c7affeec1437a2f1dff864304e4ff67e8ee1
|
||||
CVE-2025-3809,0,0,b0f7ce143ffe6fc36f9bbc17873d1316b0e5d9337b65e2cd57e88fbec5f74a76,2025-04-21T14:23:45.950000
|
||||
CVE-2025-38104,0,0,95fa066b9b297f0f71658bda9667ee4683e7719a8295e0ac6102597f6b2d67e5,2025-04-21T14:23:45.950000
|
||||
CVE-2025-3814,0,0,11c279efbeec4fa23a54b22cf013841136b5f0f0ea6d94e898bb584de2240f97,2025-04-23T14:08:13.383000
|
||||
CVE-2025-3815,1,1,9adf16c4646ef2bf71ebf5665df071b14aed69121d3df64d5e1c011d1dac400f,2025-05-03T08:15:31.040000
|
||||
CVE-2025-38152,0,0,6554c7473f6b6179493ded078859c0bfbf9661e041b4dcbfff31e86520619528,2025-04-29T14:39:46.800000
|
||||
CVE-2025-3816,0,0,0d7063f065ed7a583101904f11408aabc0c0a375b6165150fa6a6202e87955da,2025-04-21T14:23:45.950000
|
||||
CVE-2025-3817,0,0,d1d339a8b4a2a60b670dda015ec9ad8a209b25a85de9a75f6a155ea200a65ca1,2025-04-21T14:23:45.950000
|
||||
@ -291702,7 +291703,7 @@ CVE-2025-3911,0,0,2e6a3f0e2231d9173f37268e657efacc4fbc0e7463a9dbc8ada607731783d2
|
||||
CVE-2025-3912,0,0,57d1aac638d5ebb58a5040fc8c1c81dae68dc606378b1f0b3ea535593bbf242c,2025-04-29T13:52:28.490000
|
||||
CVE-2025-3914,0,0,39dc48efa45cfb63bb1da9177bab074344fac91433ba43912e542c027c8ca801,2025-04-29T13:52:10.697000
|
||||
CVE-2025-3915,0,0,7ef07e3557a0599cd61ae2360c99d37066278383396fda2be6ec28859bbb442d,2025-04-29T13:52:10.697000
|
||||
CVE-2025-3918,1,1,78444e6a9c0a46715cf65bc19e5d16644ec350c792fa6f0430cd0c875f0221a0,2025-05-03T03:15:28.040000
|
||||
CVE-2025-3918,0,0,78444e6a9c0a46715cf65bc19e5d16644ec350c792fa6f0430cd0c875f0221a0,2025-05-03T03:15:28.040000
|
||||
CVE-2025-3923,0,0,ee152c7f1a42d63e1ca21cb1c49adcbe2fb8c27f05521d2bf1672c2da0c26904,2025-04-29T13:52:28.490000
|
||||
CVE-2025-3927,0,0,9d4990b47789dce40b6ef7685dc00d0cccd4e67e2ae4c3634787a9e35c6249df,2025-05-02T16:15:34.273000
|
||||
CVE-2025-3928,0,0,d46b9c14e7aba95c51abe31baac71f7d9ed492709d856a746740d4fe91efaa0e,2025-05-02T14:15:28.413000
|
||||
@ -292042,9 +292043,9 @@ CVE-2025-4162,0,0,7e10fa2470ae962b46ab388d05de45b5591811aba32b28606d9620eb7e852f
|
||||
CVE-2025-4163,0,0,29ac9ba1c8bd926d6c4edac17368f59486932ffdeebafc07e8573eb8cebad78d,2025-05-02T13:53:20.943000
|
||||
CVE-2025-4164,0,0,bccdadbad41a6a84cd3849ec0d2f02992a2e0237fe52168fb01ea661d928569b,2025-05-02T13:53:20.943000
|
||||
CVE-2025-4166,0,0,e3f57dcf82716d685569118e3c73d3c8b93af040f29e8d8c0f5a59e5577ccfae,2025-05-02T15:15:50.313000
|
||||
CVE-2025-4168,1,1,ea729c532c1299d471e40983d33ff9a83d8c9543368a0cbb8c27657bfe7922cb,2025-05-03T03:15:28.350000
|
||||
CVE-2025-4170,1,1,2c2a710677983f1b51692b46b1b5044af7873a63f0d6b4680c37752639d6040f,2025-05-03T03:15:28.493000
|
||||
CVE-2025-4172,1,1,d36c15f2e746ad6393d50cbb9112e3ebb506f0421aa43a5668ce963238e98c97,2025-05-03T03:15:28.640000
|
||||
CVE-2025-4168,0,0,ea729c532c1299d471e40983d33ff9a83d8c9543368a0cbb8c27657bfe7922cb,2025-05-03T03:15:28.350000
|
||||
CVE-2025-4170,0,0,2c2a710677983f1b51692b46b1b5044af7873a63f0d6b4680c37752639d6040f,2025-05-03T03:15:28.493000
|
||||
CVE-2025-4172,0,0,d36c15f2e746ad6393d50cbb9112e3ebb506f0421aa43a5668ce963238e98c97,2025-05-03T03:15:28.640000
|
||||
CVE-2025-4173,0,0,bf481ba179fa77abaf7c10c7ea3a4798b4233f22538d3fe01f8beed112e81513,2025-05-02T18:15:27.400000
|
||||
CVE-2025-4174,0,0,4581911a7ea3231d50f39b27f21b0295910b0e4a33aa4237284e4df7f599036c,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4175,0,0,21c0d7f4fbdaf89b9b7c5307a4ed4fa92b5522085932b988fcd1f4ac80a1a8fc,2025-05-02T13:52:51.693000
|
||||
@ -292059,22 +292060,22 @@ CVE-2025-4183,0,0,67a5de16ce0557419a0d4c5a8779137fcafe98528b5e767289610e99f27bbf
|
||||
CVE-2025-4184,0,0,4dd60fa815974f8bcedac29e071c69f0b2bed880c2b872672ebfd1b845ed20f9,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4185,0,0,495717b0784f3ba7b881e1ed7a54449fac9f054cdf430a0269043ae237c6bb06,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4186,0,0,cf7117de051d28597490cf9ddf2097252c0c24486f24a183472edb3785f69553,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4188,1,1,5088fe013c792b1f96595e069d664f8c3a193c3b262718beefe00d319edcbc7c,2025-05-03T03:15:28.780000
|
||||
CVE-2025-4188,0,0,5088fe013c792b1f96595e069d664f8c3a193c3b262718beefe00d319edcbc7c,2025-05-03T03:15:28.780000
|
||||
CVE-2025-4191,0,0,dcaac55d822628915f54d806c7a15db1c1bc0f4ffc2e5beda074dae096de3a69,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4192,0,0,66e06ad0dda5e5156070c3b0fab0530d8a62c7abb330afd5cfd77442fa61ae7e,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4193,0,0,8ab7d6a068e4ec767dc650c12a7e77f267bbfbfec8bd3bf0c98d3ead7816ab74,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4195,0,0,51783effc4ccb0ac890cda440d76f44c17423cb78c6bb422e3a1061984fa5cdf,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4196,0,0,d68521a62f66db6887e049a1e4fae1a290e42f6fdb39222b99ae3fd5cb96f9df,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4197,0,0,63d523c99e489842581a169bf80104bc82c8dcd37c61d6e4948d72615770ad6f,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4198,1,1,94d742d4ad50c94b12be38b4d8ac15488ff08dc615a686563e295516aafffb40,2025-05-03T03:15:28.923000
|
||||
CVE-2025-4199,1,1,9629c5c8bca77c7b575ef8f5c95e2de45b1de11f288b06438b1e39ad68e78b9c,2025-05-03T03:15:29.070000
|
||||
CVE-2025-4198,0,0,94d742d4ad50c94b12be38b4d8ac15488ff08dc615a686563e295516aafffb40,2025-05-03T03:15:28.923000
|
||||
CVE-2025-4199,0,0,9629c5c8bca77c7b575ef8f5c95e2de45b1de11f288b06438b1e39ad68e78b9c,2025-05-03T03:15:29.070000
|
||||
CVE-2025-4204,0,0,b9df2a1e113f2262dc1922a48306035d7f1d7459c849de132b9aee720dbefb55,2025-05-02T13:52:51.693000
|
||||
CVE-2025-4210,0,0,af861b701427c03cc1825521a8f85486a15b444e199aec55a73933be4bb55862,2025-05-02T16:15:36.743000
|
||||
CVE-2025-4213,0,0,9422ab70029ffc8edda9a67c9aaaf9b104f2c99c9bbeb40f4cd08defac23c8ed,2025-05-02T18:15:28.160000
|
||||
CVE-2025-4214,0,0,8cee5e2c191dc5f7c39625764e80f36dacfe3615ac2ff5e798d6d9dcab815ab0,2025-05-02T20:15:20.003000
|
||||
CVE-2025-4215,0,0,5fd7a49b2f2c9f1e10a1eaa6aaf7951ee590f9e0aaf9c857c08ce31bb1852fbe,2025-05-02T21:15:23.893000
|
||||
CVE-2025-4218,0,0,a58de78c748f0c970b32963cfb0c0c4b002aa8f4aa47c3e31af6ad119f6d5528,2025-05-02T21:15:24.057000
|
||||
CVE-2025-4222,1,1,d7e55c8bdf6a556e71c00ab53da641e383f5a7392abda11a90f9dd5f2800bf1c,2025-05-03T03:15:29.217000
|
||||
CVE-2025-4222,0,0,d7e55c8bdf6a556e71c00ab53da641e383f5a7392abda11a90f9dd5f2800bf1c,2025-05-03T03:15:29.217000
|
||||
CVE-2025-42598,0,0,4c400d87dc34a2b74819c41bbdd48bd1c3da0af3c35841d82c2177d30b1cb5f5,2025-04-29T13:52:10.697000
|
||||
CVE-2025-42599,0,0,d39e065342929b05f2b0a2b6fd7615d0e3f6e7c2f605fdbeb3b3bb9e83f12d93,2025-04-29T19:46:44.310000
|
||||
CVE-2025-42600,0,0,a98a7820b508b5a8b0c7d0f0dd6cbaa5b07d1e37b05a983a49eb79024a0cd435,2025-04-23T14:08:13.383000
|
||||
@ -292436,4 +292437,4 @@ CVE-2025-47153,0,0,1bca3f0c72274ce4b4c023a8e0978fd82f9f0090c23ca3f26eaede96af2bc
|
||||
CVE-2025-47154,0,0,6a55c646b5911b6b02123224674cd90dd2e3787c01df5f2ac266b60ca2d454e0,2025-05-02T13:53:40.163000
|
||||
CVE-2025-47201,0,0,5909e655c347961adc92b049fc3b858cea6b26374920e4415466c07622f39f83,2025-05-02T13:52:51.693000
|
||||
CVE-2025-47226,0,0,dfa846083276b736d0e0ab6b6465e4fd2681fd21688d80ea892ba81266e6d150,2025-05-02T21:15:23.693000
|
||||
CVE-2025-47229,1,1,6fec8ddd5443564353f10001f8967a7abfc9875f230e3648131bfcf21a9215a1,2025-05-03T03:15:28.183000
|
||||
CVE-2025-47229,0,0,6fec8ddd5443564353f10001f8967a7abfc9875f230e3648131bfcf21a9215a1,2025-05-03T03:15:28.183000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user