Auto-Update: 2024-11-05T07:00:18.963779+00:00

2025-07-09 16:05:11 +00:00 · 2024-11-05 07:03:20 +00:00 · 2024-11-05 07:03:20 +00:00 · 880303f613
commit 880303f613
parent cf915a9ec0
8 changed files with 180 additions and 9 deletions
--- a/CVE-2024/CVE-2024-55xx/CVE-2024-5578.json
+++ b/CVE-2024/CVE-2024-55xx/CVE-2024-5578.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-5578",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:05.760",
+  "lastModified": "2024-11-05T06:15:05.760",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Table of Contents Plus WordPress plugin through 2408 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/641e4fc3-4214-4c2e-8245-15e9dcdd37b4/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-78xx/CVE-2024-7876.json
+++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7876.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-7876",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:05.927",
+  "lastModified": "2024-11-05T06:15:05.927",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Appointment Type settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/fffe862f-5bf0-4a05-9d32-caff0bfdb860/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-78xx/CVE-2024-7877.json
+++ b/CVE-2024/CVE-2024-78xx/CVE-2024-7877.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-7877",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:05.990",
+  "lastModified": "2024-11-05T06:15:05.990",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Appointment Booking Calendar \u2014 Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.55 does not sanitise and escape some of its Notification settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/fbec3738-2135-458d-be25-1ffb00e6deb6/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-94xx/CVE-2024-9459.json
+++ b/CVE-2024/CVE-2024-94xx/CVE-2024-9459.json
@ -0,0 +1,56 @@
+{
+  "id": "CVE-2024-9459",
+  "sourceIdentifier": "0fc0942c-577d-436f-ae8e-945763c79b02",
+  "published": "2024-11-05T06:15:06.057",
+  "lastModified": "2024-11-05T06:15:06.057",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Zohocorp ManageEngine\u00a0Exchange Reporter Plus versions\u00a05718 and prior are vulnerable to authenticated SQL Injection in reports module."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "LOW",
+          "baseScore": 8.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "0fc0942c-577d-436f-ae8e-945763c79b02",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-9459.html",
+      "source": "0fc0942c-577d-436f-ae8e-945763c79b02"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-96xx/CVE-2024-9689.json
+++ b/CVE-2024/CVE-2024-96xx/CVE-2024-9689.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-9689",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:06.360",
+  "lastModified": "2024-11-05T06:15:06.360",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting posts, which could allow attackers to make logged in admin perform such action via a CSRF attack"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/ea501d37-1ec2-43ec-873a-ec204e965f60/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-98xx/CVE-2024-9883.json
+++ b/CVE-2024/CVE-2024-98xx/CVE-2024-9883.json
@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-9883",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2024-11-05T06:15:06.430",
+  "lastModified": "2024-11-05T06:15:06.430",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Pods  WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/ea4b277e-ef47-4e38-bd82-c5a54a95372f/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-11-05T05:00:19.134793+00:00
+2024-11-05T07:00:18.963779+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-11-05T04:15:03.467000+00:00
+2024-11-05T06:15:06.430000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-268192
+268198
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `6`

+- [CVE-2024-5578](CVE-2024/CVE-2024-55xx/CVE-2024-5578.json) (`2024-11-05T06:15:05.760`)
+- [CVE-2024-7876](CVE-2024/CVE-2024-78xx/CVE-2024-7876.json) (`2024-11-05T06:15:05.927`)
+- [CVE-2024-7877](CVE-2024/CVE-2024-78xx/CVE-2024-7877.json) (`2024-11-05T06:15:05.990`)
+- [CVE-2024-9459](CVE-2024/CVE-2024-94xx/CVE-2024-9459.json) (`2024-11-05T06:15:06.057`)
+- [CVE-2024-9689](CVE-2024/CVE-2024-96xx/CVE-2024-9689.json) (`2024-11-05T06:15:06.360`)
+- [CVE-2024-9883](CVE-2024/CVE-2024-98xx/CVE-2024-9883.json) (`2024-11-05T06:15:06.430`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

- [CVE-2024-8698](CVE-2024/CVE-2024-86xx/CVE-2024-8698.json) (`2024-11-05T04:15:03.183`)
- [CVE-2024-8883](CVE-2024/CVE-2024-88xx/CVE-2024-8883.json) (`2024-11-05T04:15:03.467`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -264902,6 +264902,7 @@ CVE-2024-5574,0,0,e718295307eca06b04fb56f70dfb8daf0ce4b10163936e86fc3b21a6f71a44
 CVE-2024-5575,0,0,1d8c4bc7bfefa9359f03236311a531b02997d0972adc424dea9dbc344e7a3ded,2024-08-01T13:59:54.197000
 CVE-2024-5576,0,0,fb4e227ac1bca19b4b9b0346951bcae4e9457605b7b3160f8ccda6cb8cea0d35,2024-08-20T15:44:20.567000
 CVE-2024-5577,0,0,5dd16baf94f18e7abae39f40d89c75af3dba9492f2b1af50e3d8516c5413b1e4,2024-06-17T12:42:04.623000
+CVE-2024-5578,1,1,d4702e6c564ee49d000a0c7f22010f9cac85af36092aefbf8158263fdf0cc166,2024-11-05T06:15:05.760000
 CVE-2024-5582,0,0,3868d6c914880d2428453bd960a7aeb89cb5bb99f0fc09b9de444e14a34c6012,2024-07-19T16:05:10.290000
 CVE-2024-5583,0,0,ade347dd1ad43ece826c5e86f2da2c910a5ba35590f61bd781f2121412e26d71,2024-09-27T00:47:36.233000
 CVE-2024-5584,0,0,7705ff7ae1b4fd1342d12756cedf379ac85bb5a3b8398b6b986f5e220e43afde,2024-06-11T13:54:12.057000
@ -266825,6 +266826,8 @@ CVE-2024-7869,0,0,82563860e96b853488a742e0621cb13c9d5e162d563b05569e214e530009e5
 CVE-2024-7870,0,0,2836216d393e794b4828cb37dfdee043bfdf58d1b6ab4bb6d4918022aecdc961,2024-10-07T12:29:19.203000
 CVE-2024-7871,0,0,d47ede6ca23d1578a9b705a8257da890832c1e69392e6414a190c6fb054ce14f,2024-09-04T17:34:14.630000
 CVE-2024-7873,0,0,206d8282726d748a6a41b367b674a966213f9d6e3053dc261b740ef29ffe8ab7,2024-09-20T12:30:51.220000
+CVE-2024-7876,1,1,5cd5452f1a04528332af4bc477689ee50d64e8ccb8ec75d9d682d4067a77eb10,2024-11-05T06:15:05.927000
+CVE-2024-7877,1,1,dad44e5b754650038486ceb6328a13e5689877ac487bea941646319c73d3de5a,2024-11-05T06:15:05.990000
 CVE-2024-7878,0,0,1d855258734eb9301ec3064cb052aacfe2a08aa75ea8a20fdcb8aa8f30181ac0,2024-10-02T17:41:44.133000
 CVE-2024-7883,0,0,a3a2b3516fa75baae0f9793ea599317aaafd583c850715f7d93bc13d6d1cd9ad,2024-11-01T12:57:03.417000
 CVE-2024-7884,0,0,785c516d1dabe55fa31f7695706ba6a05f994a8f8d63c46081a0777ad4e173ab,2024-09-12T20:47:13.387000
@ -267431,7 +267434,7 @@ CVE-2024-8693,0,0,0bf9bf9fae22897a2e08c32b35e067d4cd5332929319ef0efd3cac78490dae
 CVE-2024-8694,0,0,2e1993ee271c7157fceb04bc71a63e2f464fbf1cced51f76c6346163fc12348e,2024-09-12T12:35:54.013000
 CVE-2024-8695,0,0,52bc6b8b60aae6c315837e4eb131cf540e2b445dfd9cef8ca664c148d103d584,2024-09-13T16:01:31.340000
 CVE-2024-8696,0,0,3ba62a921109450e540b318e77e86831bda9c658513319d0aed77dfa516028ff,2024-09-13T16:01:22.410000
-CVE-2024-8698,0,1,23748be91406ef87124e76cf6db5061fa29d508ba9374e7f177c73fd1639e1c4,2024-11-05T04:15:03.183000
+CVE-2024-8698,0,0,23748be91406ef87124e76cf6db5061fa29d508ba9374e7f177c73fd1639e1c4,2024-11-05T04:15:03.183000
 CVE-2024-8704,0,0,32722c854d8fd69230437dede33e7bfcfaaef175cce14a586b318dc3ceebdc24,2024-10-01T14:15:09.873000
 CVE-2024-8705,0,0,cb97dc5a896b102e020f4c6f7ce9db0475b1546a38609fc8cb74768e11db5694,2024-09-12T12:35:54.013000
 CVE-2024-8706,0,0,6f71e5876a7dec7ae56fc457ee5142cb7cf0075ec2e95d2e16cb7162a3c7da96,2024-09-12T12:35:54.013000
@ -267532,7 +267535,7 @@ CVE-2024-8876,0,0,adf401fb4b8b2c24f06ac7d28fd2360497bd835317abc655be39e3ccb04a97
 CVE-2024-8877,0,0,072c8e486444961bae4945079e8c7eda87a37fe8ff462296a0eff944cb3f1801,2024-09-30T15:31:14.690000
 CVE-2024-8878,0,0,d355a1999baf0c8606d16796b1d3b0e1dca83258ab14464d5a94be439e5488d1,2024-09-30T15:21:31.693000
 CVE-2024-8880,0,0,4890b5d8ccfd73a7de9d70be358a6aa9c5c8f4db772389c703fb4d83ffb621f1,2024-09-20T16:41:38.030000
-CVE-2024-8883,0,1,ef867150b75a006b88b657706b5ccab0ed5de191cb19aa041336ee55b15eac37,2024-11-05T04:15:03.467000
+CVE-2024-8883,0,0,ef867150b75a006b88b657706b5ccab0ed5de191cb19aa041336ee55b15eac37,2024-11-05T04:15:03.467000
 CVE-2024-8884,0,0,bbe657acd3b81809e4c38d289d4690d33ce15843f154a38b409847ce2483e4ec,2024-10-10T12:56:30.817000
 CVE-2024-8885,0,0,3d17cd6b07f76e6b7b78ee39290572c27afe08953d025655a317633960052841,2024-10-04T13:50:43.727000
 CVE-2024-8887,0,0,0407ca62fcbad308289f29aa7a81815bcc03d59968582f8cfbf5cd23bcc12817,2024-10-01T17:30:07.597000
@ -267898,6 +267901,7 @@ CVE-2024-9454,0,0,e0a54a80b6d0251ef607f4148add63a26c7f5ec0cd907194ef73988f726f48
 CVE-2024-9455,0,0,70bc73495623b6fab8931499505a6be70a8937392cffccc260a57663b280a262,2024-10-07T17:48:28.117000
 CVE-2024-9456,0,0,32e971f93ac67b7dc136ac73dad60b7dab2a314c3fc73b1f49c543da51c18681,2024-10-28T13:58:09.230000
 CVE-2024-9457,0,0,9e423d4cda70891a0b74c4852459db88bd5163f875d32e19ac8dac4b758e8eeb,2024-10-15T14:23:57.307000
+CVE-2024-9459,1,1,4ecfbea5122c92376218a32592920cf1875a3f4c2146511bd48782842925fbf1,2024-11-05T06:15:06.057000
 CVE-2024-9460,0,0,d6ff22c922d7573d861145a9f9c7a3aa2a44b6806bef76282f2615732b02479a,2024-10-08T14:33:42.703000
 CVE-2024-9462,0,0,da874134bd4c6d4628ad3a17d1671b7f5c2018935fed477a57fc0d0990ff5d0e,2024-10-28T13:58:09.230000
 CVE-2024-9463,0,0,833fbe5400df3e16652b73757d66400db6c2e58ea10075ce0e9e52ee535a69f7,2024-10-15T15:05:25.997000
@ -268029,6 +268033,7 @@ CVE-2024-9683,0,0,a648737766df3deb74ddc86e7dcd00883598b7b3c943d9054e11451b5f1854
 CVE-2024-9685,0,0,a93c724a8b2ee6ce4a46c54a35028c939ad55b1fb441a5b479f473edc57de420,2024-10-15T14:30:00.483000
 CVE-2024-9686,0,0,04f98af9d8ec4af01a3d35842aedc3b86f9dda8a517693baa9ea958d5317966d,2024-10-25T12:56:07.750000
 CVE-2024-9687,0,0,ae8c4791dae243694c67044fa0088a221548cce6d43bc08144a537d590a79ff2,2024-10-17T21:11:14.197000
+CVE-2024-9689,1,1,6b4e6277facd939696f187ef09ab2fa2103b2b6a84d67e5fd0808ee0a9bbcd74,2024-11-05T06:15:06.360000
 CVE-2024-9692,0,0,6637a78c6a5a322d069f0f0384d674a49925fbfbbf719ba95a3af042d35fdc19,2024-10-25T12:56:07.750000
 CVE-2024-9696,0,0,78e7cb06b620e1544d9c6811ae0c44cf981cc195d0067b351c711666292c356e,2024-10-15T12:57:46.880000
 CVE-2024-9700,0,0,ee544a9b692e7ab9f9ab56395ca8011eb3604c34474b906ade007707a048f142,2024-11-01T12:57:03.417000
@ -268101,6 +268106,7 @@ CVE-2024-9865,0,0,767ca346f0a1ff11496989a87fd401620d0792dff4b8ce54d6dd2bc8cbb6f9
 CVE-2024-9868,0,0,59a2aba846ee436405b49879e5b0c69be3ddd01e601615061714bd006d4f2afe,2024-11-04T13:44:51.370000
 CVE-2024-9869,0,0,2195387ef9aab560e210893ad1e9f3295c5808c9d50c0ada4fa1d17778d3d1ae,2024-10-11T15:15:06.500000
 CVE-2024-9873,0,0,54e1b937a83aa8c512a9ce3ab381594073150b73716fb01cf60c5f6e4db0c415,2024-10-16T16:38:14.557000
+CVE-2024-9883,1,1,f00064094d6c763e6e633e25e3698b271fe08c076f38c4ccae4a7c2aa433a100,2024-11-05T06:15:06.430000
 CVE-2024-9884,0,0,757f98f3275a3bf4e9b1e819bb018e139225ae1ebee044e7c027a7c44897e089,2024-11-01T12:57:03.417000
 CVE-2024-9885,0,0,eba2ae86e119460d513882eefada4208486dcdf1501994be9aa95d7bb726e2cd,2024-11-01T12:57:03.417000
 CVE-2024-9886,0,0,2d0240a7ec94642b6f1f1ed4572b40ffdd3dbdf8ae33aee8a7b267be1166a129,2024-11-01T12:57:03.417000