mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-11 16:13:34 +00:00
Auto-Update: 2024-08-16T06:00:17.201125+00:00
This commit is contained in:
cad-safe-bot
parent
785315de70
commit
aa99cdb17e
72
CVE-2024/CVE-2024-73xx/CVE-2024-7301.json
Normal file
72
CVE-2024/CVE-2024-73xx/CVE-2024-7301.json
Normal file
@ -0,0 +1,72 @@
|
||||
{
|
||||
"id": "CVE-2024-7301",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-08-16T05:15:12.177",
|
||||
"lastModified": "2024-08-16T05:15:12.177",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.2,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/wp-file-upload/tags/4.24.8/lib/wfu_io.php#L176",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/browser/wp-file-upload/tags/4.24.8/lib/wfu_security.php#L50",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3136025/",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/plugins/wp-file-upload/#developers",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e2b16b9c-48c7-4370-839b-696797ff2101?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
60
CVE-2024/CVE-2024-74xx/CVE-2024-7422.json
Normal file
60
CVE-2024/CVE-2024-74xx/CVE-2024-7422.json
Normal file
@ -0,0 +1,60 @@
|
||||
{
|
||||
"id": "CVE-2024-7422",
|
||||
"sourceIdentifier": "security@wordfence.com",
|
||||
"published": "2024-08-16T04:15:07.497",
|
||||
"lastModified": "2024-08-16T04:15:07.497",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.1.7. This is due to missing or incorrect nonce validation on the tml_admin_save_ms_settings() function. This makes it possible for unauthenticated attackers to update the theme's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Please note that this only affects multi-site instances."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "security@wordfence.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-352"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://plugins.trac.wordpress.org/changeset/3135854/theme-my-login/trunk/admin/settings.php",
|
||||
"source": "security@wordfence.com"
|
||||
},
|
||||
{
|
||||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0fb8e956-3a95-4e55-9816-be7eddb5835d?source=cve",
|
||||
"source": "security@wordfence.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
22
README.md
22
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-08-16T04:00:17.399342+00:00
|
||||
2024-08-16T06:00:17.201125+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-08-16T03:15:10.093000+00:00
|
||||
2024-08-16T05:15:12.177000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,25 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
260200
|
||||
260202
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `12`
|
||||
Recently added CVEs: `2`
|
||||
|
||||
- [CVE-2022-3399](CVE-2022/CVE-2022-33xx/CVE-2022-3399.json) (`2024-08-16T03:15:09.627`)
|
||||
- [CVE-2023-7049](CVE-2023/CVE-2023-70xx/CVE-2023-7049.json) (`2024-08-16T03:15:09.887`)
|
||||
- [CVE-2024-43369](CVE-2024/CVE-2024-433xx/CVE-2024-43369.json) (`2024-08-16T02:15:16.600`)
|
||||
- [CVE-2024-43370](CVE-2024/CVE-2024-433xx/CVE-2024-43370.json) (`2024-08-16T02:15:17.487`)
|
||||
- [CVE-2024-43374](CVE-2024/CVE-2024-433xx/CVE-2024-43374.json) (`2024-08-16T02:15:17.687`)
|
||||
- [CVE-2024-43378](CVE-2024/CVE-2024-433xx/CVE-2024-43378.json) (`2024-08-16T02:15:17.877`)
|
||||
- [CVE-2024-7630](CVE-2024/CVE-2024-76xx/CVE-2024-7630.json) (`2024-08-16T03:15:10.093`)
|
||||
- [CVE-2024-7845](CVE-2024/CVE-2024-78xx/CVE-2024-7845.json) (`2024-08-16T02:15:18.080`)
|
||||
- [CVE-2024-7849](CVE-2024/CVE-2024-78xx/CVE-2024-7849.json) (`2024-08-16T02:15:18.420`)
|
||||
- [CVE-2024-7851](CVE-2024/CVE-2024-78xx/CVE-2024-7851.json) (`2024-08-16T02:15:18.720`)
|
||||
- [CVE-2024-7852](CVE-2024/CVE-2024-78xx/CVE-2024-7852.json) (`2024-08-16T02:15:18.960`)
|
||||
- [CVE-2024-7853](CVE-2024/CVE-2024-78xx/CVE-2024-7853.json) (`2024-08-16T02:15:19.217`)
|
||||
- [CVE-2024-7301](CVE-2024/CVE-2024-73xx/CVE-2024-7301.json) (`2024-08-16T05:15:12.177`)
|
||||
- [CVE-2024-7422](CVE-2024/CVE-2024-74xx/CVE-2024-7422.json) (`2024-08-16T04:15:07.497`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
26
_state.csv
26
_state.csv
@ -201160,7 +201160,7 @@ CVE-2022-33986,0,0,b73806fd6214ccbe22c050867f0f8bc8416991d60b33ae72b2e29dbd355db
|
||||
CVE-2022-33987,0,0,6ba4eaffba81d7b64000b8f1b479a86619716014614cfa7a5311bf2021cafeb1,2022-06-28T16:15:31.270000
|
||||
CVE-2022-33988,0,0,69dfcc014caa76cd327269141e2b02134adee4ef60f5f9f5094eea582df01db9,2022-08-17T21:05:17.970000
|
||||
CVE-2022-33989,0,0,b780074098c3da37829ee5c071dbb29131ee5500cc32de82906be641db3d344a,2022-08-18T16:53:15.373000
|
||||
CVE-2022-3399,1,1,62eefac4257f771bfee32f3fa659772eaf24c7e2d824a146f4de96862f9b43a3,2024-08-16T03:15:09.627000
|
||||
CVE-2022-3399,0,0,62eefac4257f771bfee32f3fa659772eaf24c7e2d824a146f4de96862f9b43a3,2024-08-16T03:15:09.627000
|
||||
CVE-2022-33990,0,0,86964e8ef84b8a7b82e7c133d303ead83e4c0d56eaefbdaa57d614afd993fb4a,2022-08-18T16:54:32.357000
|
||||
CVE-2022-33991,0,0,2b7ffb54165ff5994d07f65e5f00bd0e333c3f31fa13fbf4bbcc5aebc88cc389,2022-08-18T16:46:11.837000
|
||||
CVE-2022-33992,0,0,493ae6c84e67968b47ab6a7d3bac6cf9f966bb4de056cf28ef7a4925f8282f52,2022-08-18T17:32:05.233000
|
||||
@ -240750,7 +240750,7 @@ CVE-2023-7045,0,0,56f72b8799718b9a57c25f98da5738945d9d62f196c72ae2e5b5400f5c5f90
|
||||
CVE-2023-7046,0,0,1325b623fc707ac674099e6d171e788fc0b1271e372288eb5bdf13523bf4b8ca,2024-04-10T13:24:00.070000
|
||||
CVE-2023-7047,0,0,df412ac3889a701032edbec4023d6825e5fec0bc08c785aea05e4842aa327410,2024-01-04T18:37:04.157000
|
||||
CVE-2023-7048,0,0,083baa3f6965f5009fe64187caefcf38bee2f72058b5af742496e5b61251d78e,2024-01-17T22:32:55.657000
|
||||
CVE-2023-7049,1,1,c9c64ebb45328d6379d7b9e0977b8153ac03ebb2658b524226f8e3923aaa7781,2024-08-16T03:15:09.887000
|
||||
CVE-2023-7049,0,0,c9c64ebb45328d6379d7b9e0977b8153ac03ebb2658b524226f8e3923aaa7781,2024-08-16T03:15:09.887000
|
||||
CVE-2023-7050,0,0,4bac6368bd056bdc5019cf32a62705315940d90e07b309dce57a8f7c89dab9f8,2024-05-17T02:34:05.373000
|
||||
CVE-2023-7051,0,0,b8788206b16eeac2e6b6ec8dad7522a48e5f8adb781565bd9e4c184f5f83713b,2024-05-17T02:34:06.490000
|
||||
CVE-2023-7052,0,0,60b16bacd9aaaea9beebec67ac2450cdfe6c1fa660e825b82aa03b6c05c78d4c,2024-05-17T02:34:06.593000
|
||||
@ -257661,12 +257661,12 @@ CVE-2024-43360,0,0,5e83697ea820bba28f28ac74c16eaa49368718cf4d29d0f4eeaac44e95899
|
||||
CVE-2024-43366,0,0,c6a0c9b79f40e9ac6adfe96e8a726d4a739758a69bf451c548536be75a4590b2,2024-08-15T21:15:17.520000
|
||||
CVE-2024-43367,0,0,aa40d7ce5e159a344ef88943101f5635e11309c45219cf73c00055952573916e,2024-08-15T21:15:17.777000
|
||||
CVE-2024-43368,0,0,bc8404f29bdb04258d364b3952f9782a6581bd81b6fee1a7f290b39a6cca9c9f,2024-08-15T13:01:10.150000
|
||||
CVE-2024-43369,1,1,f4a5465ed291f137718691ee1318e2bc4e90e440fba9c05e2762e4333a7f89d5,2024-08-16T02:15:16.600000
|
||||
CVE-2024-43369,0,0,f4a5465ed291f137718691ee1318e2bc4e90e440fba9c05e2762e4333a7f89d5,2024-08-16T02:15:16.600000
|
||||
CVE-2024-4337,0,0,87f9a4f489ef032776e3da435c02385147be0cf8fdf2fdcc393190f8f887eca5,2024-04-30T13:11:16.690000
|
||||
CVE-2024-43370,1,1,59b87d7d60e811132be75fab5860fc7d531485b8890b7e3ad6ed1f41f6548b62,2024-08-16T02:15:17.487000
|
||||
CVE-2024-43370,0,0,59b87d7d60e811132be75fab5860fc7d531485b8890b7e3ad6ed1f41f6548b62,2024-08-16T02:15:17.487000
|
||||
CVE-2024-43373,0,0,69d56183bd2a33523e74549d732339012a778a169f9424729adc89709a9fb8e3,2024-08-15T17:34:07.033000
|
||||
CVE-2024-43374,1,1,7644def70e08cd7a711b128ad560c089ada83dcf140f909f0ac36102735face9,2024-08-16T02:15:17.687000
|
||||
CVE-2024-43378,1,1,d0e1086da4bd21519e32eff9bfa155f1714d7bd494c9d21a9f49685aa5f864a3,2024-08-16T02:15:17.877000
|
||||
CVE-2024-43374,0,0,7644def70e08cd7a711b128ad560c089ada83dcf140f909f0ac36102735face9,2024-08-16T02:15:17.687000
|
||||
CVE-2024-43378,0,0,d0e1086da4bd21519e32eff9bfa155f1714d7bd494c9d21a9f49685aa5f864a3,2024-08-16T02:15:17.877000
|
||||
CVE-2024-4339,0,0,240ed7230e0a6e458ae0cd6534f1dc024d6c16f3537e0357643e823e6aa09596,2024-05-14T16:11:39.510000
|
||||
CVE-2024-4340,0,0,47279ef0860b5c8c8bd0a3697c64eecb43c1be11e1b93224b8fe23143c960d81,2024-04-30T17:52:35.057000
|
||||
CVE-2024-4341,0,0,60a5b39ccdef4d059dc8073670ab0aea750a7880bf4e71543025f3d18b32ff1e,2024-07-08T15:49:22.437000
|
||||
@ -259899,6 +259899,7 @@ CVE-2024-7291,0,0,298cd3a818c66e9bf797d2d090f42649293656283b8daab213f19385b28931
|
||||
CVE-2024-7297,0,0,cb4ca8684118dc46d1f9724d628f899c3458badae695854f058e1eba8efe7ce6,2024-07-31T12:57:02.300000
|
||||
CVE-2024-7299,0,0,18b86413af481c73d022a0c4ed8ac3628863652a0dcfb13bf199bbb5e4db4366,2024-07-31T16:15:05.217000
|
||||
CVE-2024-7300,0,0,a2e066ea38ffd4d283558ac9c550384947d588019ed19b0e0b6c2becc0799ae9,2024-07-31T14:15:08.080000
|
||||
CVE-2024-7301,1,1,68efc052c3ff82c00991a0bb754a03ac5193288502719b678a27062d039892f4,2024-08-16T05:15:12.177000
|
||||
CVE-2024-7302,0,0,3e3978a555cf8f7617492d06d41673a59c5323c552cb9b37b079247ec7c0af88,2024-08-01T12:42:36.933000
|
||||
CVE-2024-7303,0,0,9520f852975600abd145b384cdd7bd5ee8f54af62f4a78fc6dcf9ca25a845304,2024-08-12T16:47:04.740000
|
||||
CVE-2024-7306,0,0,3c865c91ac7fc6c8c32a68429064dd89f6391277f467a5bdc571f15092dbadd4,2024-08-12T16:33:51.090000
|
||||
@ -259978,6 +259979,7 @@ CVE-2024-7413,0,0,1e2e6e629ae076e767a4ed710c2f32c76d2bd71396701e30749c7812afe7ed
|
||||
CVE-2024-7414,0,0,75779b8687375e2d55d3e2d954892bdff56935440cca361ae4c6a6a0a4f3bed5,2024-08-12T13:41:36.517000
|
||||
CVE-2024-7416,0,0,9f5565f11e96fff207b91fc0825d45934365835075928991c71489e2cad44813,2024-08-12T13:41:36.517000
|
||||
CVE-2024-7420,0,0,900b53573d93f498a815ef6b5a664e0852d0bc5883291fa6f9b7211ca7e3509a,2024-08-15T13:01:10.150000
|
||||
CVE-2024-7422,1,1,d3b0948dba31e8818223206c1d1d5ef43788c157a17720b489316543b1773917,2024-08-16T04:15:07.497000
|
||||
CVE-2024-7436,0,0,4e5f8b4434de8d3be7545b252fde74866f6d1e15f143f31c26845d516524cae6,2024-08-05T12:41:45.957000
|
||||
CVE-2024-7437,0,0,6536d7f97d7ad58b67ec8c23497b1bab63383020d43415bc5b4c83af23e0fa6d,2024-08-12T13:38:43.060000
|
||||
CVE-2024-7438,0,0,e0751aac5a1208089fd3136e155c05769dcef78130a2d9c6fdc04c87ca92fb9a,2024-08-12T13:38:43.203000
|
||||
@ -260096,7 +260098,7 @@ CVE-2024-7621,0,0,1acf6d4c2a821fce1e3f9264509576725bd5b71a2c3ef943afe6ab5d293518
|
||||
CVE-2024-7624,0,0,fe880bbf70f7d6e0e0d7959fc4667ae33cede9b405a9b87471b54fc1288842d6,2024-08-15T13:01:10.150000
|
||||
CVE-2024-7625,0,0,f8c051bee159f37ecabf1edf8939b9aaaa1199377d2392fdca002a4a5223d380,2024-08-15T13:01:10.150000
|
||||
CVE-2024-7628,0,0,3ea535a326d0197b5259672683acf97672f398fa364ea0c9846f4657432fb454,2024-08-15T13:01:10.150000
|
||||
CVE-2024-7630,1,1,df3389a6db8f0c05739658197f1cff43bda4e33470ada70c9ccf1545e9f2c252,2024-08-16T03:15:10.093000
|
||||
CVE-2024-7630,0,0,df3389a6db8f0c05739658197f1cff43bda4e33470ada70c9ccf1545e9f2c252,2024-08-16T03:15:10.093000
|
||||
CVE-2024-7633,0,0,3b1df1487eb71af2061753f656e2660f3fdd60b89404cd84fa2c01a4dff29ee6,2024-08-12T13:38:45.690000
|
||||
CVE-2024-7635,0,0,77137333cb856f76f03e4b50e0e5dbce5cc99fa466aafebf6530d8cfb2e96fdd,2024-08-15T18:12:33.270000
|
||||
CVE-2024-7636,0,0,81414365f80fa57b345628baccc97b68e4a32475a3dd61fce01a599a3ee31eee,2024-08-15T18:13:23.327000
|
||||
@ -260191,11 +260193,11 @@ CVE-2024-7841,0,0,4632c3971b04a57562f61d399cd515c2019f246d80ccf6d4c535c7b4361e8c
|
||||
CVE-2024-7842,0,0,12f11ac340531e2626da79ded774ccfb3de899c06029be44f6c75df1710957a6,2024-08-15T22:15:07.310000
|
||||
CVE-2024-7843,0,0,519d47bcb9fc9e3a27bbd644c576e4cb35d41e45b051fa509cdd6678ff80bc77,2024-08-15T23:15:10.453000
|
||||
CVE-2024-7844,0,0,59508ebc076bca47c92fd6f0f56b8bc2f4a5223afe39a11234df2e1523ff3db6,2024-08-15T23:15:10.740000
|
||||
CVE-2024-7845,1,1,cec4b12e61ad5af6384512b749ee37de40fed005846071fbed5b1d50646ef5d2,2024-08-16T02:15:18.080000
|
||||
CVE-2024-7849,1,1,9a53b4edab927376347b56000f29fdf1a4dd91182da5073ac560b628d587dcc1,2024-08-16T02:15:18.420000
|
||||
CVE-2024-7851,1,1,7e9d901db98778c459aec9ca281e5991e7b51117a6ceaa3bed0c4f742b3c9965,2024-08-16T02:15:18.720000
|
||||
CVE-2024-7852,1,1,1036684783a76d9d06f3aeae0b7fecdc70daba8066ad73decf6a80515f103ae0,2024-08-16T02:15:18.960000
|
||||
CVE-2024-7853,1,1,ef852cb5b512c1135859e82139cbfc9c3676d14eb1435795734c924ea925f3b7,2024-08-16T02:15:19.217000
|
||||
CVE-2024-7845,0,0,cec4b12e61ad5af6384512b749ee37de40fed005846071fbed5b1d50646ef5d2,2024-08-16T02:15:18.080000
|
||||
CVE-2024-7849,0,0,9a53b4edab927376347b56000f29fdf1a4dd91182da5073ac560b628d587dcc1,2024-08-16T02:15:18.420000
|
||||
CVE-2024-7851,0,0,7e9d901db98778c459aec9ca281e5991e7b51117a6ceaa3bed0c4f742b3c9965,2024-08-16T02:15:18.720000
|
||||
CVE-2024-7852,0,0,1036684783a76d9d06f3aeae0b7fecdc70daba8066ad73decf6a80515f103ae0,2024-08-16T02:15:18.960000
|
||||
CVE-2024-7853,0,0,ef852cb5b512c1135859e82139cbfc9c3676d14eb1435795734c924ea925f3b7,2024-08-16T02:15:19.217000
|
||||
CVE-2024-7866,0,0,7b21c6eb36d73c92e1f7d8bb8574d36dfd6e1deee61d5ef7c7c7b7a0b352193c,2024-08-15T20:15:18.793000
|
||||
CVE-2024-7867,0,0,2c6807e6cda13329c05cc32828904aaff7f4fcd646d878acd15e994ea1a532df,2024-08-15T20:15:18.967000
|
||||
CVE-2024-7868,0,0,1270b7dc6c77cab6c2ea3d2de21860bb4fd556dbaed1521f53d18e8f28829e9b,2024-08-15T21:15:18.530000
|
||||
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user