Auto-Update: 2025-01-14T07:00:24.020058+00:00

CVE-2024/CVE-2024-133xx/CVE-2024-13323.json

@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-13323",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-14T06:15:15.480",
+  "lastModified": "2025-01-14T06:15:15.480",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'booking' shortcode in all versions up to, and including, 10.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/booking/trunk/js/client.js#L270",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3220625/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/37731e51-33ce-4ef3-8a13-976c005dc983?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-280xx/CVE-2024-28016.json

@@ -2,7 +2,7 @@
   "id": "CVE-2024-28016",
   "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
   "published": "2024-03-28T01:15:47.923",
-  "lastModified": "2024-12-06T21:15:06.640",
+  "lastModified": "2025-01-14T05:15:08.677",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -53,7 +53,7 @@
   ],
   "references": [
     {
-      "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html",
+      "url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html",
       "source": "psirt-info@cyber.jp.nec.com"
     },
     {

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-01-14T05:00:31.163399+00:00
+2025-01-14T07:00:24.020058+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-01-14T04:15:11.820000+00:00
+2025-01-14T06:15:15.480000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,31 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-276997
+276998
 ```
 
 ### CVEs added in the last Commit
 
 Recently added CVEs: `1`
 
-- [CVE-2024-13348](CVE-2024/CVE-2024-133xx/CVE-2024-13348.json) (`2025-01-14T04:15:09.200`)
+- [CVE-2024-13323](CVE-2024/CVE-2024-133xx/CVE-2024-13323.json) (`2025-01-14T06:15:15.480`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `11`
+Recently modified CVEs: `1`
 
-- [CVE-2024-28005](CVE-2024/CVE-2024-280xx/CVE-2024-28005.json) (`2025-01-14T04:15:09.883`)
-- [CVE-2024-28006](CVE-2024/CVE-2024-280xx/CVE-2024-28006.json) (`2025-01-14T03:15:06.857`)
-- [CVE-2024-28007](CVE-2024/CVE-2024-280xx/CVE-2024-28007.json) (`2025-01-14T04:15:10.180`)
-- [CVE-2024-28008](CVE-2024/CVE-2024-280xx/CVE-2024-28008.json) (`2025-01-14T04:15:10.370`)
-- [CVE-2024-28009](CVE-2024/CVE-2024-280xx/CVE-2024-28009.json) (`2025-01-14T04:15:10.570`)
-- [CVE-2024-28010](CVE-2024/CVE-2024-280xx/CVE-2024-28010.json) (`2025-01-14T04:15:10.807`)
-- [CVE-2024-28011](CVE-2024/CVE-2024-280xx/CVE-2024-28011.json) (`2025-01-14T04:15:11.000`)
-- [CVE-2024-28012](CVE-2024/CVE-2024-280xx/CVE-2024-28012.json) (`2025-01-14T04:15:11.190`)
-- [CVE-2024-28013](CVE-2024/CVE-2024-280xx/CVE-2024-28013.json) (`2025-01-14T04:15:11.427`)
-- [CVE-2024-28014](CVE-2024/CVE-2024-280xx/CVE-2024-28014.json) (`2025-01-14T04:15:11.617`)
-- [CVE-2024-28015](CVE-2024/CVE-2024-280xx/CVE-2024-28015.json) (`2025-01-14T04:15:11.820`)
+- [CVE-2024-28016](CVE-2024/CVE-2024-280xx/CVE-2024-28016.json) (`2025-01-14T05:15:08.677`)
 
 
 ## Download and Usage

_state.csv

@@ -245866,10 +245866,11 @@ CVE-2024-13311,0,0,043082a8dd739b5eb445323387334add04ddcec723a1cf1ae43347104de3b
 CVE-2024-13312,0,0,1596f306a61a66773ca721f46a9f359accd6e8bc761ac287ef2d071eacd93640,2025-01-09T21:15:29.077000
 CVE-2024-13318,0,0,bd9b3dd8797a6a8e50fbc0881ed502b3d6c9d2df54bdf8f89c7bd4c9f15cb658,2025-01-10T12:15:24.257000
 CVE-2024-1332,0,0,43a2cb0465d1ed7fa77b51d32b9ef650ccc5cd8e8f972f53915014a8e37bc428,2024-11-21T08:50:21.220000
+CVE-2024-13323,1,1,b6dbf1bc72030da4865adfe9c77484b3543649561b1053256d05d5821de18e27,2025-01-14T06:15:15.480000
 CVE-2024-13324,0,0,e28b727b7b2e4ff67b104bb8829ddea65c155869cb67c2e17008296310ed866b,2025-01-13T21:15:12.053000
 CVE-2024-1333,0,0,7e67218d34e52c77cd12091eb7bec4820751f8a3faacd15e7977a33b9d658d65,2024-11-21T08:50:21.337000
 CVE-2024-1334,0,0,5cd8113de272a8c461c68981cf2d6addc6166d9cf4d9dbad0d56a2a1ca671349,2024-12-31T16:48:40.290000
-CVE-2024-13348,1,1,28a0ee7b4191c68c40fabdc5ca96e1c7f939c87fdb38db21e8b32e455395118b,2025-01-14T04:15:09.200000
+CVE-2024-13348,0,0,28a0ee7b4191c68c40fabdc5ca96e1c7f939c87fdb38db21e8b32e455395118b,2025-01-14T04:15:09.200000
 CVE-2024-1335,0,0,82fb69da532892baa7a81804ae338bd46e69a8bbbad77be8c22b678b91bcc8f9,2024-12-31T16:50:11.167000
 CVE-2024-1336,0,0,5ac217bb74b5afa6bf4a3181b1971e5eb197bf861678b67cc85953b7d0e71d82,2024-12-31T16:51:04.857000
 CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0fa,2024-11-21T08:50:21.857000
@@ -252783,19 +252784,19 @@ CVE-2024-28001,0,0,f4eb06df3530e1997d166a642d7fa8af6bff2e5a17b3a688669d50585c305
 CVE-2024-28002,0,0,904502bf78aba90ddf91ba1222073bccd0c322349e6a1c2472d455abd67e739f,2024-11-21T09:05:36.413000
 CVE-2024-28003,0,0,9de581c0a89ffca55ba717b6e86d85f87dca3f2529eff590e3efb77ede4629e6,2024-11-21T09:05:36.567000
 CVE-2024-28004,0,0,11c8577441ef11ddf9721c6f144151e105b5a3b7982868670413af3bc995abeb,2024-11-21T09:05:36.697000
-CVE-2024-28005,0,1,bce9e851b8f0583763e40fe34f2a38decc80487cf1ddfc104dbe207af73e2c86,2025-01-14T04:15:09.883000
-CVE-2024-28006,0,1,468c0cf70f068488e15d53d785f593f274940dadd648f1e8566b286f97bdb8b9,2025-01-14T03:15:06.857000
-CVE-2024-28007,0,1,c7a70ff3fa87c34a8edb92a66b06aab94d035b9b027dc8c7cae7f48dfaf2c8f2,2025-01-14T04:15:10.180000
-CVE-2024-28008,0,1,d250f692d3a99074673dcc0490c98be8c082854f72bced36e08b19e3f8e3fb2e,2025-01-14T04:15:10.370000
-CVE-2024-28009,0,1,9cbefa921e7b0a3f7b7798cd160a1dcde49f03cf4ed38f2a4cdebd932f7b0909,2025-01-14T04:15:10.570000
+CVE-2024-28005,0,0,bce9e851b8f0583763e40fe34f2a38decc80487cf1ddfc104dbe207af73e2c86,2025-01-14T04:15:09.883000
+CVE-2024-28006,0,0,468c0cf70f068488e15d53d785f593f274940dadd648f1e8566b286f97bdb8b9,2025-01-14T03:15:06.857000
+CVE-2024-28007,0,0,c7a70ff3fa87c34a8edb92a66b06aab94d035b9b027dc8c7cae7f48dfaf2c8f2,2025-01-14T04:15:10.180000
+CVE-2024-28008,0,0,d250f692d3a99074673dcc0490c98be8c082854f72bced36e08b19e3f8e3fb2e,2025-01-14T04:15:10.370000
+CVE-2024-28009,0,0,9cbefa921e7b0a3f7b7798cd160a1dcde49f03cf4ed38f2a4cdebd932f7b0909,2025-01-14T04:15:10.570000
 CVE-2024-2801,0,0,1ca5dfed39817a84ca735ed643093ecf136c9970036fea0138993049aaaaccb7,2024-11-21T09:10:33.423000
-CVE-2024-28010,0,1,9efa7a14b1d8bdf09421d59a7ed77cea37ac1738e7c50188e81bf9cb1bbf17cb,2025-01-14T04:15:10.807000
-CVE-2024-28011,0,1,fec196142dbab3db426684437cee6093978d733b3d0a45c916e4aec970758c86,2025-01-14T04:15:11
-CVE-2024-28012,0,1,87d141419e8c7f128982750023e3ec1e976ac47b29ad9b8d2c9bb03dd60be622,2025-01-14T04:15:11.190000
-CVE-2024-28013,0,1,280bcd0de0622447cde065c0f3f6f0df6920a91ef4c6aad207057f1744479404,2025-01-14T04:15:11.427000
-CVE-2024-28014,0,1,41625df99f453d3ffaca450014299a8b29e4ea5ba0c886a20ecfe541c3e779f5,2025-01-14T04:15:11.617000
-CVE-2024-28015,0,1,70d32c00f90d171129ccd0af0d2ebd8dbe72335e809f4e5cf6f251a8c45f8e68,2025-01-14T04:15:11.820000
-CVE-2024-28016,0,0,cb5159e3eae25dfae2dea506f1ce31fa01c2fbef28875037e8564095075635cd,2024-12-06T21:15:06.640000
+CVE-2024-28010,0,0,9efa7a14b1d8bdf09421d59a7ed77cea37ac1738e7c50188e81bf9cb1bbf17cb,2025-01-14T04:15:10.807000
+CVE-2024-28011,0,0,fec196142dbab3db426684437cee6093978d733b3d0a45c916e4aec970758c86,2025-01-14T04:15:11
+CVE-2024-28012,0,0,87d141419e8c7f128982750023e3ec1e976ac47b29ad9b8d2c9bb03dd60be622,2025-01-14T04:15:11.190000
+CVE-2024-28013,0,0,280bcd0de0622447cde065c0f3f6f0df6920a91ef4c6aad207057f1744479404,2025-01-14T04:15:11.427000
+CVE-2024-28014,0,0,41625df99f453d3ffaca450014299a8b29e4ea5ba0c886a20ecfe541c3e779f5,2025-01-14T04:15:11.617000
+CVE-2024-28015,0,0,70d32c00f90d171129ccd0af0d2ebd8dbe72335e809f4e5cf6f251a8c45f8e68,2025-01-14T04:15:11.820000
+CVE-2024-28016,0,1,749488d31ac32a9ea2b931fc388c512a146a1ae63d159c28c7a31b47cea37620,2025-01-14T05:15:08.677000
 CVE-2024-2802,0,0,4d7e48fbf79d86b86a336401cd7856f9a2e312e8845717a11d0136644698f700,2024-03-26T15:15:49.677000
 CVE-2024-28020,0,0,353857c6f72177d44fa539cd26ab29ac243a888fbe1ba2619943550305df92b7,2024-11-21T09:05:39.310000
 CVE-2024-28021,0,0,ef91a2bbc3a7ba80aa4b93dc521740325b47bcd3461fc4ac520536869818ea73,2024-11-21T09:05:39.497000