From 920939d6d72230376007865d912ccc59944c0784 Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Tue, 14 Jan 2025 07:03:51 +0000
Subject: [PATCH] Auto-Update: 2025-01-14T07:00:24.020058+00:00

---
 CVE-2024/CVE-2024-133xx/CVE-2024-13323.json | 64 +++++++++++++++++++++
 CVE-2024/CVE-2024-280xx/CVE-2024-28016.json |  4 +-
 README.md                                   | 22 ++-----
 _state.csv                                  | 27 ++++-----
 4 files changed, 86 insertions(+), 31 deletions(-)
 create mode 100644 CVE-2024/CVE-2024-133xx/CVE-2024-13323.json

diff --git a/CVE-2024/CVE-2024-133xx/CVE-2024-13323.json b/CVE-2024/CVE-2024-133xx/CVE-2024-13323.json
new file mode 100644
index 00000000000..210a05ae07b
--- /dev/null
+++ b/CVE-2024/CVE-2024-133xx/CVE-2024-13323.json
@@ -0,0 +1,64 @@
+{
+  "id": "CVE-2024-13323",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2025-01-14T06:15:15.480",
+  "lastModified": "2025-01-14T06:15:15.480",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'booking' shortcode in all versions up to, and including, 10.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/booking/trunk/js/client.js#L270",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3220625/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/37731e51-33ce-4ef3-8a13-976c005dc983?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/CVE-2024/CVE-2024-280xx/CVE-2024-28016.json b/CVE-2024/CVE-2024-280xx/CVE-2024-28016.json
index 63a44d75274..cd994517f71 100644
--- a/CVE-2024/CVE-2024-280xx/CVE-2024-28016.json
+++ b/CVE-2024/CVE-2024-280xx/CVE-2024-28016.json
@@ -2,7 +2,7 @@
   "id": "CVE-2024-28016",
   "sourceIdentifier": "psirt-info@cyber.jp.nec.com",
   "published": "2024-03-28T01:15:47.923",
-  "lastModified": "2024-12-06T21:15:06.640",
+  "lastModified": "2025-01-14T05:15:08.677",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -53,7 +53,7 @@
   ],
   "references": [
     {
-      "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html",
+      "url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html",
       "source": "psirt-info@cyber.jp.nec.com"
     },
     {
diff --git a/README.md b/README.md
index e922da0a7a5..88149bc0049 100644
--- a/README.md
+++ b/README.md
@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-01-14T05:00:31.163399+00:00
+2025-01-14T07:00:24.020058+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-01-14T04:15:11.820000+00:00
+2025-01-14T06:15:15.480000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,31 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-276997
+276998
 ```
 
 ### CVEs added in the last Commit
 
 Recently added CVEs: `1`
 
-- [CVE-2024-13348](CVE-2024/CVE-2024-133xx/CVE-2024-13348.json) (`2025-01-14T04:15:09.200`)
+- [CVE-2024-13323](CVE-2024/CVE-2024-133xx/CVE-2024-13323.json) (`2025-01-14T06:15:15.480`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `11`
+Recently modified CVEs: `1`
 
-- [CVE-2024-28005](CVE-2024/CVE-2024-280xx/CVE-2024-28005.json) (`2025-01-14T04:15:09.883`)
-- [CVE-2024-28006](CVE-2024/CVE-2024-280xx/CVE-2024-28006.json) (`2025-01-14T03:15:06.857`)
-- [CVE-2024-28007](CVE-2024/CVE-2024-280xx/CVE-2024-28007.json) (`2025-01-14T04:15:10.180`)
-- [CVE-2024-28008](CVE-2024/CVE-2024-280xx/CVE-2024-28008.json) (`2025-01-14T04:15:10.370`)
-- [CVE-2024-28009](CVE-2024/CVE-2024-280xx/CVE-2024-28009.json) (`2025-01-14T04:15:10.570`)
-- [CVE-2024-28010](CVE-2024/CVE-2024-280xx/CVE-2024-28010.json) (`2025-01-14T04:15:10.807`)
-- [CVE-2024-28011](CVE-2024/CVE-2024-280xx/CVE-2024-28011.json) (`2025-01-14T04:15:11.000`)
-- [CVE-2024-28012](CVE-2024/CVE-2024-280xx/CVE-2024-28012.json) (`2025-01-14T04:15:11.190`)
-- [CVE-2024-28013](CVE-2024/CVE-2024-280xx/CVE-2024-28013.json) (`2025-01-14T04:15:11.427`)
-- [CVE-2024-28014](CVE-2024/CVE-2024-280xx/CVE-2024-28014.json) (`2025-01-14T04:15:11.617`)
-- [CVE-2024-28015](CVE-2024/CVE-2024-280xx/CVE-2024-28015.json) (`2025-01-14T04:15:11.820`)
+- [CVE-2024-28016](CVE-2024/CVE-2024-280xx/CVE-2024-28016.json) (`2025-01-14T05:15:08.677`)
 
 
 ## Download and Usage
diff --git a/_state.csv b/_state.csv
index 5b4365e09f6..e2d34163a42 100644
--- a/_state.csv
+++ b/_state.csv
@@ -245866,10 +245866,11 @@ CVE-2024-13311,0,0,043082a8dd739b5eb445323387334add04ddcec723a1cf1ae43347104de3b
 CVE-2024-13312,0,0,1596f306a61a66773ca721f46a9f359accd6e8bc761ac287ef2d071eacd93640,2025-01-09T21:15:29.077000
 CVE-2024-13318,0,0,bd9b3dd8797a6a8e50fbc0881ed502b3d6c9d2df54bdf8f89c7bd4c9f15cb658,2025-01-10T12:15:24.257000
 CVE-2024-1332,0,0,43a2cb0465d1ed7fa77b51d32b9ef650ccc5cd8e8f972f53915014a8e37bc428,2024-11-21T08:50:21.220000
+CVE-2024-13323,1,1,b6dbf1bc72030da4865adfe9c77484b3543649561b1053256d05d5821de18e27,2025-01-14T06:15:15.480000
 CVE-2024-13324,0,0,e28b727b7b2e4ff67b104bb8829ddea65c155869cb67c2e17008296310ed866b,2025-01-13T21:15:12.053000
 CVE-2024-1333,0,0,7e67218d34e52c77cd12091eb7bec4820751f8a3faacd15e7977a33b9d658d65,2024-11-21T08:50:21.337000
 CVE-2024-1334,0,0,5cd8113de272a8c461c68981cf2d6addc6166d9cf4d9dbad0d56a2a1ca671349,2024-12-31T16:48:40.290000
-CVE-2024-13348,1,1,28a0ee7b4191c68c40fabdc5ca96e1c7f939c87fdb38db21e8b32e455395118b,2025-01-14T04:15:09.200000
+CVE-2024-13348,0,0,28a0ee7b4191c68c40fabdc5ca96e1c7f939c87fdb38db21e8b32e455395118b,2025-01-14T04:15:09.200000
 CVE-2024-1335,0,0,82fb69da532892baa7a81804ae338bd46e69a8bbbad77be8c22b678b91bcc8f9,2024-12-31T16:50:11.167000
 CVE-2024-1336,0,0,5ac217bb74b5afa6bf4a3181b1971e5eb197bf861678b67cc85953b7d0e71d82,2024-12-31T16:51:04.857000
 CVE-2024-1337,0,0,ecd9569d803b0ad7e93765437336dbe54b6bca900bd0d8d6a4265ae95a2bd0fa,2024-11-21T08:50:21.857000
@@ -252783,19 +252784,19 @@ CVE-2024-28001,0,0,f4eb06df3530e1997d166a642d7fa8af6bff2e5a17b3a688669d50585c305
 CVE-2024-28002,0,0,904502bf78aba90ddf91ba1222073bccd0c322349e6a1c2472d455abd67e739f,2024-11-21T09:05:36.413000
 CVE-2024-28003,0,0,9de581c0a89ffca55ba717b6e86d85f87dca3f2529eff590e3efb77ede4629e6,2024-11-21T09:05:36.567000
 CVE-2024-28004,0,0,11c8577441ef11ddf9721c6f144151e105b5a3b7982868670413af3bc995abeb,2024-11-21T09:05:36.697000
-CVE-2024-28005,0,1,bce9e851b8f0583763e40fe34f2a38decc80487cf1ddfc104dbe207af73e2c86,2025-01-14T04:15:09.883000
-CVE-2024-28006,0,1,468c0cf70f068488e15d53d785f593f274940dadd648f1e8566b286f97bdb8b9,2025-01-14T03:15:06.857000
-CVE-2024-28007,0,1,c7a70ff3fa87c34a8edb92a66b06aab94d035b9b027dc8c7cae7f48dfaf2c8f2,2025-01-14T04:15:10.180000
-CVE-2024-28008,0,1,d250f692d3a99074673dcc0490c98be8c082854f72bced36e08b19e3f8e3fb2e,2025-01-14T04:15:10.370000
-CVE-2024-28009,0,1,9cbefa921e7b0a3f7b7798cd160a1dcde49f03cf4ed38f2a4cdebd932f7b0909,2025-01-14T04:15:10.570000
+CVE-2024-28005,0,0,bce9e851b8f0583763e40fe34f2a38decc80487cf1ddfc104dbe207af73e2c86,2025-01-14T04:15:09.883000
+CVE-2024-28006,0,0,468c0cf70f068488e15d53d785f593f274940dadd648f1e8566b286f97bdb8b9,2025-01-14T03:15:06.857000
+CVE-2024-28007,0,0,c7a70ff3fa87c34a8edb92a66b06aab94d035b9b027dc8c7cae7f48dfaf2c8f2,2025-01-14T04:15:10.180000
+CVE-2024-28008,0,0,d250f692d3a99074673dcc0490c98be8c082854f72bced36e08b19e3f8e3fb2e,2025-01-14T04:15:10.370000
+CVE-2024-28009,0,0,9cbefa921e7b0a3f7b7798cd160a1dcde49f03cf4ed38f2a4cdebd932f7b0909,2025-01-14T04:15:10.570000
 CVE-2024-2801,0,0,1ca5dfed39817a84ca735ed643093ecf136c9970036fea0138993049aaaaccb7,2024-11-21T09:10:33.423000
-CVE-2024-28010,0,1,9efa7a14b1d8bdf09421d59a7ed77cea37ac1738e7c50188e81bf9cb1bbf17cb,2025-01-14T04:15:10.807000
-CVE-2024-28011,0,1,fec196142dbab3db426684437cee6093978d733b3d0a45c916e4aec970758c86,2025-01-14T04:15:11
-CVE-2024-28012,0,1,87d141419e8c7f128982750023e3ec1e976ac47b29ad9b8d2c9bb03dd60be622,2025-01-14T04:15:11.190000
-CVE-2024-28013,0,1,280bcd0de0622447cde065c0f3f6f0df6920a91ef4c6aad207057f1744479404,2025-01-14T04:15:11.427000
-CVE-2024-28014,0,1,41625df99f453d3ffaca450014299a8b29e4ea5ba0c886a20ecfe541c3e779f5,2025-01-14T04:15:11.617000
-CVE-2024-28015,0,1,70d32c00f90d171129ccd0af0d2ebd8dbe72335e809f4e5cf6f251a8c45f8e68,2025-01-14T04:15:11.820000
-CVE-2024-28016,0,0,cb5159e3eae25dfae2dea506f1ce31fa01c2fbef28875037e8564095075635cd,2024-12-06T21:15:06.640000
+CVE-2024-28010,0,0,9efa7a14b1d8bdf09421d59a7ed77cea37ac1738e7c50188e81bf9cb1bbf17cb,2025-01-14T04:15:10.807000
+CVE-2024-28011,0,0,fec196142dbab3db426684437cee6093978d733b3d0a45c916e4aec970758c86,2025-01-14T04:15:11
+CVE-2024-28012,0,0,87d141419e8c7f128982750023e3ec1e976ac47b29ad9b8d2c9bb03dd60be622,2025-01-14T04:15:11.190000
+CVE-2024-28013,0,0,280bcd0de0622447cde065c0f3f6f0df6920a91ef4c6aad207057f1744479404,2025-01-14T04:15:11.427000
+CVE-2024-28014,0,0,41625df99f453d3ffaca450014299a8b29e4ea5ba0c886a20ecfe541c3e779f5,2025-01-14T04:15:11.617000
+CVE-2024-28015,0,0,70d32c00f90d171129ccd0af0d2ebd8dbe72335e809f4e5cf6f251a8c45f8e68,2025-01-14T04:15:11.820000
+CVE-2024-28016,0,1,749488d31ac32a9ea2b931fc388c512a146a1ae63d159c28c7a31b47cea37620,2025-01-14T05:15:08.677000
 CVE-2024-2802,0,0,4d7e48fbf79d86b86a336401cd7856f9a2e312e8845717a11d0136644698f700,2024-03-26T15:15:49.677000
 CVE-2024-28020,0,0,353857c6f72177d44fa539cd26ab29ac243a888fbe1ba2619943550305df92b7,2024-11-21T09:05:39.310000
 CVE-2024-28021,0,0,ef91a2bbc3a7ba80aa4b93dc521740325b47bcd3461fc4ac520536869818ea73,2024-11-21T09:05:39.497000