Auto-Update: 2024-06-13T04:00:24.026006+00:00

2025-05-30 10:10:41 +00:00 · 2024-06-13 04:03:17 +00:00 · 2024-06-13 04:03:17 +00:00 · a7d8796946
commit a7d8796946
parent 28dbb114d0
3 changed files with 57 additions and 11 deletions
--- a/CVE-2024/CVE-2024-39xx/CVE-2024-3922.json
+++ b/CVE-2024/CVE-2024-39xx/CVE-2024-3922.json
@ -0,0 +1,47 @@
+{
+  "id": "CVE-2024-3922",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-06-13T02:15:08.833",
+  "lastModified": "2024-06-13T02:15:08.833",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 10.0,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://dokan.co/docs/wordpress/changelog/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9de41de-f2f7-4b16-8ec9-d30bbd3d8786?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-13T02:00:18.063699+00:00
+2024-06-13T04:00:24.026006+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-13T01:15:50.590000+00:00
+2024-06-13T02:15:08.833000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-253706
+253707
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `0`
+Recently added CVEs: `1`

+- [CVE-2024-3922](CVE-2024/CVE-2024-39xx/CVE-2024-3922.json) (`2024-06-13T02:15:08.833`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `3`
+Recently modified CVEs: `0`

- [CVE-2024-35235](CVE-2024/CVE-2024-352xx/CVE-2024-35235.json) (`2024-06-13T01:15:50.590`)
- [CVE-2024-4577](CVE-2024/CVE-2024-45xx/CVE-2024-4577.json) (`2024-06-13T01:00:02.087`)
- [CVE-2024-4610](CVE-2024/CVE-2024-46xx/CVE-2024-4610.json) (`2024-06-13T01:00:02.087`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -251330,7 +251330,7 @@ CVE-2024-35229,0,0,5ee88facfa68247ca9de07dbd334e85c15f8a3e466794415d20f2550dc151
 CVE-2024-3523,0,0,154d27d1d83a25b71ff1e934ce7ae9d9233e3d50ef1f8829c89abcc116ac6a21,2024-05-17T02:39:58.793000
 CVE-2024-35231,0,0,f8530b660fb5fe1a3f6068301d0584388b48db3deb576b79e05a1ef5783b526b,2024-05-28T12:39:28.377000
 CVE-2024-35232,0,0,e11d112dbb50bd6ac52fe1023c1686a96b37e3a0e6e89d4fb71dc8ea03458586,2024-05-28T12:39:42.673000
-CVE-2024-35235,0,1,18441cb8b60e8c9ce81d63ca4fc9c309eaf0ccf26c16ca4e31e8706780f92fd6,2024-06-13T01:15:50.590000
+CVE-2024-35235,0,0,18441cb8b60e8c9ce81d63ca4fc9c309eaf0ccf26c16ca4e31e8706780f92fd6,2024-06-13T01:15:50.590000
 CVE-2024-35236,0,0,9c23a184eb48860f429493171a4c62809168210276bc2ebf0f78566d7ec88f75,2024-05-28T12:39:28.377000
 CVE-2024-35237,0,0,27687b26a7b23ba1ab2f1369afb101a3e55bbdfed6512210bc15966acab9b92b,2024-05-28T12:39:28.377000
 CVE-2024-35238,0,0,90b2bf17c4613df420698bab76b724ca8e351da1091b572382c658446aa99656,2024-05-28T12:39:28.377000
@ -252477,6 +252477,7 @@ CVE-2024-3917,0,0,55f83f03b9292263c532dbe29e254e7b9925f1a39645bd6835596489dfabe5
 CVE-2024-3918,0,0,f0312710b8f2207cc4daf3e960aa8906c7e8839f8babda55f2853fd4763a97f9,2024-05-24T01:15:30.977000
 CVE-2024-3920,0,0,5dbee28fbacc5f4bbc65481ff7f645499d60469b501d304207882ca441f74491,2024-05-24T01:15:30.977000
 CVE-2024-3921,0,0,dc44586c5c7e1c74f5850e7b4d244cf53da902f950a29ac6c4f232f966454542,2024-05-29T13:02:09.280000
+CVE-2024-3922,1,1,440e5b6dedddefad66ba06f1cd9ab863e6048e6d8f1fc7f712c4943dae35cab6,2024-06-13T02:15:08.833000
 CVE-2024-3923,0,0,dcd7a979944a34edd9f4dd960691916feb4f3b194c37e215c41a761a1e13cac2,2024-05-14T16:11:39.510000
 CVE-2024-3924,0,0,396cfe762c72fbd5a1960b1ddaed612b95d18abd602e0e4dd151e2967ca06c2d,2024-05-30T18:19:11.743000
 CVE-2024-3925,0,0,ffb03ad3d7681dbc7a2ac7c0d5b931072feb525f55dbac91a3db33362697e56f,2024-06-12T08:15:50.500000
@ -252946,7 +252947,7 @@ CVE-2024-4571,0,0,b379f15291a8a65b330c223bc6a31fd0a21b183a906c0a4077ca3cf5d38b8a
 CVE-2024-4572,0,0,f5ca5c1acec751c453949e3111f6be45773ff402d3c1d2b8e88127a059aa7b1b,2024-05-14T15:44:06.153000
 CVE-2024-4574,0,0,313ec0d117ac92e67c29da349740abe9395db1d3208f8156cb88d417271721b1,2024-05-14T16:11:39.510000
 CVE-2024-4575,0,0,6bded3a6c54fd2b7daead76b33ebe13f0b01e085cf3109c110abbf745910c26e,2024-05-24T01:15:30.977000
-CVE-2024-4577,0,1,99745c29f0fc9c6c0b18373abc31f13626ab0e1c3857aea5a10a4935216b30e9,2024-06-13T01:00:02.087000
+CVE-2024-4577,0,0,99745c29f0fc9c6c0b18373abc31f13626ab0e1c3857aea5a10a4935216b30e9,2024-06-13T01:00:02.087000
 CVE-2024-4579,0,0,92215db7ae90e73ed5f9ed593ac042a14c345d9cfa9b9e96b650abf914d87abf,2024-05-14T15:44:07.607000
 CVE-2024-4580,0,0,8eea2c6efcadf197a7eb186820cafc4d96f736bb0925ed6e0f257f524d44d971,2024-05-16T13:03:05.353000
 CVE-2024-4581,0,0,76d80edc646ff1ece35896e94283319c4ca53356d1c75c256f7ea9adb85effeb,2024-06-04T16:57:41.053000
@ -252974,7 +252975,7 @@ CVE-2024-4605,0,0,953638d724b858b3af29d2158adc8bf0b3f03be99b297e319002baf558be51
 CVE-2024-4606,0,0,6a0f9aa1de71c84cf915c091fa2bebebead3ebb4c4bdbaf5b5bc091e1c955edc,2024-05-14T16:11:39.510000
 CVE-2024-4608,0,0,66fd8dbc7b1c172bc789c4876374c82bfd54c48e5902295fa28145d061770319,2024-06-06T14:17:35.017000
 CVE-2024-4609,0,0,c23c3de39dc98d86dc6853d31c2bc52148fecec26ec42d14e3cca3645de4f823,2024-05-17T18:36:31.297000
-CVE-2024-4610,0,1,81ff3ae6e48750d7db743becd24b39c747725961f69d5bed9a772eadd337b280,2024-06-13T01:00:02.087000
+CVE-2024-4610,0,0,81ff3ae6e48750d7db743becd24b39c747725961f69d5bed9a772eadd337b280,2024-06-13T01:00:02.087000
 CVE-2024-4611,0,0,0152495de6f2454e6b1280dd3d20184c586b399950947591d94dfb5475ea0272,2024-05-29T13:02:09.280000
 CVE-2024-4614,0,0,beb5630ff5db8a415fa4bf6f109dad49279ea5965bb91a1d7f892cd406978f05,2024-05-14T15:44:12.883000
 CVE-2024-4617,0,0,a9ac6f97f78093fda60c756da599c06372e99e21d7b1347de185ba0119cb6cca,2024-05-16T13:03:05.353000