From 880303f613a69c964875d8f181024cd8205640f1 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Tue, 5 Nov 2024 07:03:20 +0000
Subject: [PATCH] Auto-Update: 2024-11-05T07:00:18.963779+00:00

---
 CVE-2024/CVE-2024-55xx/CVE-2024-5578.json | 21 +++++++++
 CVE-2024/CVE-2024-78xx/CVE-2024-7876.json | 21 +++++++++
 CVE-2024/CVE-2024-78xx/CVE-2024-7877.json | 21 +++++++++
 CVE-2024/CVE-2024-94xx/CVE-2024-9459.json | 56 +++++++++++++++++++++++
 CVE-2024/CVE-2024-96xx/CVE-2024-9689.json | 21 +++++++++
 CVE-2024/CVE-2024-98xx/CVE-2024-9883.json | 21 +++++++++
 README.md                                 | 18 +++++---
 _state.csv                                | 10 +++-
 8 files changed, 180 insertions(+), 9 deletions(-)
 create mode 100644 CVE-2024/CVE-2024-55xx/CVE-2024-5578.json
 create mode 100644 CVE-2024/CVE-2024-78xx/CVE-2024-7876.json
 create mode 100644 CVE-2024/CVE-2024-78xx/CVE-2024-7877.json
 create mode 100644 CVE-2024/CVE-2024-94xx/CVE-2024-9459.json
 create mode 100644 CVE-2024/CVE-2024-96xx/CVE-2024-9689.json
 create mode 100644 CVE-2024/CVE-2024-98xx/CVE-2024-9883.json

diff --git a/CVE-2024/CVE-2024-55xx/CVE-2024-5578.json b/CVE-2024/CVE-2024-55xx/CVE-2024-5578.json
new file mode 100644
index 00000000000..0cf06f481ab
--- /dev/null
+++ b/CVE-2024/CVE-2024-55xx/CVE-2024-5578.json
@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-5578",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:05.760",
+  "lastModified": "2024-11-05T06:15:05.760",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Table of Contents Plus WordPress plugin through 2408 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/641e4fc3-4214-4c2e-8245-15e9dcdd37b4/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7876.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7876.json
new file mode 100644
index 00000000000..4fbd5e283f2
--- /dev/null
+++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7876.json
@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-7876",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:05.927",
+  "lastModified": "2024-11-05T06:15:05.927",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Appointment Type settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/fffe862f-5bf0-4a05-9d32-caff0bfdb860/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-78xx/CVE-2024-7877.json b/CVE-2024/CVE-2024-78xx/CVE-2024-7877.json
new file mode 100644
index 00000000000..1dbaa4d826b
--- /dev/null
+++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7877.json
@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-7877",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:05.990",
+  "lastModified": "2024-11-05T06:15:05.990",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Notification settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/fbec3738-2135-458d-be25-1ffb00e6deb6/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-94xx/CVE-2024-9459.json b/CVE-2024/CVE-2024-94xx/CVE-2024-9459.json
new file mode 100644
index 00000000000..383ad1f1a51
--- /dev/null
+++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9459.json
@@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-9459",
+  "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02",
+  "published": "2024-11-05T06:15:06.057",
+  "lastModified": "2024-11-05T06:15:06.057",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Zohocorp ManageEngine\u00a0Exchange Reporter Plus versions\u00a05718 and prior are vulnerable to authenticated SQL Injection in reports module."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW",
+          "baseScore": 8.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-9459.html",
+      "source": "0fc0942c-577d-436f-ae8e-945763c79b02"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-96xx/CVE-2024-9689.json b/CVE-2024/CVE-2024-96xx/CVE-2024-9689.json
new file mode 100644
index 00000000000..5833139232d
--- /dev/null
+++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9689.json
@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-9689",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:06.360",
+  "lastModified": "2024-11-05T06:15:06.360",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting posts, which could allow attackers to make logged in admin perform such action via a CSRF attack"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/ea501d37-1ec2-43ec-873a-ec204e965f60/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-98xx/CVE-2024-9883.json b/CVE-2024/CVE-2024-98xx/CVE-2024-9883.json
new file mode 100644
index 00000000000..a6c4ce950d6
--- /dev/null
+++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9883.json
@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-9883",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:06.430",
+  "lastModified": "2024-11-05T06:15:06.430",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Pods  WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/ea4b277e-ef47-4e38-bd82-c5a54a95372f/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index b791eba9c57..91b0232e884 100644
--- a/README.md
+++ b/README.md
@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-11-05T05:00:19.134793+00:00
+2024-11-05T07:00:18.963779+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-11-05T04:15:03.467000+00:00
+2024-11-05T06:15:06.430000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,21 +33,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-268192
+268198
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `0`
+Recently added CVEs: `6`
 
+- [CVE-2024-5578](CVE-2024/CVE-2024-55xx/CVE-2024-5578.json) (`2024-11-05T06:15:05.760`)
+- [CVE-2024-7876](CVE-2024/CVE-2024-78xx/CVE-2024-7876.json) (`2024-11-05T06:15:05.927`)
+- [CVE-2024-7877](CVE-2024/CVE-2024-78xx/CVE-2024-7877.json) (`2024-11-05T06:15:05.990`)
+- [CVE-2024-9459](CVE-2024/CVE-2024-94xx/CVE-2024-9459.json) (`2024-11-05T06:15:06.057`)
+- [CVE-2024-9689](CVE-2024/CVE-2024-96xx/CVE-2024-9689.json) (`2024-11-05T06:15:06.360`)
+- [CVE-2024-9883](CVE-2024/CVE-2024-98xx/CVE-2024-9883.json) (`2024-11-05T06:15:06.430`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `2`
+Recently modified CVEs: `0`
 
-- [CVE-2024-8698](CVE-2024/CVE-2024-86xx/CVE-2024-8698.json) (`2024-11-05T04:15:03.183`)
-- [CVE-2024-8883](CVE-2024/CVE-2024-88xx/CVE-2024-8883.json) (`2024-11-05T04:15:03.467`)
 
 
 ## Download and Usage
diff --git a/_state.csv b/_state.csv
index 806df641cf0..01bf54b468e 100644
--- a/_state.csv
+++ b/_state.csv
@@ -264902,6 +264902,7 @@ CVE-2024-5574,0,0,e718295307eca06b04fb56f70dfb8daf0ce4b10163936e86fc3b21a6f71a44
 CVE-2024-5575,0,0,1d8c4bc7bfefa9359f03236311a531b02997d0972adc424dea9dbc344e7a3ded,2024-08-01T13:59:54.197000
 CVE-2024-5576,0,0,fb4e227ac1bca19b4b9b0346951bcae4e9457605b7b3160f8ccda6cb8cea0d35,2024-08-20T15:44:20.567000
 CVE-2024-5577,0,0,5dd16baf94f18e7abae39f40d89c75af3dba9492f2b1af50e3d8516c5413b1e4,2024-06-17T12:42:04.623000
+CVE-2024-5578,1,1,d4702e6c564ee49d000a0c7f22010f9cac85af36092aefbf8158263fdf0cc166,2024-11-05T06:15:05.760000
 CVE-2024-5582,0,0,3868d6c914880d2428453bd960a7aeb89cb5bb99f0fc09b9de444e14a34c6012,2024-07-19T16:05:10.290000
 CVE-2024-5583,0,0,ade347dd1ad43ece826c5e86f2da2c910a5ba35590f61bd781f2121412e26d71,2024-09-27T00:47:36.233000
 CVE-2024-5584,0,0,7705ff7ae1b4fd1342d12756cedf379ac85bb5a3b8398b6b986f5e220e43afde,2024-06-11T13:54:12.057000
@@ -266825,6 +266826,8 @@ CVE-2024-7869,0,0,82563860e96b853488a742e0621cb13c9d5e162d563b05569e214e530009e5
 CVE-2024-7870,0,0,2836216d393e794b4828cb37dfdee043bfdf58d1b6ab4bb6d4918022aecdc961,2024-10-07T12:29:19.203000
 CVE-2024-7871,0,0,d47ede6ca23d1578a9b705a8257da890832c1e69392e6414a190c6fb054ce14f,2024-09-04T17:34:14.630000
 CVE-2024-7873,0,0,206d8282726d748a6a41b367b674a966213f9d6e3053dc261b740ef29ffe8ab7,2024-09-20T12:30:51.220000
+CVE-2024-7876,1,1,5cd5452f1a04528332af4bc477689ee50d64e8ccb8ec75d9d682d4067a77eb10,2024-11-05T06:15:05.927000
+CVE-2024-7877,1,1,dad44e5b754650038486ceb6328a13e5689877ac487bea941646319c73d3de5a,2024-11-05T06:15:05.990000
 CVE-2024-7878,0,0,1d855258734eb9301ec3064cb052aacfe2a08aa75ea8a20fdcb8aa8f30181ac0,2024-10-02T17:41:44.133000
 CVE-2024-7883,0,0,a3a2b3516fa75baae0f9793ea599317aaafd583c850715f7d93bc13d6d1cd9ad,2024-11-01T12:57:03.417000
 CVE-2024-7884,0,0,785c516d1dabe55fa31f7695706ba6a05f994a8f8d63c46081a0777ad4e173ab,2024-09-12T20:47:13.387000
@@ -267431,7 +267434,7 @@ CVE-2024-8693,0,0,0bf9bf9fae22897a2e08c32b35e067d4cd5332929319ef0efd3cac78490dae
 CVE-2024-8694,0,0,2e1993ee271c7157fceb04bc71a63e2f464fbf1cced51f76c6346163fc12348e,2024-09-12T12:35:54.013000
 CVE-2024-8695,0,0,52bc6b8b60aae6c315837e4eb131cf540e2b445dfd9cef8ca664c148d103d584,2024-09-13T16:01:31.340000
 CVE-2024-8696,0,0,3ba62a921109450e540b318e77e86831bda9c658513319d0aed77dfa516028ff,2024-09-13T16:01:22.410000
-CVE-2024-8698,0,1,23748be91406ef87124e76cf6db5061fa29d508ba9374e7f177c73fd1639e1c4,2024-11-05T04:15:03.183000
+CVE-2024-8698,0,0,23748be91406ef87124e76cf6db5061fa29d508ba9374e7f177c73fd1639e1c4,2024-11-05T04:15:03.183000
 CVE-2024-8704,0,0,32722c854d8fd69230437dede33e7bfcfaaef175cce14a586b318dc3ceebdc24,2024-10-01T14:15:09.873000
 CVE-2024-8705,0,0,cb97dc5a896b102e020f4c6f7ce9db0475b1546a38609fc8cb74768e11db5694,2024-09-12T12:35:54.013000
 CVE-2024-8706,0,0,6f71e5876a7dec7ae56fc457ee5142cb7cf0075ec2e95d2e16cb7162a3c7da96,2024-09-12T12:35:54.013000
@@ -267532,7 +267535,7 @@ CVE-2024-8876,0,0,adf401fb4b8b2c24f06ac7d28fd2360497bd835317abc655be39e3ccb04a97
 CVE-2024-8877,0,0,072c8e486444961bae4945079e8c7eda87a37fe8ff462296a0eff944cb3f1801,2024-09-30T15:31:14.690000
 CVE-2024-8878,0,0,d355a1999baf0c8606d16796b1d3b0e1dca83258ab14464d5a94be439e5488d1,2024-09-30T15:21:31.693000
 CVE-2024-8880,0,0,4890b5d8ccfd73a7de9d70be358a6aa9c5c8f4db772389c703fb4d83ffb621f1,2024-09-20T16:41:38.030000
-CVE-2024-8883,0,1,ef867150b75a006b88b657706b5ccab0ed5de191cb19aa041336ee55b15eac37,2024-11-05T04:15:03.467000
+CVE-2024-8883,0,0,ef867150b75a006b88b657706b5ccab0ed5de191cb19aa041336ee55b15eac37,2024-11-05T04:15:03.467000
 CVE-2024-8884,0,0,bbe657acd3b81809e4c38d289d4690d33ce15843f154a38b409847ce2483e4ec,2024-10-10T12:56:30.817000
 CVE-2024-8885,0,0,3d17cd6b07f76e6b7b78ee39290572c27afe08953d025655a317633960052841,2024-10-04T13:50:43.727000
 CVE-2024-8887,0,0,0407ca62fcbad308289f29aa7a81815bcc03d59968582f8cfbf5cd23bcc12817,2024-10-01T17:30:07.597000
@@ -267898,6 +267901,7 @@ CVE-2024-9454,0,0,e0a54a80b6d0251ef607f4148add63a26c7f5ec0cd907194ef73988f726f48
 CVE-2024-9455,0,0,70bc73495623b6fab8931499505a6be70a8937392cffccc260a57663b280a262,2024-10-07T17:48:28.117000
 CVE-2024-9456,0,0,32e971f93ac67b7dc136ac73dad60b7dab2a314c3fc73b1f49c543da51c18681,2024-10-28T13:58:09.230000
 CVE-2024-9457,0,0,9e423d4cda70891a0b74c4852459db88bd5163f875d32e19ac8dac4b758e8eeb,2024-10-15T14:23:57.307000
+CVE-2024-9459,1,1,4ecfbea5122c92376218a32592920cf1875a3f4c2146511bd48782842925fbf1,2024-11-05T06:15:06.057000
 CVE-2024-9460,0,0,d6ff22c922d7573d861145a9f9c7a3aa2a44b6806bef76282f2615732b02479a,2024-10-08T14:33:42.703000
 CVE-2024-9462,0,0,da874134bd4c6d4628ad3a17d1671b7f5c2018935fed477a57fc0d0990ff5d0e,2024-10-28T13:58:09.230000
 CVE-2024-9463,0,0,833fbe5400df3e16652b73757d66400db6c2e58ea10075ce0e9e52ee535a69f7,2024-10-15T15:05:25.997000
@@ -268029,6 +268033,7 @@ CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f1854
 CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000
 CVE-2024-9686,0,0,04f98af9d8ec4af01a3d35842aedc3b86f9dda8a517693baa9ea958d5317966d,2024-10-25T12:56:07.750000
 CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79ff2,2024-10-17T21:11:14.197000
+CVE-2024-9689,1,1,6b4e6277facd939696f187ef09ab2fa2103b2b6a84d67e5fd0808ee0a9bbcd74,2024-11-05T06:15:06.360000
 CVE-2024-9692,0,0,6637a78c6a5a322d069f0f0384d674a49925fbfbbf719ba95a3af042d35fdc19,2024-10-25T12:56:07.750000
 CVE-2024-9696,0,0,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000
 CVE-2024-9700,0,0,ee544a9b692e7ab9f9ab56395ca8011eb3604c34474b906ade007707a048f142,2024-11-01T12:57:03.417000
@@ -268101,6 +268106,7 @@ CVE-2024-9865,0,0,767ca346f0a1ff11496989a87fd401620d0792dff4b8ce54d6dd2bc8cbb6f9
 CVE-2024-9868,0,0,59a2aba846ee436405b49879e5b0c69be3ddd01e601615061714bd006d4f2afe,2024-11-04T13:44:51.370000
 CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000
 CVE-2024-9873,0,0,54e1b937a83aa8c512a9ce3ab381594073150b73716fb01cf60c5f6e4db0c415,2024-10-16T16:38:14.557000
+CVE-2024-9883,1,1,f00064094d6c763e6e633e25e3698b271fe08c076f38c4ccae4a7c2aa433a100,2024-11-05T06:15:06.430000
 CVE-2024-9884,0,0,757f98f3275a3bf4e9b1e819bb018e139225ae1ebee044e7c027a7c44897e089,2024-11-01T12:57:03.417000
 CVE-2024-9885,0,0,eba2ae86e119460d513882eefada4208486dcdf1501994be9aa95d7bb726e2cd,2024-11-01T12:57:03.417000
 CVE-2024-9886,0,0,2d0240a7ec94642b6f1f1ed4572b40ffdd3dbdf8ae33aee8a7b267be1166a129,2024-11-01T12:57:03.417000