Auto-Update: 2025-01-13T07:00:21.953711+00:00

CVE-2024/CVE-2024-116xx/CVE-2024-11636.json

@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-11636",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-13T06:15:08.693",
+  "lastModified": "2025-01-13T06:15:08.693",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Email Subscribers by Icegram Express  WordPress plugin before 5.7.45 does not sanitise and escape some of its Text Block options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/da616c20-3d74-4d3a-95f5-2d71d9ada094/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-122xx/CVE-2024-12274.json

@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-12274",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-13T06:15:10.000",
+  "lastModified": "2025-01-13T06:15:10.000",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Appointment Booking Calendar Plugin and Scheduling Plugin  WordPress plugin before 1.1.23 export settings functionality exports data to a public folder, with an easily guessable file name, allowing unauthenticated attackers to access the exported files (if they exist)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/e3176c9a-63f3-4a28-a8a7-8abb2b4100ef/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-125xx/CVE-2024-12566.json

@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-12566",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-13T06:15:10.130",
+  "lastModified": "2025-01-13T06:15:10.130",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Email Subscribers by Icegram Express  WordPress plugin before 5.7.45 does not sanitise and escape some of form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/9206064a-d54e-44ad-9670-65520ee166a6/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-125xx/CVE-2024-12567.json

@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-12567",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-13T06:15:10.260",
+  "lastModified": "2025-01-13T06:15:10.260",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Email Subscribers by Icegram Express  WordPress plugin before 5.7.45 does not sanitise and escape some of its form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/82051ccc-c528-4ff3-900a-3b8e8ad34145/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-125xx/CVE-2024-12568.json

@@ -0,0 +1,21 @@
+{
+  "id": "CVE-2024-12568",
+  "sourceIdentifier": "contact@wpscan.com",
+  "published": "2025-01-13T06:15:10.380",
+  "lastModified": "2025-01-13T06:15:10.380",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Email Subscribers by Icegram Express  WordPress plugin before 5.7.45 does not sanitise and escape some of its Workflow settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://wpscan.com/vulnerability/0ce9075a-754b-474e-9620-17da8ee29b56/",
+      "source": "contact@wpscan.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-01-13T05:00:19.247073+00:00
+2025-01-13T07:00:21.953711+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-01-13T04:15:06.477000+00:00
+2025-01-13T06:15:10.380000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,16 +33,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-276820
+276825
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `5`
 
-- [CVE-2025-0409](CVE-2025/CVE-2025-04xx/CVE-2025-0409.json) (`2025-01-13T03:15:06.667`)
-- [CVE-2025-0410](CVE-2025/CVE-2025-04xx/CVE-2025-0410.json) (`2025-01-13T03:15:06.847`)
-- [CVE-2025-0412](CVE-2025/CVE-2025-04xx/CVE-2025-0412.json) (`2025-01-13T04:15:06.477`)
+- [CVE-2024-11636](CVE-2024/CVE-2024-116xx/CVE-2024-11636.json) (`2025-01-13T06:15:08.693`)
+- [CVE-2024-12274](CVE-2024/CVE-2024-122xx/CVE-2024-12274.json) (`2025-01-13T06:15:10.000`)
+- [CVE-2024-12566](CVE-2024/CVE-2024-125xx/CVE-2024-12566.json) (`2025-01-13T06:15:10.130`)
+- [CVE-2024-12567](CVE-2024/CVE-2024-125xx/CVE-2024-12567.json) (`2025-01-13T06:15:10.260`)
+- [CVE-2024-12568](CVE-2024/CVE-2024-125xx/CVE-2024-12568.json) (`2025-01-13T06:15:10.380`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -244580,6 +244580,7 @@ CVE-2024-11632,0,0,de73f7ca209ed3887af097dcd8d60cda4bdd27816f354a861b8ba50b3a9bc
 CVE-2024-11633,0,0,ec2ee5d42526708d0c247f1efcfef18b7ca46f7d0173b75ddfcc1ac75afc9e99,2024-12-10T19:15:19.443000
 CVE-2024-11634,0,0,e0423804dbaae41000eefac776623fcebb674fb7c1dc8b9d22b613f3f40aa1e7,2024-12-10T19:15:19.570000
 CVE-2024-11635,0,0,ffacee27dce2a3419b3aa106b350e83d5585d5dcfe645774b0023dac2c389ee8,2025-01-08T08:15:24.117000
+CVE-2024-11636,1,1,08f2b1951fb5310e3b20f77f712e99d5e6fcde80301071f3129868f937fbf1eb,2025-01-13T06:15:08.693000
 CVE-2024-11639,0,0,0210e46589d8e363ac9b295eb4432d5b1bb6755405d9d65212946ea82705ab83,2024-12-10T19:15:19.690000
 CVE-2024-1164,0,0,ea75a9ac84fb05bc5899ed5764c236687fb5121f662769fb6e46971a20a2f34a,2024-11-21T08:49:56.530000
 CVE-2024-11642,0,0,e083dfd7b8388b09206f810c50ef0061b39601a9804b6746591b0dd89f756ab4,2025-01-09T11:15:10.187000
@@ -245104,6 +245105,7 @@ CVE-2024-1227,0,0,2b74966c63acb4b53db9100814c0ea98b900c2b18de594c13a326b21bfb265
 CVE-2024-12270,0,0,a59b36ad08a62409fa966fc5cef53e6796ba20371cadd9c7e001162bc2771bae,2024-12-07T10:15:06.200000
 CVE-2024-12271,0,0,e756524ee3996486f46fc9dfb0848744c8a90daec55e50296545ffd31d194dcb,2024-12-12T13:15:07.570000
 CVE-2024-12272,0,0,cbbb238a5fc49c4ada4f96dbd5ec3bf6a1bab33a6ad37ef5b0235e516631a83b,2024-12-25T04:15:06.457000
+CVE-2024-12274,1,1,5b8650cf888d87403d3fdc4ecb2aa7e0bfbd23a56a9654e337d742a1173cebf6,2025-01-13T06:15:10
 CVE-2024-12279,0,0,28f926ab6f57c2b10bee59d6914cc0152fa6a23fa0d172ad6d11e3d9d407b5c2,2025-01-04T12:15:24.453000
 CVE-2024-1228,0,0,02a2d35b9c29d8600ba5afee210d0e6465f5ee41eb5d9edcafc9d5f9e15f44ef,2024-11-21T08:50:06.280000
 CVE-2024-12283,0,0,27e00fa0bc574ce5113c52cfd02ee2100414eb1f36a7d99001797949356bf37d,2024-12-11T09:15:05.697000
@@ -245315,6 +245317,9 @@ CVE-2024-12559,0,0,57ab0e0bbf049179f4bb043a31125569183e3823c6e0814b5b25df137c49e
 CVE-2024-1256,0,0,ea8829298a5ced036094d7fead955f33827bc36bbc0a7f87a81ee1f95b95b282,2024-11-21T08:50:10.293000
 CVE-2024-12560,0,0,d33290fc3e54f51dd78cb0afaf9a18e8538f72db9dd0f598ab5a68b55bfe89a1,2024-12-19T07:15:13.507000
 CVE-2024-12564,0,0,0abcb221861e5fc99f1edf43c59fea9ce50a3b4bd68b4b9a5961d76741772172,2024-12-12T15:15:12.097000
+CVE-2024-12566,1,1,d5a99af79f9f09fe2b81f8d4098ecb332e256b2007da72d1df5e53e36b3b1191,2025-01-13T06:15:10.130000
+CVE-2024-12567,1,1,178ed845f04f437f42c6cadcee74c95f82a0c29926c2403289c3d15d1656e72a,2025-01-13T06:15:10.260000
+CVE-2024-12568,1,1,8b8ea8d0c910a0053ab8bf3425ca9863311ac1fd011be1a1d8524135b9d0286c,2025-01-13T06:15:10.380000
 CVE-2024-12569,0,0,f75ddc9e99d18c4cfddc5b909f2c374e6db9e2363680671699b7fc90362d5ccd,2025-01-07T10:15:06.757000
 CVE-2024-1257,0,0,7cc030c8f0ebfb33a80da788a5513945114551aaaa2999db4fa614a5f6b08a9b,2024-11-21T08:50:10.443000
 CVE-2024-12570,0,0,be94920192af405ec932f38181a462713be2ef7292a21e90f93bf4238cc63d84,2024-12-12T12:15:22.660000
@@ -276571,9 +276576,9 @@ CVE-2025-0405,0,0,fa7310491d9b035f03a92a039aa8a0993082233b0ddec8e7ad737235e8a8c9
 CVE-2025-0406,0,0,2f78f472395c39528e55d8c1dfd0c163afdde35d888fe98333c6795188428f15,2025-01-13T02:15:07.490000
 CVE-2025-0407,0,0,20407171783d37a0839404a22bdf916745f5250cb3a37c45186573bc29163052,2025-01-13T02:15:07.667000
 CVE-2025-0408,0,0,67cb553ef2c4b7288311b574900a3763fb63fba59f3c7a7a7d129bc8a401d949,2025-01-13T02:15:07.840000
-CVE-2025-0409,1,1,5977f456246a3df58d5394ce85d10ffca63f6aba373f8079aa72161dded830de,2025-01-13T03:15:06.667000
-CVE-2025-0410,1,1,a8e3c0bff0c859e1514d3e3cb3c44d0409eb1b446e65a182236a181d1b90191b,2025-01-13T03:15:06.847000
-CVE-2025-0412,1,1,bfbf47e0956b1bfccce4c3a829b70c8095a189edb5636c3ef3ebd81177784d3c,2025-01-13T04:15:06.477000
+CVE-2025-0409,0,0,5977f456246a3df58d5394ce85d10ffca63f6aba373f8079aa72161dded830de,2025-01-13T03:15:06.667000
+CVE-2025-0410,0,0,a8e3c0bff0c859e1514d3e3cb3c44d0409eb1b446e65a182236a181d1b90191b,2025-01-13T03:15:06.847000
+CVE-2025-0412,0,0,bfbf47e0956b1bfccce4c3a829b70c8095a189edb5636c3ef3ebd81177784d3c,2025-01-13T04:15:06.477000
 CVE-2025-20033,0,0,6c60c85e451f1d6db70378d678ddf83dacc7c823ecfb493748ed6d94114eff49,2025-01-09T07:15:28.450000
 CVE-2025-20123,0,0,54512af23f890abd1fef44213c66523a0b62c1420699fcab5bda08e37f5f4455,2025-01-08T16:15:38.150000
 CVE-2025-20126,0,0,0fcc9383f8a59c5e0d551ae3c2ee7933f9c74701d79731c282030a0992412e7d,2025-01-08T19:15:38.553000