Auto-Update: 2024-12-23T07:00:21.886599+00:00

2025-07-09 16:05:11 +00:00 · 2024-12-23 07:03:46 +00:00 · 2024-12-23 07:03:46 +00:00 · 76d8e5c571
commit 76d8e5c571
parent ddf175e315
4 changed files with 94 additions and 26 deletions
--- a/CVE-2024/CVE-2024-112xx/CVE-2024-11230.json
+++ b/CVE-2024/CVE-2024-112xx/CVE-2024-11230.json
@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-11230",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-12-23T05:15:05.800",
+  "lastModified": "2024-12-23T05:15:05.800",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018size\u2019 parameter in all versions up to, and including, 1.6.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.46/inc/widgets-manager/widgets/class-page-title.php#L516",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3194764/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d82c866-5b35-414e-bd72-30530930d5d8?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-506xx/CVE-2024-50623.json
+++ b/CVE-2024/CVE-2024-506xx/CVE-2024-50623.json
@ -2,8 +2,8 @@
  "id": "CVE-2024-50623",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-10-28T00:15:03.657",
-  "lastModified": "2024-12-20T15:04:26.097",
-  "vulnStatus": "Analyzed",
+  "lastModified": "2024-12-23T06:15:06.357",
+  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
@ -64,6 +64,16 @@
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Cleo Multiple Products Unrestricted File Upload Vulnerability",
  "weaknesses": [
+    {
+      "source": "cve@mitre.org",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-434"
+        }
+      ]
+    },
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-12-23T03:00:21.371894+00:00
+2024-12-23T07:00:21.886599+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-12-23T02:15:06.613000+00:00
+2024-12-23T06:15:06.357000+00:00
 ```

 ### Last Data Feed Release
@ -33,28 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-274566
+274567
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `9`
+Recently added CVEs: `1`

- [CVE-2024-12898](CVE-2024/CVE-2024-128xx/CVE-2024-12898.json) (`2024-12-23T01:15:06.840`)
- [CVE-2024-12899](CVE-2024/CVE-2024-128xx/CVE-2024-12899.json) (`2024-12-23T01:15:07.020`)
- [CVE-2024-12900](CVE-2024/CVE-2024-129xx/CVE-2024-12900.json) (`2024-12-23T02:15:05.630`)
- [CVE-2024-12901](CVE-2024/CVE-2024-129xx/CVE-2024-12901.json) (`2024-12-23T02:15:06.613`)
- [CVE-2024-45721](CVE-2024/CVE-2024-457xx/CVE-2024-45721.json) (`2024-12-23T01:15:07.200`)
- [CVE-2024-46873](CVE-2024/CVE-2024-468xx/CVE-2024-46873.json) (`2024-12-23T01:15:07.403`)
- [CVE-2024-47864](CVE-2024/CVE-2024-478xx/CVE-2024-47864.json) (`2024-12-23T01:15:07.553`)
- [CVE-2024-52321](CVE-2024/CVE-2024-523xx/CVE-2024-52321.json) (`2024-12-23T01:15:07.700`)
- [CVE-2024-54082](CVE-2024/CVE-2024-540xx/CVE-2024-54082.json) (`2024-12-23T01:15:07.840`)
+- [CVE-2024-11230](CVE-2024/CVE-2024-112xx/CVE-2024-11230.json) (`2024-12-23T05:15:05.800`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `1`

+- [CVE-2024-50623](CVE-2024/CVE-2024-506xx/CVE-2024-50623.json) (`2024-12-23T06:15:06.357`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -244057,6 +244057,7 @@ CVE-2024-11227,0,0,4429f46befcca636641488313efda0ce9e85d610d1a8222594e7b609e2557
 CVE-2024-11228,0,0,ea3ea506f494760971365e8cc08e4c50cc9e1b3e56f38ea31b32e4e82646f717,2024-11-23T12:15:18.577000
 CVE-2024-11229,0,0,f216e4e055884628872bc9827bd59bcb71e0c27eff667134ca7f40729f0e7955,2024-11-23T12:15:18.983000
 CVE-2024-1123,0,0,8b17d130c61ae38981c31032a4e85450c1b0fc32b8189b46d005a999a3b68420,2024-11-21T08:49:51.077000
+CVE-2024-11230,1,1,f575b944f513597b2d7c102a684d7520e6de50ddd1d937643a4b3d348b3f1a97,2024-12-23T05:15:05.800000
 CVE-2024-11231,0,0,1babaa8434f0dabb897e61577b0db39dc3dbee760a24a16a5980940fb44c99a3,2024-11-23T12:15:19.387000
 CVE-2024-11233,0,0,f693569babb39b28690250bf399e234d5652aa087fc09c6fa53135c369c0e730,2024-11-26T18:26:37.783000
 CVE-2024-11234,0,0,76a20d0b5df369c7dd2c3a2819b7721a96e80c779172c74c627d64ef7ab10b79,2024-11-26T19:06:10.243000
@ -245070,11 +245071,11 @@ CVE-2024-12894,0,0,38ca8339bb6400ff08caeebde70032264a7662949504841ad5ff150add3fc
 CVE-2024-12895,0,0,2693178457c1a41a6444992ddd10869064ffff2889e27b11cf327858c567765e,2024-12-22T14:15:04.923000
 CVE-2024-12896,0,0,b46bab1f05703ff0008332eb402a62ef781a767148efb6c7c7134cb4f610f1e9,2024-12-22T23:15:05.677000
 CVE-2024-12897,0,0,e84417159b1fa979d786feb5c9c9428d1f89aad1baca53371c1b473a818b22fd,2024-12-23T00:15:04.940000
-CVE-2024-12898,1,1,01cf06e013b17879e3ad11f28cc90b4f8ab9d8accfe80d6b33f345df309c44cc,2024-12-23T01:15:06.840000
-CVE-2024-12899,1,1,a8156719562171ad632b82cbae15ec7c223a7a48bfe33b1a670936619c6c2e7c,2024-12-23T01:15:07.020000
+CVE-2024-12898,0,0,01cf06e013b17879e3ad11f28cc90b4f8ab9d8accfe80d6b33f345df309c44cc,2024-12-23T01:15:06.840000
+CVE-2024-12899,0,0,a8156719562171ad632b82cbae15ec7c223a7a48bfe33b1a670936619c6c2e7c,2024-12-23T01:15:07.020000
 CVE-2024-1290,0,0,7c95f47c5c3e77faa57d4558ce65f60c9fa0ea7551f118126af89c59b8448f97,2024-11-21T08:50:14.680000
-CVE-2024-12900,1,1,1012b3733f239b410a68b2041572702d5a7f787259c3b8be862ffc1a0d536863,2024-12-23T02:15:05.630000
-CVE-2024-12901,1,1,7438bb24c69768569f04db263b25be4e855460433a924b6dad82e02e6b0c486b,2024-12-23T02:15:06.613000
+CVE-2024-12900,0,0,1012b3733f239b410a68b2041572702d5a7f787259c3b8be862ffc1a0d536863,2024-12-23T02:15:05.630000
+CVE-2024-12901,0,0,7438bb24c69768569f04db263b25be4e855460433a924b6dad82e02e6b0c486b,2024-12-23T02:15:06.613000
 CVE-2024-1291,0,0,52c4840726a3cf584db63abe3d1006ff575604ba403c25fca89470816948ce5e,2024-11-21T08:50:14.863000
 CVE-2024-1292,0,0,38d9bc6a557167174bf37c6662c68d5de6a783380fb5a30941c923054e3f2f16,2024-11-21T08:50:14.983000
 CVE-2024-1293,0,0,a122e9ddbaac35fa4b5b33d2b10cf37b4d4e3a3677cea83da66723805eec222b,2024-11-21T08:50:15.167000
@ -264834,7 +264835,7 @@ CVE-2024-45717,0,0,d0042290bedfde686afafcdb66609ec6e09f7a07ad76868bcb14ec916e681
 CVE-2024-45719,0,0,6ca7636d4f46abcbe25b85f74f485dd396329e29ed902891ee416ba7b0049fcb,2024-11-22T21:15:18.130000
 CVE-2024-4572,0,0,6754f54e88e479a744a4367c8d1d2577fd697a90d0783dabcb9fc508df61090e,2024-05-14T15:44:06.153000
 CVE-2024-45720,0,0,ab26e4a66e708abfafd5a0e7f8395b5431ac8a5c3efe1cec42e73393318df61a,2024-11-21T09:38:01.030000
-CVE-2024-45721,1,1,9efa8d5c7cbf93ab4f729d2bd7b22842337d0ab8beb27bf5bd04ae2864f2d64d,2024-12-23T01:15:07.200000
+CVE-2024-45721,0,0,9efa8d5c7cbf93ab4f729d2bd7b22842337d0ab8beb27bf5bd04ae2864f2d64d,2024-12-23T01:15:07.200000
 CVE-2024-45722,0,0,a6cbff3e6d145027776ad45ff696f8999c1abb5b5325df679b4335e1344e5fc1,2024-12-10T19:49:53.693000
 CVE-2024-45723,0,0,e4b82db032d3a4ca868b794df461af99089e3cf6b69e82693349f9c5b4326629,2024-10-17T17:15:12.110000
 CVE-2024-45731,0,0,9e6b9f6efc83855233c254d65e09470d9fc869b8f01875e0d9ffb17f0327775d,2024-10-17T13:09:33.017000
@ -265475,7 +265476,7 @@ CVE-2024-4687,0,0,691fbe5c860edbdf18385945123ec35fc420e5337163168b9949809bc18727
 CVE-2024-46870,0,0,1fd806f0972b8da340a2a96a775ca19e71689c6390ef179657882172ad5e53cb,2024-10-23T14:26:28.690000
 CVE-2024-46871,0,0,8a75195bb742a7d09e2157f53cf4a29ae8646360a0fbe4ce86872d4d639a0ed3,2024-12-14T21:15:25.810000
 CVE-2024-46872,0,0,b89329ee39c24a048dc575ac8e49e59d1a714d7b0226ecee7aec778895c50c1d,2024-11-08T15:00:42.473000
-CVE-2024-46873,1,1,c89ea423c2376bd6f6b72fea3f01f250004a52088b70335286b91ceb3bced266,2024-12-23T01:15:07.403000
+CVE-2024-46873,0,0,c89ea423c2376bd6f6b72fea3f01f250004a52088b70335286b91ceb3bced266,2024-12-23T01:15:07.403000
 CVE-2024-46874,0,0,26c14938d3bd992112157bea5c4166c0fd1799831df9907b641db7157a63de40,2024-12-10T19:49:18.773000
 CVE-2024-4688,0,0,0da5a2cc4532b2a20302b23569ddc0737195b6ffa097a6ed8db87ef0127f00f2,2024-11-21T09:43:23.167000
 CVE-2024-46886,0,0,9a63353229e01fb1edd6f3ab48979b30c42407a9917c12b34caece3fb7192dd7,2024-10-10T12:56:30.817000
@ -266288,7 +266289,7 @@ CVE-2024-47854,0,0,a9f09de7f0b5818799d7735e32fab0528117f290764772f98a3e102c722b0
 CVE-2024-47855,0,0,2488ce52c534b254c4fe75f30de0e6a94b0d61e1b79ce7021bafc48eccaf27dc,2024-11-07T20:35:11.733000
 CVE-2024-4786,0,0,5dd0f73d93c1de75f19479b5cea5e29a1ae9a8934feaf695496bbc3c8ecfd1b2,2024-11-21T09:43:36.490000
 CVE-2024-47863,0,0,e6340b76eef305e4f9a2a18e9b3431d1240e5a81cf4fe7cadb463db9ca192b6e,2024-11-25T18:15:13.063000
-CVE-2024-47864,1,1,7b10b8eb7e9b4aad4b5e06fbda58fa3c7474d35f3257df4264031ed55cbc2620,2024-12-23T01:15:07.553000
+CVE-2024-47864,0,0,7b10b8eb7e9b4aad4b5e06fbda58fa3c7474d35f3257df4264031ed55cbc2620,2024-12-23T01:15:07.553000
 CVE-2024-47865,0,0,856fbee2d0c29a916be674bec6df8b3f8c62e1515bf27cff8f7842b39f9edbc2,2024-11-21T13:57:24.187000
 CVE-2024-47867,0,0,e092a653d911d624ac72fe0241f3aa280e95881b91b7bf36e469f143c2618cbf,2024-11-15T16:44:54.783000
 CVE-2024-47868,0,0,f48e57a4ad7d358802e08c6ee8997c1410f483adbdf2de7ffeb891dd0fb1dab5,2024-10-17T17:04:35.547000
@ -268191,7 +268192,7 @@ CVE-2024-50614,0,0,29f22ac93163ff1303a42a1fec38fde0552d285d63129bbab00c726fede4a
 CVE-2024-50615,0,0,4d2a2e353be570a02fcdfff0b42fb37b106e2c1e8ab4e77f1c580e4daa183aa0,2024-10-30T20:35:37.310000
 CVE-2024-50616,0,0,f16f40ce12577bc20e6d17ff8fa15bd5a1f69a543581dc34546ce7e8ac77217c,2024-10-30T20:35:38.380000
 CVE-2024-5062,0,0,cdc86dcd84c87200c0328afbc0b136b026f9aaa280f8620d87cfe6bc9e21b227,2024-11-21T09:46:53.077000
-CVE-2024-50623,0,0,fbc7180051d21f3b882ce8b014ba2136036caba5e6fb74887641a3e6975ea4c8,2024-12-20T15:04:26.097000
+CVE-2024-50623,0,1,a42b8474b720b20703db546b945276a382320df10b0eef38229afd3da2f40c09,2024-12-23T06:15:06.357000
 CVE-2024-50624,0,0,425b4912ca74d0f19519cece63451f565c900b6a769644536a74ca4edcfab020,2024-10-30T21:35:12.223000
 CVE-2024-50625,0,0,600a63b94c23d23207c426e1e43b071296b787357ca99d17c5661761f04e2a95,2024-12-12T02:06:32.647000
 CVE-2024-50626,0,0,ee346cb1a02e9d6ceaf318c396c6bbfc04e63993edcd6528fb39c33b5fb34c43,2024-12-12T02:06:32.817000
@ -269104,7 +269105,7 @@ CVE-2024-52317,0,0,ce73efcf7b1c232dccd668d6afadee9ebc191724bbb215d2a3cde41432512
 CVE-2024-52318,0,0,9990c8ea56e7da2a0fb5af64141a1eeb644a507e2c6f41d3a96bd75739255ee9,2024-11-21T09:46:16.813000
 CVE-2024-5232,0,0,9c659ab55a0398d626d6da1c09e82340b1fec2662d16e1eca07d5817bed41493,2024-11-21T09:47:14.200000
 CVE-2024-52320,0,0,fbfaa1883239695b0007c9764a43ac2cebac69eb763863afcec1548f7df5c2dd,2024-12-06T18:15:25.737000
-CVE-2024-52321,1,1,810125fed33d3a81fef555e63f8bd28a1a60114151ab12dec90595d5f02ee13e,2024-12-23T01:15:07.700000
+CVE-2024-52321,0,0,810125fed33d3a81fef555e63f8bd28a1a60114151ab12dec90595d5f02ee13e,2024-12-23T01:15:07.700000
 CVE-2024-52323,0,0,57617b6f1b94228bad139ee211c36bd4ec7e4706388ebf89e10500861eceb01c,2024-11-27T15:15:26.377000
 CVE-2024-52324,0,0,1b82757393c4b121efeb2aca56c501ac2b568f66f0e838324b89dea8626b5590,2024-12-10T19:42:56.737000
 CVE-2024-5233,0,0,f7aceb9f589abd3e3127e7bdc682ef20b7c3a1e0d748898af38a399a8a8c2229,2024-11-21T09:47:14.357000
@ -270085,7 +270086,7 @@ CVE-2024-54051,0,0,3a9b3ab110d43a5a43f2119d4ad99971d223dd6716849a13bc9d084152928
 CVE-2024-5406,0,0,5db0f501f7c712d4bcce798425460b3472165eeef82fd225689429d234120e5b,2024-11-21T09:47:35.457000
 CVE-2024-5407,0,0,e082637321598f3dc8c3c9e1760b81a1e1197c4d13cd58fed3245c37f0bb71c9,2024-11-21T09:47:35.567000
 CVE-2024-5408,0,0,0b23a712a85d13fef48f02294d854672174790bd624dfee1416450ccef66434a,2024-11-21T09:47:35.690000
-CVE-2024-54082,1,1,9ebb2a96cc2d7205dc499652563889da625adbc9e224107999418bf2d0739828,2024-12-23T01:15:07.840000
+CVE-2024-54082,0,0,9ebb2a96cc2d7205dc499652563889da625adbc9e224107999418bf2d0739828,2024-12-23T01:15:07.840000
 CVE-2024-54083,0,0,5fd9cfa9d541ec1d140263f1195469b624b1e1b6173ea5643199f37a0fe69372,2024-12-16T08:15:05.317000
 CVE-2024-5409,0,0,f7df79bf8c405f523130badde3800a80499e2a2f05cefac143617aad785ef5de,2024-11-21T09:47:35.810000
 CVE-2024-54091,0,0,dc5c73da9eed4ea1b769bbbff881c5fabd4f746f0337a6f741715e6c55e58677,2024-12-12T14:15:22.953000