Auto-Update: 2024-03-08T09:00:37.323703+00:00

2025-07-11 16:13:34 +00:00 · 2024-03-08 09:03:25 +00:00 · 2024-03-08 09:03:25 +00:00 · 6c7679fc4b
commit 6c7679fc4b
parent 24dc4c6c19
4 changed files with 113 additions and 25 deletions
--- a/CVE-2024/CVE-2024-18xx/CVE-2024-1851.json
+++ b/CVE-2024/CVE-2024-18xx/CVE-2024-1851.json
@ -0,0 +1,47 @@
+{
+  "id": "CVE-2024-1851",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-03-08T07:15:05.960",
+  "lastModified": "2024-03-08T07:15:05.960",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The affiliate-toolkit \u2013 WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the atkp_create_list() function in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to to perform unauthorized actions such as creating product lists."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3045821/affiliate-toolkit-starter/trunk/includes/atkp_endpoints.php",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e9e256b0-e4e3-4f41-842c-80aa2b80af72?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-22xx/CVE-2024-2298.json
+++ b/CVE-2024/CVE-2024-22xx/CVE-2024-2298.json
@ -0,0 +1,47 @@
+{
+  "id": "CVE-2024-2298",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-03-08T07:15:06.457",
+  "lastModified": "2024-03-08T07:15:06.457",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The affiliate-toolkit \u2013 WordPress Affiliate Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the atkp_import_product() function in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to to perform unauthorized actions such as creating importing products."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3045821/affiliate-toolkit-starter/trunk/includes/atkp_endpoints.php",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d4d0176-3b7d-4de5-95ec-365873e6f13b?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-03-08T07:00:37.996953+00:00
+2024-03-08T09:00:37.323703+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-03-08T06:15:53.247000+00:00
+2024-03-08T07:15:06.457000+00:00
 ```

 ### Last Data Feed Release
@ -29,29 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-240896
+240898
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

-* [CVE-2024-1987](CVE-2024/CVE-2024-19xx/CVE-2024-1987.json) (`2024-03-08T06:15:52.493`)
-* [CVE-2024-27612](CVE-2024/CVE-2024-276xx/CVE-2024-27612.json) (`2024-03-08T06:15:52.763`)
-* [CVE-2024-27613](CVE-2024/CVE-2024-276xx/CVE-2024-27613.json) (`2024-03-08T06:15:52.820`)
+* [CVE-2024-1851](CVE-2024/CVE-2024-18xx/CVE-2024-1851.json) (`2024-03-08T07:15:05.960`)
+* [CVE-2024-2298](CVE-2024/CVE-2024-22xx/CVE-2024-2298.json) (`2024-03-08T07:15:06.457`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `7`
+Recently modified CVEs: `0`

-* [CVE-2024-2281](CVE-2024/CVE-2024-22xx/CVE-2024-2281.json) (`2024-03-08T06:15:52.867`)
-* [CVE-2024-2282](CVE-2024/CVE-2024-22xx/CVE-2024-2282.json) (`2024-03-08T06:15:52.977`)
-* [CVE-2024-2283](CVE-2024/CVE-2024-22xx/CVE-2024-2283.json) (`2024-03-08T06:15:53.067`)
-* [CVE-2024-2284](CVE-2024/CVE-2024-22xx/CVE-2024-2284.json) (`2024-03-08T06:15:53.153`)
-* [CVE-2024-2285](CVE-2024/CVE-2024-22xx/CVE-2024-2285.json) (`2024-03-08T06:15:53.247`)
-* [CVE-2024-23746](CVE-2024/CVE-2024-237xx/CVE-2024-23746.json) (`2024-03-08T05:15:08.343`)
-* [CVE-2024-26309](CVE-2024/CVE-2024-263xx/CVE-2024-26309.json) (`2024-03-08T05:15:08.880`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -238582,6 +238582,7 @@ CVE-2024-1832,0,0,1cf63b6616a572aec4e8e8dba8d9459a1c637c1c61b9b4b77fb7f27cdac414
 CVE-2024-1833,0,0,2b107fa9cbbf38960ef04d941bf5e32990a98ff894cbb76ab9d3ad3733030a79,2024-02-29T01:43:55.873000
 CVE-2024-1834,0,0,71484c054cc8716550405a2212257a1bb19512d3ccfc712afddd01b2d896efc2,2024-02-29T01:43:55.940000
 CVE-2024-1847,0,0,152f4d845ce8c23980172297d934e8efa3d32af4a304d4db000f4175545dd48b,2024-02-29T13:49:47.277000
+CVE-2024-1851,1,1,ed2776e7e6423da80c8050546a98776416be6724e6a52d6b86476ce887c2c744,2024-03-08T07:15:05.960000
 CVE-2024-1859,0,0,c19a8bbad570254357ebcf90235dc1b7204181d3a1a12c804d832963f66d9a08,2024-03-01T14:04:26.010000
 CVE-2024-1860,0,0,53b7775f88dbda3fc2d4abeb2e913e87a2f0c7e010f7824d10356d98445fd8c8,2024-02-28T14:06:45.783000
 CVE-2024-1861,0,0,363e90e453613fa7f323dd0890c48f34ab39b189b63bc72b87c77b28e0c67e6a,2024-02-28T14:06:45.783000
@ -238643,7 +238644,7 @@ CVE-2024-1978,0,0,3ef3e0470f639541e7aa5332764a4fdc0e9cab2190d02bdfffcc246fd4ade3
 CVE-2024-1981,0,0,56a3a9db8d42e012d762fd6941fad1981a0b2b42e5454cd6b5d1b42406dba2ca,2024-02-29T13:49:29.390000
 CVE-2024-1982,0,0,ffbc05dfb227c410b4f1143a120edd4d2849f76b514d8ea46cab15f8dbe11320,2024-02-29T13:49:29.390000
 CVE-2024-1986,0,0,f088857bea471b60d859887490ebb3b97ebb0e161d799cbdff1eb9b37391361f,2024-03-07T21:15:08.013000
-CVE-2024-1987,1,1,ed2941b92054187d03c0191fdff420b3ae72ec70fb975a85a2ee98955b68e347,2024-03-08T06:15:52.493000
+CVE-2024-1987,0,0,ed2941b92054187d03c0191fdff420b3ae72ec70fb975a85a2ee98955b68e347,2024-03-08T06:15:52.493000
 CVE-2024-1989,0,0,e603d4bdfbac73448a418c09b573178507e96a797a5be54fa1a78504bbf887da,2024-03-06T15:18:08.093000
 CVE-2024-20001,0,0,efbe4e49752ddfea997ebdd6c491b74eca19a99884d44def3e33c77345370bb0,2024-02-09T02:02:13.153000
 CVE-2024-20002,0,0,46b6afed42316be97368931c2d39434a4c3b4f4412ec2aa11d0d2b3e3bf7e82f,2024-02-09T02:01:37.090000
@ -239519,16 +239520,16 @@ CVE-2024-22776,0,0,383cb387ed526989d386acbb6cde50ecd0c69dc767d30090cbb1e3d22c167
 CVE-2024-22778,0,0,b51d89db366702e623e9ffcc2087e24c0edaa0d76ed8dc9f0f78dc0d88754ad8,2024-02-22T19:07:27.197000
 CVE-2024-22779,0,0,eda1283002ca0a5ba4b71e37cd224cf29419640cfe8456a3a65e695acd500b10,2024-02-10T04:10:09.100000
 CVE-2024-22795,0,0,74ecb133836626bb2368eab49a74768ea23b2ee0b898200b84b5a979cafed20f,2024-02-15T17:53:54.680000
-CVE-2024-2281,0,1,19edb65232977ade4a08e7ff60ea1aa9947c52bc4cbb9abb3fd0155b1f99a927,2024-03-08T06:15:52.867000
+CVE-2024-2281,0,0,19edb65232977ade4a08e7ff60ea1aa9947c52bc4cbb9abb3fd0155b1f99a927,2024-03-08T06:15:52.867000
 CVE-2024-22817,0,0,eb15e92e9d0667f5c190034654618b8eeeb0dfc84cfb608c765282f0f5a04fcf,2024-01-23T14:23:18.990000
 CVE-2024-22818,0,0,cb135bb8e203bf8edbad428e88de582fd5c2ab18516529aab641b2e535a51f86,2024-01-23T14:23:46.073000
 CVE-2024-22819,0,0,0eb9b3434533fedaa8cbae17f2a15bb53110d617baacce71ff390d25b5e6cc78,2024-01-23T14:23:51.943000
-CVE-2024-2282,0,1,db45a2a18b57ee3b96676726b845f32dffb692cfb1174af76eb1338d266ac924,2024-03-08T06:15:52.977000
+CVE-2024-2282,0,0,db45a2a18b57ee3b96676726b845f32dffb692cfb1174af76eb1338d266ac924,2024-03-08T06:15:52.977000
 CVE-2024-22824,0,0,41b37cd7997af5f505f5ec26f6ea1ea68dbf92e0a9a0e9b0c84ba29351a8a03d,2024-02-20T19:50:53.960000
-CVE-2024-2283,0,1,2a61f677945ef81877d5547af6fcb1de93dd347877f4db993f86cae82bf23553,2024-03-08T06:15:53.067000
+CVE-2024-2283,0,0,2a61f677945ef81877d5547af6fcb1de93dd347877f4db993f86cae82bf23553,2024-03-08T06:15:53.067000
 CVE-2024-22836,0,0,62c651f90ba1b8c08871776c5eb787f2963ec144dbd08e02b7b6c9de6c156ef9,2024-02-15T16:00:38.090000
-CVE-2024-2284,0,1,b675e249879502e64f9053e6f8a30a115a09279909d5729c6d7ab8e8c9d9f94b,2024-03-08T06:15:53.153000
-CVE-2024-2285,0,1,561d9e92b0a810d616cf4f80a5dcafbba4feb4e024d4603d8cbc6b3fd44c4d0a,2024-03-08T06:15:53.247000
+CVE-2024-2284,0,0,b675e249879502e64f9053e6f8a30a115a09279909d5729c6d7ab8e8c9d9f94b,2024-03-08T06:15:53.153000
+CVE-2024-2285,0,0,561d9e92b0a810d616cf4f80a5dcafbba4feb4e024d4603d8cbc6b3fd44c4d0a,2024-03-08T06:15:53.247000
 CVE-2024-22851,0,0,e3b3a4173f66bde18bcde8b4d6e07ed058612b81ace293aa36efd8837ff836d4,2024-02-13T07:15:48.500000
 CVE-2024-22852,0,0,fba9226bfac500a19dd8b91a9788eed1682675a652e0b6dd1f0ee08e7df876f5,2024-02-13T18:16:51.790000
 CVE-2024-22853,0,0,ec6a06bd931391a16658f5323e2bffe5ddc884df4aacc34598a685bd3979b258,2024-02-12T17:50:31.950000
@ -239570,6 +239571,7 @@ CVE-2024-22942,0,0,27e1b96b16010d66938a1930cd0293d602396f85521af099c802bf269035b
 CVE-2024-22955,0,0,4ae6e1e162ac27be2c1563f300454f76989ec1b9814e0f4be1652f56a6f11be5,2024-01-25T14:54:48.427000
 CVE-2024-22956,0,0,2da6b272cb072bcb92b74c4c5c3faca0048e5b46583e9ffdd9571398ebecd789,2024-01-25T14:55:01.053000
 CVE-2024-22957,0,0,045bad9ba8bb739147d8dcd83b4e5a0ded4b848e11c744629a53c265926b4f4e,2024-01-25T14:59:59.737000
+CVE-2024-2298,1,1,533837b115bc7fe92c618b2fa6910a9b5b0a697f92a50e2ba3a8d4776c50bd4a,2024-03-08T07:15:06.457000
 CVE-2024-22983,0,0,6a38538cffe02e625d8399f623cf51f22d7777c4762df345e581a9999a8c518b,2024-02-29T13:49:47.277000
 CVE-2024-22984,0,0,e1878756268a68f030b8a1f4c487c52d091cec58671de352e5b7d5d34740ed57,2024-02-07T20:15:49.320000
 CVE-2024-22988,0,0,f275260f401f57dcc524bb99befa366c138a2fa8cfacb027cec353fc68f469df,2024-02-26T13:42:22.567000
@ -239850,7 +239852,7 @@ CVE-2024-23742,0,0,aeff77d94dcf61fe65cb23bd8887617f2b919fc2c316839474e40db2e5ba0
 CVE-2024-23743,0,0,279453fa0c134ca9b5b2b605d5b33b220a556cfab4fea2d36ea70c4720265e5b,2024-03-03T00:15:44.043000
 CVE-2024-23744,0,0,c49e52d55641cbc48d9e1ae376320413b0fa72dfe16c31fa22b9b4360ff83257,2024-02-07T21:02:06.963000
 CVE-2024-23745,0,0,6bead48aec21356f1735fe5c88c44a40072039055ba8f7dd7f093fbebb2793a8,2024-02-06T20:42:12.490000
-CVE-2024-23746,0,1,b0e11529a1dd6103dd4cf431e3ca1c2782631e64cefac2a9160f72cd550d42af,2024-03-08T05:15:08.343000
+CVE-2024-23746,0,0,b0e11529a1dd6103dd4cf431e3ca1c2782631e64cefac2a9160f72cd550d42af,2024-03-08T05:15:08.343000
 CVE-2024-23747,0,0,e5badc646080ce0998e1e81852fb21e000c7398188715a4f0ce89130386d9ea5,2024-02-02T02:03:39.093000
 CVE-2024-23749,0,0,e489f7636c813784a61d3812299289346709b8bf63acb59822c186709b469431,2024-02-14T13:59:39.353000
 CVE-2024-23750,0,0,8e012c8bf46e4d6b122cd9676a67ed8063eceaae10c8b41283586e2acd25aff1,2024-01-29T16:51:14.573000
@ -240668,7 +240670,7 @@ CVE-2024-26300,0,0,957ff2fceea083c23710802994700a4cf17bc21a9f298857e1101271f2e4e
 CVE-2024-26301,0,0,ca5ba4fc82d74473f58bbb8ab53e52870805c492ae0704dcd3113ae9fe8a11a4,2024-02-28T14:06:45.783000
 CVE-2024-26302,0,0,af4ef1bb4da1c0ac0e7b0a0b03804bb031d31d0e464ca3573002ab0828a12d88,2024-02-28T14:06:45.783000
 CVE-2024-26308,0,0,82b0ecfd78ac1924ca4de8327395ad25f7b35e7d9f3c5c23f6744c8d052e1727,2024-03-07T17:15:13.050000
-CVE-2024-26309,0,1,cdeae101763e8a801496d5ceb834b06ab45a549c5aaee064ff14f3170f0d59ec,2024-03-08T05:15:08.880000
+CVE-2024-26309,0,0,cdeae101763e8a801496d5ceb834b06ab45a549c5aaee064ff14f3170f0d59ec,2024-03-08T05:15:08.880000
 CVE-2024-26310,0,0,cdf3231f7a059b92520dd591ab7449fe300f81e89c81c63cb479e44416fa612e,2024-02-22T19:07:27.197000
 CVE-2024-26311,0,0,c10525456294b75c6b4919ba396921719972a7cc08a82934dcff79f6c0deabee,2024-02-22T19:07:27.197000
 CVE-2024-26313,0,0,62105f53c3cc93f96b42401dba017346e19d9957b1cb73502256ac80769d47ab,2024-03-08T02:15:50.830000
@ -240819,8 +240821,8 @@ CVE-2024-27569,0,0,a1c97a6629a14374fe383c8737fbd058f9c69e29cacac5f65c8ee536732ce
 CVE-2024-27570,0,0,bb5768b9abe1d66233dd488033991c033e73d40122830f230bd575bce0ee2d3c,2024-03-01T15:23:36.177000
 CVE-2024-27571,0,0,c83a44f9887d08cabab3b2a4f270c8d7a63fba9a80bea6bcef31fb59117b7c4c,2024-03-01T15:23:36.177000
 CVE-2024-27572,0,0,ad4311ae425bc6b17f909abcd4c2456b040031c823802764df1b154118e12883,2024-03-01T15:23:36.177000
-CVE-2024-27612,1,1,0d919500eef41dc415e782655ce2dc6c271a68fb7b4385fe7dee70a91d6ecff3,2024-03-08T06:15:52.763000
-CVE-2024-27613,1,1,e600b514be86c879ec659bb51886b90acce7ff8afc2d88bf404a144bcef84ebc,2024-03-08T06:15:52.820000
+CVE-2024-27612,0,0,0d919500eef41dc415e782655ce2dc6c271a68fb7b4385fe7dee70a91d6ecff3,2024-03-08T06:15:52.763000
+CVE-2024-27613,0,0,e600b514be86c879ec659bb51886b90acce7ff8afc2d88bf404a144bcef84ebc,2024-03-08T06:15:52.820000
 CVE-2024-27622,0,0,b81b0302e1a5df3e85a035e7868118519ae70f25edc14a773500600adf227a88,2024-03-05T14:27:46.090000
 CVE-2024-27623,0,0,335934f06c4afd03c24d8ea0f13e9520a06db4e45dc99de31e76f91b777e35c5,2024-03-05T14:27:46.090000
 CVE-2024-27625,0,0,e1c123c7cbb72c1152f10bec7c5db687cd4b211c6f1247bce688ef0105bc5f48,2024-03-05T14:27:46.090000