From ad7760d39dc13dabba44a85d3e1b7f7fa1adf42e Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Mon, 5 Feb 2024 23:00:28 +0000 Subject: [PATCH] Auto-Update: 2024-02-05T23:00:25.171839+00:00 --- CVE-2023/CVE-2023-228xx/CVE-2023-22817.json | 55 ++++++++++++ CVE-2023/CVE-2023-228xx/CVE-2023-22819.json | 55 ++++++++++++ CVE-2023/CVE-2023-273xx/CVE-2023-27318.json | 55 ++++++++++++ CVE-2023/CVE-2023-340xx/CVE-2023-34042.json | 43 ++++++++++ CVE-2023/CVE-2023-405xx/CVE-2023-40549.json | 92 ++++++++++++++++++++- CVE-2023/CVE-2023-405xx/CVE-2023-40550.json | 92 ++++++++++++++++++++- CVE-2023/CVE-2023-45xx/CVE-2023-4551.json | 75 ++++++++++++++++- CVE-2023/CVE-2023-45xx/CVE-2023-4552.json | 75 ++++++++++++++++- CVE-2023/CVE-2023-45xx/CVE-2023-4553.json | 75 ++++++++++++++++- CVE-2023/CVE-2023-45xx/CVE-2023-4554.json | 75 ++++++++++++++++- CVE-2023/CVE-2023-46xx/CVE-2023-4637.json | 55 ++++++++++++ CVE-2023/CVE-2023-507xx/CVE-2023-50781.json | 59 +++++++++++++ CVE-2023/CVE-2023-507xx/CVE-2023-50782.json | 59 +++++++++++++ CVE-2023/CVE-2023-519xx/CVE-2023-51951.json | 20 +++++ CVE-2023/CVE-2023-521xx/CVE-2023-52192.json | 51 +++++++++++- CVE-2023/CVE-2023-53xx/CVE-2023-5372.json | 79 +++++++++++++++++- CVE-2023/CVE-2023-65xx/CVE-2023-6526.json | 47 +++++++++++ CVE-2023/CVE-2023-65xx/CVE-2023-6557.json | 47 +++++++++++ CVE-2023/CVE-2023-65xx/CVE-2023-6592.json | 8 +- CVE-2023/CVE-2023-66xx/CVE-2023-6635.json | 51 ++++++++++++ CVE-2023/CVE-2023-67xx/CVE-2023-6700.json | 47 +++++++++++ CVE-2023/CVE-2023-67xx/CVE-2023-6701.json | 51 ++++++++++++ CVE-2023/CVE-2023-68xx/CVE-2023-6807.json | 47 +++++++++++ CVE-2023/CVE-2023-68xx/CVE-2023-6808.json | 51 ++++++++++++ CVE-2023/CVE-2023-68xx/CVE-2023-6846.json | 47 +++++++++++ CVE-2023/CVE-2023-68xx/CVE-2023-6884.json | 55 ++++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6925.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6933.json | 51 ++++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6953.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6959.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6963.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6982.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6983.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6985.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6989.json | 47 +++++++++++ CVE-2023/CVE-2023-69xx/CVE-2023-6996.json | 47 +++++++++++ CVE-2023/CVE-2023-70xx/CVE-2023-7014.json | 47 +++++++++++ CVE-2023/CVE-2023-70xx/CVE-2023-7029.json | 47 +++++++++++ CVE-2024/CVE-2024-02xx/CVE-2024-0202.json | 55 ++++++++++++ CVE-2024/CVE-2024-02xx/CVE-2024-0221.json | 55 ++++++++++++ CVE-2024/CVE-2024-02xx/CVE-2024-0237.json | 6 +- CVE-2024/CVE-2024-02xx/CVE-2024-0238.json | 6 +- CVE-2024/CVE-2024-02xx/CVE-2024-0254.json | 51 ++++++++++++ CVE-2024/CVE-2024-02xx/CVE-2024-0255.json | 51 ++++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0324.json | 51 ++++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0366.json | 51 ++++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0370.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0371.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0372.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0373.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0374.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0380.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0382.json | 47 +++++++++++ CVE-2024/CVE-2024-03xx/CVE-2024-0384.json | 47 +++++++++++ CVE-2024/CVE-2024-04xx/CVE-2024-0428.json | 47 +++++++++++ CVE-2024/CVE-2024-04xx/CVE-2024-0448.json | 55 ++++++++++++ CVE-2024/CVE-2024-05xx/CVE-2024-0508.json | 55 ++++++++++++ CVE-2024/CVE-2024-05xx/CVE-2024-0509.json | 47 +++++++++++ CVE-2024/CVE-2024-05xx/CVE-2024-0585.json | 47 +++++++++++ CVE-2024/CVE-2024-05xx/CVE-2024-0586.json | 47 +++++++++++ CVE-2024/CVE-2024-05xx/CVE-2024-0597.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0612.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0630.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0659.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0660.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0668.json | 55 ++++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0678.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0691.json | 47 +++++++++++ CVE-2024/CVE-2024-06xx/CVE-2024-0699.json | 47 +++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0701.json | 47 +++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0709.json | 51 ++++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0761.json | 51 ++++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0790.json | 51 ++++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0791.json | 51 ++++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0796.json | 47 +++++++++++ CVE-2024/CVE-2024-07xx/CVE-2024-0797.json | 47 +++++++++++ CVE-2024/CVE-2024-08xx/CVE-2024-0823.json | 47 +++++++++++ CVE-2024/CVE-2024-08xx/CVE-2024-0834.json | 51 ++++++++++++ CVE-2024/CVE-2024-08xx/CVE-2024-0835.json | 51 ++++++++++++ CVE-2024/CVE-2024-08xx/CVE-2024-0859.json | 51 ++++++++++++ CVE-2024/CVE-2024-08xx/CVE-2024-0869.json | 55 ++++++++++++ CVE-2024/CVE-2024-09xx/CVE-2024-0954.json | 47 +++++++++++ CVE-2024/CVE-2024-09xx/CVE-2024-0961.json | 51 ++++++++++++ CVE-2024/CVE-2024-09xx/CVE-2024-0969.json | 47 +++++++++++ CVE-2024/CVE-2024-10xx/CVE-2024-1020.json | 59 +++++++++++-- CVE-2024/CVE-2024-10xx/CVE-2024-1024.json | 52 +++++++++++- CVE-2024/CVE-2024-10xx/CVE-2024-1028.json | 52 +++++++++++- CVE-2024/CVE-2024-10xx/CVE-2024-1046.json | 47 +++++++++++ CVE-2024/CVE-2024-10xx/CVE-2024-1052.json | 55 ++++++++++++ CVE-2024/CVE-2024-10xx/CVE-2024-1072.json | 47 +++++++++++ CVE-2024/CVE-2024-10xx/CVE-2024-1075.json | 51 ++++++++++++ CVE-2024/CVE-2024-10xx/CVE-2024-1092.json | 47 +++++++++++ CVE-2024/CVE-2024-11xx/CVE-2024-1121.json | 47 +++++++++++ CVE-2024/CVE-2024-11xx/CVE-2024-1177.json | 47 +++++++++++ CVE-2024/CVE-2024-12xx/CVE-2024-1208.json | 51 ++++++++++++ CVE-2024/CVE-2024-12xx/CVE-2024-1209.json | 51 ++++++++++++ CVE-2024/CVE-2024-12xx/CVE-2024-1210.json | 51 ++++++++++++ CVE-2024/CVE-2024-221xx/CVE-2024-22136.json | 51 +++++++++++- CVE-2024/CVE-2024-221xx/CVE-2024-22160.json | 62 +++++++++++++- CVE-2024/CVE-2024-221xx/CVE-2024-22161.json | 63 +++++++++++++- CVE-2024/CVE-2024-222xx/CVE-2024-22208.json | 59 +++++++++++++ CVE-2024/CVE-2024-226xx/CVE-2024-22682.json | 65 ++++++++++++++- CVE-2024/CVE-2024-245xx/CVE-2024-24543.json | 20 +++++ CVE-2024/CVE-2024-245xx/CVE-2024-24559.json | 59 +++++++++++++ CVE-2024/CVE-2024-245xx/CVE-2024-24574.json | 67 +++++++++++++++ CVE-2024/CVE-2024-245xx/CVE-2024-24595.json | 55 ++++++++++++ CVE-2024/CVE-2024-248xx/CVE-2024-24807.json | 63 ++++++++++++++ README.md | 81 ++++++++++-------- 108 files changed, 5416 insertions(+), 96 deletions(-) create mode 100644 CVE-2023/CVE-2023-228xx/CVE-2023-22817.json create mode 100644 CVE-2023/CVE-2023-228xx/CVE-2023-22819.json create mode 100644 CVE-2023/CVE-2023-273xx/CVE-2023-27318.json create mode 100644 CVE-2023/CVE-2023-340xx/CVE-2023-34042.json create mode 100644 CVE-2023/CVE-2023-46xx/CVE-2023-4637.json create mode 100644 CVE-2023/CVE-2023-507xx/CVE-2023-50781.json create mode 100644 CVE-2023/CVE-2023-507xx/CVE-2023-50782.json create mode 100644 CVE-2023/CVE-2023-519xx/CVE-2023-51951.json create mode 100644 CVE-2023/CVE-2023-65xx/CVE-2023-6526.json create mode 100644 CVE-2023/CVE-2023-65xx/CVE-2023-6557.json create mode 100644 CVE-2023/CVE-2023-66xx/CVE-2023-6635.json create mode 100644 CVE-2023/CVE-2023-67xx/CVE-2023-6700.json create mode 100644 CVE-2023/CVE-2023-67xx/CVE-2023-6701.json create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6807.json create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6808.json create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6846.json create mode 100644 CVE-2023/CVE-2023-68xx/CVE-2023-6884.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6925.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6933.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6953.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6959.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6963.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6982.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6983.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6985.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6989.json create mode 100644 CVE-2023/CVE-2023-69xx/CVE-2023-6996.json create mode 100644 CVE-2023/CVE-2023-70xx/CVE-2023-7014.json create mode 100644 CVE-2023/CVE-2023-70xx/CVE-2023-7029.json create mode 100644 CVE-2024/CVE-2024-02xx/CVE-2024-0202.json create mode 100644 CVE-2024/CVE-2024-02xx/CVE-2024-0221.json create mode 100644 CVE-2024/CVE-2024-02xx/CVE-2024-0254.json create mode 100644 CVE-2024/CVE-2024-02xx/CVE-2024-0255.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0324.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0366.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0370.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0371.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0372.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0373.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0374.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0380.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0382.json create mode 100644 CVE-2024/CVE-2024-03xx/CVE-2024-0384.json create mode 100644 CVE-2024/CVE-2024-04xx/CVE-2024-0428.json create mode 100644 CVE-2024/CVE-2024-04xx/CVE-2024-0448.json create mode 100644 CVE-2024/CVE-2024-05xx/CVE-2024-0508.json create mode 100644 CVE-2024/CVE-2024-05xx/CVE-2024-0509.json create mode 100644 CVE-2024/CVE-2024-05xx/CVE-2024-0585.json create mode 100644 CVE-2024/CVE-2024-05xx/CVE-2024-0586.json create mode 100644 CVE-2024/CVE-2024-05xx/CVE-2024-0597.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0612.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0630.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0659.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0660.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0668.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0678.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0691.json create mode 100644 CVE-2024/CVE-2024-06xx/CVE-2024-0699.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0701.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0709.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0761.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0790.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0791.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0796.json create mode 100644 CVE-2024/CVE-2024-07xx/CVE-2024-0797.json create mode 100644 CVE-2024/CVE-2024-08xx/CVE-2024-0823.json create mode 100644 CVE-2024/CVE-2024-08xx/CVE-2024-0834.json create mode 100644 CVE-2024/CVE-2024-08xx/CVE-2024-0835.json create mode 100644 CVE-2024/CVE-2024-08xx/CVE-2024-0859.json create mode 100644 CVE-2024/CVE-2024-08xx/CVE-2024-0869.json create mode 100644 CVE-2024/CVE-2024-09xx/CVE-2024-0954.json create mode 100644 CVE-2024/CVE-2024-09xx/CVE-2024-0961.json create mode 100644 CVE-2024/CVE-2024-09xx/CVE-2024-0969.json create mode 100644 CVE-2024/CVE-2024-10xx/CVE-2024-1046.json create mode 100644 CVE-2024/CVE-2024-10xx/CVE-2024-1052.json create mode 100644 CVE-2024/CVE-2024-10xx/CVE-2024-1072.json create mode 100644 CVE-2024/CVE-2024-10xx/CVE-2024-1075.json create mode 100644 CVE-2024/CVE-2024-10xx/CVE-2024-1092.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1121.json create mode 100644 CVE-2024/CVE-2024-11xx/CVE-2024-1177.json create mode 100644 CVE-2024/CVE-2024-12xx/CVE-2024-1208.json create mode 100644 CVE-2024/CVE-2024-12xx/CVE-2024-1209.json create mode 100644 CVE-2024/CVE-2024-12xx/CVE-2024-1210.json create mode 100644 CVE-2024/CVE-2024-222xx/CVE-2024-22208.json create mode 100644 CVE-2024/CVE-2024-245xx/CVE-2024-24543.json create mode 100644 CVE-2024/CVE-2024-245xx/CVE-2024-24559.json create mode 100644 CVE-2024/CVE-2024-245xx/CVE-2024-24574.json create mode 100644 CVE-2024/CVE-2024-245xx/CVE-2024-24595.json create mode 100644 CVE-2024/CVE-2024-248xx/CVE-2024-24807.json diff --git a/CVE-2023/CVE-2023-228xx/CVE-2023-22817.json b/CVE-2023/CVE-2023-228xx/CVE-2023-22817.json new file mode 100644 index 00000000000..ddc80e6be9a --- /dev/null +++ b/CVE-2023/CVE-2023-228xx/CVE-2023-22817.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-22817", + "sourceIdentifier": "psirt@wdc.com", + "published": "2024-02-05T22:15:54.820", + "lastModified": "2024-02-05T22:15:54.820", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed\u00a0by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.\u00a0\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@wdc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@wdc.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update", + "source": "psirt@wdc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-228xx/CVE-2023-22819.json b/CVE-2023/CVE-2023-228xx/CVE-2023-22819.json new file mode 100644 index 00000000000..9bed5e2ed4e --- /dev/null +++ b/CVE-2023/CVE-2023-228xx/CVE-2023-22819.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-22819", + "sourceIdentifier": "psirt@wdc.com", + "published": "2024-02-05T22:15:55.023", + "lastModified": "2024-02-05T22:15:55.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@wdc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@wdc.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "references": [ + { + "url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update", + "source": "psirt@wdc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27318.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27318.json new file mode 100644 index 00000000000..760d01843f3 --- /dev/null +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27318.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-27318", + "sourceIdentifier": "security-alert@netapp.com", + "published": "2024-02-05T21:15:10.737", + "lastModified": "2024-02-05T21:15:10.737", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through \n11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A \nsuccessful exploit could lead to a crash of the Local Distribution \nRouter (LDR) service.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@netapp.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-alert@netapp.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-248" + } + ] + } + ], + "references": [ + { + "url": "https://security.netapp.com/advisory/NTAP-20240202-0012/", + "source": "security-alert@netapp.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34042.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34042.json new file mode 100644 index 00000000000..ba1cd1ff033 --- /dev/null +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34042.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-34042", + "sourceIdentifier": "security@vmware.com", + "published": "2024-02-05T22:15:55.210", + "lastModified": "2024-02-05T22:15:55.210", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The spring-security.xsd file inside the \nspring-security-config jar is world writable which means that if it were\n extracted it could be written by anyone with access to the file system.\n\n\nWhile there are no known exploits, this is an example of \u201cCWE-732: \nIncorrect Permission Assignment for Critical Resource\u201d and could result \nin an exploit. Users should update to the latest version of Spring \nSecurity to mitigate any future exploits found around this issue.\n\n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@vmware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://spring.io/security/cve-2023-34042", + "source": "security@vmware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40549.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40549.json index b803a253c97..4adc54b4f56 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40549.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40549.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40549", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-29T17:15:08.580", - "lastModified": "2024-01-29T17:39:52.393", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:33:24.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 un fallo de lectura fuera de los l\u00edmites en Shim debido a la falta de una verificaci\u00f3n de l\u00edmites adecuada durante la carga de un binario PE. Esta falla permite a un atacante cargar un binario PE manipulado, lo que desencadena el problema y bloquea Shim, lo que resulta en una denegaci\u00f3n de servicio." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,14 +80,64 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.8", + "matchCriteriaId": "01639865-3664-4034-BCFB-F4E09AF37F28" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-40549", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241797", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40550.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40550.json index b846d3adf37..e1ddbf07a4d 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40550.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40550.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40550", "sourceIdentifier": "secalert@redhat.com", "published": "2024-01-29T17:15:08.773", - "lastModified": "2024-01-29T17:39:52.393", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:38:37.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 un fallo de lectura fuera de los l\u00edmites en Shim cuando intent\u00f3 validar la informaci\u00f3n SBAT. Este problema puede exponer datos confidenciales durante la fase de inicio del sistema." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -46,14 +80,64 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.8", + "matchCriteriaId": "01639865-3664-4034-BCFB-F4E09AF37F28" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-40550", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259915", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4551.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4551.json index 0bbc7f7d0db..4a79c7d167b 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4551.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4551.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4551", "sourceIdentifier": "security@opentext.com", "published": "2024-01-29T21:15:08.880", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T22:02:02.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@opentext.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@opentext.com", "type": "Secondary", @@ -50,10 +80,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.2", + "versionEndExcluding": "23.2", + "matchCriteriaId": "8F278A97-1D94-451A-8563-6ADB44E5EBAB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b", - "source": "security@opentext.com" + "source": "security@opentext.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4552.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4552.json index 537ab9a027e..cfeb7f4dd90 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4552.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4552.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4552", "sourceIdentifier": "security@opentext.com", "published": "2024-01-29T21:15:09.073", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:59:35.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + }, { "source": "security@opentext.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@opentext.com", "type": "Secondary", @@ -50,10 +80,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.2", + "versionEndExcluding": "23.2", + "matchCriteriaId": "8F278A97-1D94-451A-8563-6ADB44E5EBAB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b", - "source": "security@opentext.com" + "source": "security@opentext.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4553.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4553.json index fa398869e96..de6dbe9ebda 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4553.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4553.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4553", "sourceIdentifier": "security@opentext.com", "published": "2024-01-29T21:15:09.263", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:56:14.073", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@opentext.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@opentext.com", "type": "Secondary", @@ -50,10 +80,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.2", + "versionEndExcluding": "23.2", + "matchCriteriaId": "8F278A97-1D94-451A-8563-6ADB44E5EBAB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b", - "source": "security@opentext.com" + "source": "security@opentext.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4554.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4554.json index 5b17e4cb061..9d040b56a16 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4554.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4554.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4554", "sourceIdentifier": "security@opentext.com", "published": "2024-01-29T21:15:09.457", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:24:36.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@opentext.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + }, { "source": "security@opentext.com", "type": "Secondary", @@ -50,10 +80,49 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opentext:appbuilder:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.2", + "versionEndExcluding": "23.2", + "matchCriteriaId": "8F278A97-1D94-451A-8563-6ADB44E5EBAB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b", - "source": "security@opentext.com" + "source": "security@opentext.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4637.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4637.json new file mode 100644 index 00000000000..001e0892f66 --- /dev/null +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4637.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4637", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:55.410", + "lastModified": "2024-02-05T22:15:55.410", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the restore() and get_restore_progress() function in versions up to, and including, 0.9.94. This makes it possible for unauthenticated attackers to invoke these functions and obtain full file paths if they have access to a back-up ID." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wpvivid-backuprestore/trunk/includes/class-wpvivid.php#L3736", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wpvivid-backuprestore/trunk/includes/class-wpvivid.php#L3943", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3023214/wpvivid-backuprestore/trunk/includes/class-wpvivid.php?contextall=1&old=3007861&old_path=%2Fwpvivid-backuprestore%2Ftrunk%2Fincludes%2Fclass-wpvivid.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bad0bd6b-9c88-4d31-90b5-92d3ceb8c0af?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50781.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50781.json new file mode 100644 index 00000000000..a142c6d73a7 --- /dev/null +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50781.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-50781", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-02-05T21:15:10.970", + "lastModified": "2024-02-05T21:15:10.970", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-208" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-50781", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254426", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50782.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50782.json new file mode 100644 index 00000000000..083ece890f9 --- /dev/null +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50782.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-50782", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-02-05T21:15:11.183", + "lastModified": "2024-02-05T21:15:11.183", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-208" + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2023-50782", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254432", + "source": "secalert@redhat.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-519xx/CVE-2023-51951.json b/CVE-2023/CVE-2023-519xx/CVE-2023-51951.json new file mode 100644 index 00000000000..66de9973c28 --- /dev/null +++ b/CVE-2023/CVE-2023-519xx/CVE-2023-51951.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-51951", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-05T21:15:11.397", + "lastModified": "2024-02-05T21:15:11.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL Injection vulnerability in Stock Management System 1.0 allows a remote attacker to execute arbitrary code via the id parameter in the manage_bo.php file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2023-004", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json index a88809e658e..641a1a958e8 100644 --- a/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52192.json @@ -2,16 +2,40 @@ "id": "CVE-2023-52192", "sourceIdentifier": "audit@patchstack.com", "published": "2024-02-01T10:15:10.027", - "lastModified": "2024-02-01T13:41:44.257", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-02-05T21:01:02.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 1.0.11.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante de generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Keap Keap Official Opt-in Forms permite XSS almacenado. Este problema afecta a Keap Official Opt-in Forms: desde n/a hasta 1.0.11." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:keap:official_opt-in_forms:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.11", + "matchCriteriaId": "665BCA82-2558-4778-83D9-481E05076507" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/infusionsoft-official-opt-in-forms/wordpress-keap-official-opt-in-forms-plugin-1-0-11-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5372.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5372.json index 3fd50dd688d..695d62fdbdd 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5372.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5372.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5372", "sourceIdentifier": "security@zyxel.com.tw", "published": "2024-01-30T01:15:59.063", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T22:05:37.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -40,7 +40,7 @@ }, "weaknesses": [ { - "source": "security@zyxel.com.tw", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,12 +48,83 @@ "value": "CWE-78" } ] + }, + { + "source": "security@zyxel.com.tw", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nas326_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.21\\(aazf.16\\)c0", + "matchCriteriaId": "053F3522-4266-4E6D-ACBE-5A4F5E555D0A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nas326:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E0A01B19-4A91-4FBC-8447-2E854346DAC5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nas542_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.21\\(abag.13\\)c0", + "matchCriteriaId": "54116F95-2941-49EC-B0B1-BBAA9E62D420" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nas542:-:*:*:*:*:*:*:*", + "matchCriteriaId": "31C4DD0F-28D0-4BF7-897B-5EEC32AA7277" + } + ] + } + ] } ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products-01-30-2024", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6526.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6526.json new file mode 100644 index 00000000000..88ae64cf3e7 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6526.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6526", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:55.593", + "lastModified": "2024-02-05T22:15:55.593", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Meta Box \u2013 WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030376%40meta-box&new=3030376%40meta-box&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2a6bfc87-6135-4d49-baa2-e8e6291148dc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6557.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6557.json new file mode 100644 index 00000000000..297e0f3a7d5 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6557.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6557", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:55.767", + "lastModified": "2024-02-05T22:15:55.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The The Events Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.2.8.2 via the route function hooked into wp_ajax_nopriv_tribe_dropdown. This makes it possible for unauthenticated attackers to extract potentially sensitive data including post titles and IDs of pending, private and draft posts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010104%40the-events-calendar%2Ftags%2F6.2.9&old=3010096%40the-events-calendar%2Ftags%2F6.2.9", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fc40196e-c0f3-4bc6-ac4b-b866902def61?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6592.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6592.json index 2d9e4521c33..4b83c820a96 100644 --- a/CVE-2023/CVE-2023-65xx/CVE-2023-6592.json +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6592.json @@ -2,8 +2,8 @@ "id": "CVE-2023-6592", "sourceIdentifier": "contact@wpscan.com", "published": "2024-01-16T16:15:13.750", - "lastModified": "2024-01-23T14:56:28.100", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-05T22:15:55.937", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -69,6 +69,10 @@ } ], "references": [ + { + "url": "https://research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit/", + "source": "contact@wpscan.com" + }, { "url": "https://wpscan.com/vulnerability/a39bb807-b143-4863-88ff-1783e407d7d4/", "source": "contact@wpscan.com", diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6635.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6635.json new file mode 100644 index 00000000000..1ff3ada8f13 --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6635.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6635", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:56.023", + "lastModified": "2024-02-05T22:15:56.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'import_styles' function in versions up to, and including, 1.40.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/block-options/tags/1.40.3/includes/addons/styles-manager/rest-api/gutenberghub-styles-import-export-controller.php#L100", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3010794/block-options", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4528f9a1-7027-4aa9-b006-bea84aa19c84?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6700.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6700.json new file mode 100644 index 00000000000..bde34d37cea --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6700.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6700", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:56.187", + "lastModified": "2024-02-05T22:15:56.187", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be used to create administrator accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3028096/wp-gdpr-compliance/trunk?contextall=1&old=2865555&old_path=%2Fwp-gdpr-compliance%2Ftrunk", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/42a4ef37-c842-4925-b06a-3e6423337567?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6701.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6701.json new file mode 100644 index 00000000000..49d912413dc --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6701.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6701", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:56.357", + "lastModified": "2024-02-05T22:15:56.357", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom text field in all versions up to, and including, 6.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3022469/advanced-custom-fields", + "source": "security@wordfence.com" + }, + { + "url": "https://www.advancedcustomfields.com/blog/acf-6-2-5-security-release/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3593dfd-7b2a-4d01-8af0-725b444dc81b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6807.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6807.json new file mode 100644 index 00000000000..5a36b46cde0 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6807.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6807", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:56.543", + "lastModified": "2024-02-05T22:15:56.543", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom meta output in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://generatepress.com/category/changelog/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9dcd48b8-ec9e-44b4-b531-95940adbd100?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6808.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6808.json new file mode 100644 index 00000000000..1c48ea35025 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6808.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6808", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:56.710", + "lastModified": "2024-02-05T22:15:56.710", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Booking for Appointments and Events Calendar \u2013 Amelia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.93 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.svn.wordpress.org/ameliabooking/trunk/view/frontend/events.inc.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3015149/ameliabooking/trunk/view/frontend/events.inc.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aafb5402-3553-4c89-86e0-4dd556d86074?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6846.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6846.json new file mode 100644 index 00000000000..e622eaf119f --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6846.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6846", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:56.887", + "lastModified": "2024-02-05T22:15:56.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server. Version 8.3.5 introduces a capability check that prevents users lower than admin from executing this function." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://gist.github.com/Kun19/046b2b305cac5f2edd38037984c2e8e3", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1e8e0257-a745-495f-a103-c032b95209fc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6884.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6884.json new file mode 100644 index 00000000000..28396f03086 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6884.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6884", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:57.057", + "lastModified": "2024-02-05T22:15:57.057", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "This plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on the 'place_id' attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://advisory.abay.sh/cve-2023-6884", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.svn.wordpress.org/widget-google-reviews/tags/3.1/includes/class-feed-shortcode.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3018964%40widget-google-reviews&new=3018964%40widget-google-reviews&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8971d54-b54e-4e62-9db2-fa87d2564599?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6925.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6925.json new file mode 100644 index 00000000000..309f319ad06 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6925.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6925", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:57.233", + "lastModified": "2024-02-05T22:15:57.233", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'importZipFile' function in versions up to, and including, 1.0.42. This makes it possible for authenticated attackers with a role that the administrator previously granted access to the plugin (the default is editor role, but access can also be granted to contributor role), to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/unlimited-addons-for-wpbakery-page-builder/trunk/inc_php/layouts/unitecreator_layouts_exporter.class.php?rev=2900676#L703", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a78b76d6-4068-4141-9726-7db439aa6a9f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6933.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6933.json new file mode 100644 index 00000000000..ec723c02eea --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6933.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6933", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:57.407", + "lastModified": "2024-02-05T22:15:57.407", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/better-search-replace/trunk/includes/class-bsr-db.php#L334", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3023674/better-search-replace/trunk/includes/class-bsr-db.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/895f2db1-a2ed-4a17-a4f6-cd13ee8f84af?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6953.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6953.json new file mode 100644 index 00000000000..4939be70598 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6953.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6953", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:57.587", + "lastModified": "2024-02-05T22:15:57.587", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The PDF Generator For Fluent Forms \u2013 The Contact Form Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the header, PDF body and footer content parameters in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The exploitation level depends on who is granted the right to create forms by an administrator. This level can be as low as contributor, but by default is admin." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023486%40fluentforms-pdf%2Ftrunk&old=2929799%40fluentforms-pdf%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b6675c48-43d4-4394-a4a3-f753bdaa5c4e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json new file mode 100644 index 00000000000..766e8f86bc6 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6959.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6959", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:57.767", + "lastModified": "2024-02-05T22:15:57.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the recaptcha_api_key_manage function in all versions up to, and including, 2.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to add, modify, or delete the 'Recaptcha Site Key' and 'Recaptcha Secret Key' settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3022982", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/774c00fb-82cd-44ca-bf96-3f6dfd1977d0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json new file mode 100644 index 00000000000..1e19c1929e8 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6963.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6963", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:57.930", + "lastModified": "2024-02-05T22:15:57.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3022982", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d317f2c7-06f3-4875-9f9b-eb7f450aa2f4?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6982.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6982.json new file mode 100644 index 00000000000..6454bb1acd0 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6982.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6982", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:58.093", + "lastModified": "2024-02-05T22:15:58.093", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Display custom fields in the frontend \u2013 Post and User Profile Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and postmeta in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3021133%40shortcode-to-display-post-and-user-data&new=3021133%40shortcode-to-display-post-and-user-data&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3077b84e-87af-4307-83c5-0e4b15d07ff1?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6983.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6983.json new file mode 100644 index 00000000000..28a92689f36 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6983.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6983", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:58.257", + "lastModified": "2024-02-05T22:15:58.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Display custom fields in the frontend \u2013 Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive post meta." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3021133%40shortcode-to-display-post-and-user-data&new=3021133%40shortcode-to-display-post-and-user-data&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/08d43c67-df40-4f1a-a351-803e59edee13?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6985.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6985.json new file mode 100644 index 00000000000..c69e960345d --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6985.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6985", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:58.433", + "lastModified": "2024-02-05T22:15:58.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The 10Web AI Assistant \u2013 AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the install_plugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins that can be used to gain further access to a compromised site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3027004/ai-assistant-by-10web/trunk/ai-assistant-by-10web.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/229245a5-468d-47b9-8f26-d23d593e91da?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6989.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6989.json new file mode 100644 index 00000000000..ff3723db01b --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6989.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6989", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:58.603", + "lastModified": "2024-02-05T22:15:58.603", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013699%40wp-simple-firewall&new=3013699%40wp-simple-firewall&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/063826cc-7ff3-4869-9831-f6a4a4bbe74c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6996.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6996.json new file mode 100644 index 00000000000..138ad64b384 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6996.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6996", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:58.773", + "lastModified": "2024-02-05T22:15:58.773", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Display custom fields in the frontend \u2013 Post and User Profile Fields plugin for WordPress is vulnerable to Code Injection via the plugin's vg_display_data shortcode in all versions up to, and including, 1.2.1 due to insufficient input validation and restriction on access to that shortcode. This makes it possible for authenticated attackers with contributor-level and above permissions to call arbitrary functions and execute code." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3021133%40shortcode-to-display-post-and-user-data&new=3021133%40shortcode-to-display-post-and-user-data&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e0662c3a-5b82-4b9a-aa69-147094930d1f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7014.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7014.json new file mode 100644 index 00000000000..7d4dc0bffdc --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7014.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-7014", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:58.943", + "lastModified": "2024-02-05T22:15:58.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Author Box, Guest Author and Co-Authors for Your Posts \u2013 Molongui plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. This makes it possible for unauthenticated attackers to extract sensitive data including post author emails and names if applicable." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3019084/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/538e9ce3-2d48-44ad-bd08-8eead3ef15c3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7029.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7029.json new file mode 100644 index 00000000000..17421b92f80 --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7029.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-7029", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:59.103", + "lastModified": "2024-02-05T22:15:59.103", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including 9.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was partially fixed in version 9.7.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3024075/maxbuttons", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bca0e8a0-d837-42d8-a9d3-35e0c820eb43?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0202.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0202.json new file mode 100644 index 00000000000..22e79997138 --- /dev/null +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0202.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0202", + "sourceIdentifier": "patrick@puiterwijk.org", + "published": "2024-02-05T21:15:11.450", + "lastModified": "2024-02-05T21:15:11.450", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib is compiled with the support for RSA key exchange ciphersuites in TLS (by setting the USE_RSA_SUITES define), it will be vulnerable to the timing variant of the Bleichenbacher attack. An attacker that is able to perform a large number of connections to the server will be able to decrypt RSA ciphertexts or forge signatures using server's certificate." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "patrick@puiterwijk.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-208" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256518", + "source": "patrick@puiterwijk.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0221.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0221.json new file mode 100644 index 00000000000..d5f204f3be2 --- /dev/null +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0221.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0221", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:59.297", + "lastModified": "2024-02-05T22:15:59.297", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. This makes it possible for authenticated attackers to rename arbitrary files on the server. This can lead to site takeovers if the wp-config.php file of a site can be renamed. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery management permissions to lower level users, which might make this exploitable by users as low as contributors." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L291", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/trunk/filemanager/controller.php#L441", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3022981%40photo-gallery%2Ftrunk&old=3013021%40photo-gallery%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a3b8f32-f29d-4e67-8fad-202bfc8a9918?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0237.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0237.json index 85b98de12d6..0979e55d357 100644 --- a/CVE-2024/CVE-2024-02xx/CVE-2024-0237.json +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0237.json @@ -2,12 +2,12 @@ "id": "CVE-2024-0237", "sourceIdentifier": "contact@wpscan.com", "published": "2024-01-16T16:15:14.413", - "lastModified": "2024-01-19T14:29:02.700", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-05T22:15:59.487", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc" + "value": "The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc" }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0238.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0238.json index 388735ab5b0..64dcc3acb65 100644 --- a/CVE-2024/CVE-2024-02xx/CVE-2024-0238.json +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0238.json @@ -2,12 +2,12 @@ "id": "CVE-2024-0238", "sourceIdentifier": "contact@wpscan.com", "published": "2024-01-16T16:15:14.467", - "lastModified": "2024-01-19T14:29:13.280", - "vulnStatus": "Analyzed", + "lastModified": "2024-02-05T22:15:59.563", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata." + "value": "The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata." }, { "lang": "es", diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0254.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0254.json new file mode 100644 index 00000000000..7a5346811b6 --- /dev/null +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0254.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0254", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:59.630", + "lastModified": "2024-02-05T22:15:59.630", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The (Simply) Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's post meta in all versions up to, and including, 4.34 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/guest-author-name/trunk/sfly-guest-author.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3027723%40guest-author-name&new=3027723%40guest-author-name&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0e9e2864-6624-497f-8bec-df8360ed3f4a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-02xx/CVE-2024-0255.json b/CVE-2024/CVE-2024-02xx/CVE-2024-0255.json new file mode 100644 index 00000000000..2e6d81d04d4 --- /dev/null +++ b/CVE-2024/CVE-2024-02xx/CVE-2024-0255.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0255", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:59.810", + "lastModified": "2024-02-05T22:15:59.810", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprm-recipe-text-share' shortcode in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wp-recipe-maker/trunk/includes/public/class-wprm-icon.php#L52", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/class-wprm-icon.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/53a51408-e5d8-4727-9dec-8321c062c31e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0324.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0324.json new file mode 100644 index 00000000000..f3d02507f68 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0324.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0324", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:15:59.980", + "lastModified": "2024-02-05T22:15:59.980", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The User Profile Builder \u2013 Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. This makes it possible for unauthenticated attackers to enable or disable the 2FA functionality present in the Premium version of the plugin for arbitrary user roles." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "references": [ + { + "url": "https://github.com/WordpressPluginDirectory/profile-builder/blob/main/profile-builder/admin/admin-functions.php#L517", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3022354/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23caef95-36b6-40aa-8dd7-51a376790a40?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0366.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0366.json new file mode 100644 index 00000000000..11e71542540 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0366.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0366", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:00.150", + "lastModified": "2024-02-05T22:16:00.150", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Starbox \u2013 the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences and potentially other user settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/starbox/trunk/core/UserSettings.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3028775/starbox/trunk?contextall=1&old=3000701&old_path=%2Fstarbox%2Ftrunk", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c47601b4-bf16-4f59-b5f3-584a8eac7c67?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0370.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0370.json new file mode 100644 index 00000000000..fe772b7f792 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0370.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0370", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:00.320", + "lastModified": "2024-02-05T22:16:00.320", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Views for WPForms \u2013 Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_view' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to modify the titles of arbitrary posts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.2&old=3026471&new_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.3&new=3026471&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3c4c8113-4c46-4179-9c7f-9d5d4337254d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0371.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0371.json new file mode 100644 index 00000000000..fab65cdddc2 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0371.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0371", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:00.483", + "lastModified": "2024-02-05T22:16:00.483", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Views for WPForms \u2013 Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'create_view' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to create form views." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.2&old=3026471&new_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.3&new=3026471&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9565693-fd0b-4412-944c-81b3cd79492e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0372.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0372.json new file mode 100644 index 00000000000..e5c84cab53a --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0372.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0372", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:00.667", + "lastModified": "2024-02-05T22:16:00.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Views for WPForms \u2013 Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_form_fields' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to create form views." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.2&old=3026471&new_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.3&new=3026471&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ab58add-ab81-4c84-b773-7daf382492b0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0373.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0373.json new file mode 100644 index 00000000000..f473c6918cc --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0373.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0373", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:00.840", + "lastModified": "2024-02-05T22:16:00.840", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Views for WPForms \u2013 Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.2. This is due to missing or incorrect nonce validation on the 'save_view' function. This makes it possible for unauthenticated attackers to modify arbitrary post titles via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.2&old=3026471&new_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.3&new=3026471&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e2273c53-bc8a-45c7-914d-a3b934c2cb18?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0374.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0374.json new file mode 100644 index 00000000000..90f88da14f7 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0374.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0374", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:01.020", + "lastModified": "2024-02-05T22:16:01.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Views for WPForms \u2013 Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.2. This is due to missing or incorrect nonce validation on the 'create_view' function. This makes it possible for unauthenticated attackers to create views via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.2&old=3026471&new_path=%2Fviews-for-wpforms-lite%2Ftags%2F3.2.3&new=3026471&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34c0c676-37f9-49f2-ad50-2d70831fda53?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0380.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0380.json new file mode 100644 index 00000000000..2a73ab014fc --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0380.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0380", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:01.190", + "lastModified": "2024-02-05T22:16:01.190", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shortcodes. This makes it possible for authenticated attackers, with contributor-level access and above, to include the contents of SVG files on the server, which can be leveraged for Cross-Site Scripting." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/class-wprm-icon.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0382.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0382.json new file mode 100644 index 00000000000..179c904337f --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0382.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0382", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:01.360", + "lastModified": "2024-02-05T22:16:01.360", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0 due to unrestricted use of the 'header_tag' attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/class-wprm-shortcode-helper.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f463ed1-06ad-430f-b450-1a73dc54f8a7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-03xx/CVE-2024-0384.json b/CVE-2024/CVE-2024-03xx/CVE-2024-0384.json new file mode 100644 index 00000000000..e0ccb47a3e0 --- /dev/null +++ b/CVE-2024/CVE-2024-03xx/CVE-2024-0384.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0384", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:01.527", + "lastModified": "2024-02-05T22:16:01.527", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe Notes in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3019769%40wp-recipe-maker&new=3019769%40wp-recipe-maker&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0428.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0428.json new file mode 100644 index 00000000000..0ae07da4d12 --- /dev/null +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0428.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0428", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:01.710", + "lastModified": "2024-02-05T22:16:01.710", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Index Now plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.3. This is due to missing or incorrect nonce validation on the 'reset_form' function. This makes it possible for unauthenticated attackers to delete arbitrary site options via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3020958/mihdan-index-now/tags/2.6.4/src/Views/WPOSA.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c7641d52-e930-4143-9180-2903d018da91?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-04xx/CVE-2024-0448.json b/CVE-2024/CVE-2024-04xx/CVE-2024-0448.json new file mode 100644 index 00000000000..b4c593a9346 --- /dev/null +++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0448.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0448", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:01.890", + "lastModified": "2024-02-05T22:16:01.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget URL parameters in all versions up to, and including, 8.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-elementor/trunk/templates/addons/services/content.php#L20", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-elementor/trunk/templates/addons/team-members/style1.php#L17", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3026261%40addons-for-elementor%2Ftrunk&old=3022220%40addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/058d1aa0-2ef6-49a4-b978-43a91c8e55f3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0508.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0508.json new file mode 100644 index 00000000000..fde90e3ce56 --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0508.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0508", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:02.067", + "lastModified": "2024-02-05T22:16:02.067", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table Elementor Widget in all versions up to, and including, 2.10.27 due to insufficient input sanitization and output escaping on the user supplied link URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/vendor/codeinwp/elementor-extra-widgets/widgets/elementor/pricing-table.php#L1010", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/vendor/codeinwp/elementor-extra-widgets/widgets/elementor/pricing-table.php#L1019", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3021959/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ecc5a17e-c716-48bd-9b4d-49d870ae6bf3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0509.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0509.json new file mode 100644 index 00000000000..893d2083e9f --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0509.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0509", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:02.260", + "lastModified": "2024-02-05T22:16:02.260", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018request\u2019 parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3031134/wp-404-auto-redirect-to-similar-post/trunk/includes/ajax.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6eef5549-3f89-4d6f-8c4e-6e4ee6082042?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0585.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0585.json new file mode 100644 index 00000000000..8bc7a151029 --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0585.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0585", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:02.433", + "lastModified": "2024-02-05T22:16:02.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterable Gallery widget in all versions up to, and including, 5.9.4 due to insufficient input sanitization and output escaping on the Image URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3022852/essential-addons-for-elementor-lite/tags/5.9.5/includes/Elements/Filterable_Gallery.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/417baa1c-29f0-4fec-8008-5b52359b3328?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0586.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0586.json new file mode 100644 index 00000000000..24e7e5ebf76 --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0586.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0586", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:02.607", + "lastModified": "2024-02-05T22:16:02.607", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Login/Register Element in all versions up to, and including, 5.9.4 due to insufficient input sanitization and output escaping on the custom login URL. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3022852/essential-addons-for-elementor-lite/tags/5.9.5/includes/Elements/Login_Register.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c00ff4bd-d846-4e3f-95ed-2a6430c47ebf?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-05xx/CVE-2024-0597.json b/CVE-2024/CVE-2024-05xx/CVE-2024-0597.json new file mode 100644 index 00000000000..264b0637bc5 --- /dev/null +++ b/CVE-2024/CVE-2024-05xx/CVE-2024-0597.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0597", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:02.777", + "lastModified": "2024-02-05T22:16:02.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 12.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3023398/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a61a8d8b-f22f-4a16-95f6-6cf52cf545ad?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0612.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0612.json new file mode 100644 index 00000000000..83cc350868c --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0612.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0612", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:03.003", + "lastModified": "2024-02-05T22:16:03.003", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Content Views \u2013 Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3024861/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa4377a8-bcf4-45ba-824b-3505bd8e8c61?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0630.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0630.json new file mode 100644 index 00000000000..4b14f4c8506 --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0630.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0630", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:03.170", + "lastModified": "2024-02-05T22:16:03.170", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the RSS feed source in all versions up to, and including, 4.23.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3026269/wp-rss-aggregator", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93cb3b29-b1a0-4d40-a057-1b41f3b181f2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0659.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0659.json new file mode 100644 index 00000000000..ffbbd23297d --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0659.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0659", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:03.343", + "lastModified": "2024-02-05T22:16:03.343", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Easy Digital Downloads \u2013 Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the variable pricing option title in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop manger-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=/easy-digital-downloads/tags/3.2.6&old=3030600&new_path=/easy-digital-downloads/tags/3.2.7&new=3030600&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1ec207cd-cae5-4950-bbc8-d28f108b4ae7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0660.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0660.json new file mode 100644 index 00000000000..169001c1d76 --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0660.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0660", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:03.520", + "lastModified": "2024-02-05T22:16:03.520", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Formidable Forms \u2013 Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.7.2. This is due to missing or incorrect nonce validation on the update_settings function. This makes it possible for unauthenticated attackers to change form settings and add malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3026901/formidable/tags/6.8/classes/controllers/FrmFormsController.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b983d22b-6cd2-4450-99e2-88bb149091fe?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0668.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0668.json new file mode 100644 index 00000000000..56e4b0a3e2b --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0668.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0668", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:03.700", + "lastModified": "2024-02-05T22:16:03.700", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. This makes it possible for authenticated attacker, with administrator access and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-database-cleaner/tags/3.1.3/includes/class_clean_cron.php#L224", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-database-cleaner/tags/3.1.3/includes/class_clean_cron.php#L298", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3025980/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e0b8c24b-3e51-4637-9d8e-da065077d082?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0678.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0678.json new file mode 100644 index 00000000000..4b53cb65555 --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0678.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0678", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:03.867", + "lastModified": "2024-02-05T22:16:03.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'available-days-tf' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/order-delivery-date/trunk/order_delivery_date.php#L221", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/71fb90b6-a484-4a70-a9dc-795cbf2e275e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0691.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0691.json new file mode 100644 index 00000000000..39c3ff985c1 --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0691.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0691", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:04.037", + "lastModified": "2024-02-05T22:16:04.037", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It may also be possible to socially engineer an administrator into uploading a malicious folder import." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3023924/filebird", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/47f04985-dd9b-449f-8b4c-9811fe7e4a96?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-06xx/CVE-2024-0699.json b/CVE-2024/CVE-2024-06xx/CVE-2024-0699.json new file mode 100644 index 00000000000..926b4befbed --- /dev/null +++ b/CVE-2024/CVE-2024-06xx/CVE-2024-0699.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0699", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:04.210", + "lastModified": "2024-02-05T22:16:04.210", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'add_image_from_url' function in all versions up to, and including, 2.1.4. This makes it possible for authenticated attackers, with Editor access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3021494/ai-engine/trunk/classes/core.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a86f6ed-9755-4265-bc0d-2d0e18e9982f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0701.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0701.json new file mode 100644 index 00000000000..2542370a9ec --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0701.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0701", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:04.380", + "lastModified": "2024-02-05T22:16:04.380", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for unauthenticated attackers to register an account even when account registration has been disabled by an administrator." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ea070d9c-c04c-432f-a110-47b9eaa67614?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0709.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0709.json new file mode 100644 index 00000000000..8804035d497 --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0709.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0709", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:04.553", + "lastModified": "2024-02-05T22:16:04.553", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Cryptocurrency Widgets \u2013 Price Ticker & Coins List plugin for WordPress is vulnerable to SQL Injection via the 'coinslist' parameter in versions 2.0 to 2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/cryptocurrency-price-ticker-widget/trunk/includes/ccpw-db-helper.php?rev=3003658#L172", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3024040%40cryptocurrency-price-ticker-widget&new=3024040%40cryptocurrency-price-ticker-widget&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0603621-4521-4eb0-b4dd-e2257c133cee?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0761.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0761.json new file mode 100644 index 00000000000..6b9975d4d13 --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0761.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0761", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:04.733", + "lastModified": "2024-02-05T22:16:04.733", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. This makes it possible for unauthenticated attackers, to extract sensitive data including site backups in configurations where the .htaccess file in the directory does not block access." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3023403/wp-file-manager/trunk/file_folder_manager.php?old=2984933&old_path=wp-file-manager%2Ftrunk%2Ffile_folder_manager.php", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/wp-file-manager/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1928f8e4-8bbe-4a3f-8284-aa12ca2f5176?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0790.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0790.json new file mode 100644 index 00000000000..e869ff2269a --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0790.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0790", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:04.907", + "lastModified": "2024-02-05T22:16:04.907", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.1. This is due to missing or incorrect nonce validation on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions. This makes it possible for unauthenticated attackers to create, modify and delete taxonomy terms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Furthermore, the functions wpbe_save_options, wpbe_bulk_delete_posts_count, wpbe_bulk_delete_posts, and wpbe_save_meta are vulnerable to Cross-Site Request Forgery allowing for plugin options update, post count deletion, post deletion and modification of post metadata via forged request." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/bulk-editor/trunk/index.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3028699%40bulk-editor%2Ftrunk&old=3012874%40bulk-editor%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6c48f94b-d193-429a-9383-628ae12bfdf3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0791.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0791.json new file mode 100644 index 00000000000..3e26ae198f8 --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0791.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0791", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:05.077", + "lastModified": "2024-02-05T22:16:05.077", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber access or higher, to create, delete or modify taxonomy terms." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/bulk-editor/trunk/index.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3028699%40bulk-editor%2Ftrunk&old=3012874%40bulk-editor%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13c66a8f-b35f-4943-8880-0799b0d150f7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0796.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0796.json new file mode 100644 index 00000000000..1beec1b4749 --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0796.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0796", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:05.243", + "lastModified": "2024-02-05T22:16:05.243", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6.1. This is due to missing or incorrect nonce validation on several functions corresponding to AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3029488/profit-products-tables-for-woocommerce/trunk?contextall=1&old=3005088&old_path=%2Fprofit-products-tables-for-woocommerce%2Ftrunk", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5069fbc4-b3c4-4c0b-892c-2c83f35dc2fe?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-07xx/CVE-2024-0797.json b/CVE-2024/CVE-2024-07xx/CVE-2024-0797.json new file mode 100644 index 00000000000..640b31020be --- /dev/null +++ b/CVE-2024/CVE-2024-07xx/CVE-2024-0797.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0797", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:05.407", + "lastModified": "2024-02-05T22:16:05.407", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for subscribers and higher to execute functions intended for admin use." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3029488/profit-products-tables-for-woocommerce/trunk?contextall=1&old=3005088&old_path=%2Fprofit-products-tables-for-woocommerce%2Ftrunk", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a94841f-b1dd-44f4-b7a1-65a9fdf7b18d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0823.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0823.json new file mode 100644 index 00000000000..10676ed692d --- /dev/null +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0823.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0823", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:05.577", + "lastModified": "2024-02-05T22:16:05.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Link To' url in carousels in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3026499/exclusive-addons-for-elementor/trunk/elements/logo-carousel/logo-carousel.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2c5cdc3f-eaa6-4d0b-9e75-5483c723e15a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0834.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0834.json new file mode 100644 index 00000000000..b0340660ce4 --- /dev/null +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0834.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0834", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:05.750", + "lastModified": "2024-02-05T22:16:05.750", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link_to parameter in all versions up to, and including, 1.12.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/price-table/widgets/price-table.php#L784", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3031349%40addon-elements-for-elementor-page-builder&new=3031349%40addon-elements-for-elementor-page-builder&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ebb5654-ba3e-4f18-8720-a6595a771964?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0835.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0835.json new file mode 100644 index 00000000000..5719ad5feee --- /dev/null +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0835.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0835", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:05.917", + "lastModified": "2024-02-05T22:16:05.917", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the dismissed_handler function in all versions up to, and including, 1.0.116. This makes it possible for authenticated attackers, with subscriber access or higher, to update arbitrary transients. Note, that these transients can only be updated to true and not arbitrary values." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=216524%40royal-elementor-kit&new=216524%40royal-elementor-kit&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/themes/royal-elementor-kit/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/603b6c52-48eb-4e8c-a2c1-77b12a2b1a2c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0859.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0859.json new file mode 100644 index 00000000000..b82e8f91c8e --- /dev/null +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0859.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0859", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:06.090", + "lastModified": "2024-02-05T22:16:06.090", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Affiliates Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.34. This is due to missing or incorrect nonce validation on the process_bulk_action function in ListAffiliatesTable.php. This makes it possible for unauthenticated attackers to delete affiliates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/affiliates-manager/trunk/classes/ListAffiliatesTable.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3028484/affiliates-manager/trunk?contextall=1&old=3015278&old_path=%2Faffiliates-manager%2Ftrunk", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/433a03c2-09fd-4ce6-843b-55ad09f4b4f7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-08xx/CVE-2024-0869.json b/CVE-2024/CVE-2024-08xx/CVE-2024-0869.json new file mode 100644 index 00000000000..9dfef949593 --- /dev/null +++ b/CVE-2024/CVE-2024-08xx/CVE-2024-0869.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-0869", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:06.267", + "lastModified": "2024-02-05T22:16:06.267", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Instant Images \u2013 One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license REST API endpoint in all versions up to, and including, 6.1.0. This makes it possible for authors and higher to update arbitrary options." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/instant-images/tags/6.1.0/api/license.php#L91", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3027110/instant-images/tags/6.1.1/api/license.php", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/instant-images/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17941fbb-c5da-4f5c-a617-3792eb4ef395?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0954.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0954.json new file mode 100644 index 00000000000..321c35e10c0 --- /dev/null +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0954.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0954", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:06.433", + "lastModified": "2024-02-05T22:16:06.433", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting through editing context via the 'data-eael-wrapper-link' wrapper in all versions up to, and including, 5.9.7 due to insufficient input sanitization and output escaping on user supplied protocols. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3029928/essential-addons-for-elementor-lite/tags/5.9.8/assets/front-end/js/view/wrapper-link.js", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/875db71d-c799-40b9-95e1-74d53046b0a9?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0961.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0961.json new file mode 100644 index 00000000000..1c1e21c3ddb --- /dev/null +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0961.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-0961", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:06.597", + "lastModified": "2024-02-05T22:16:06.597", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the code editor in all versions up to, and including, 1.58.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/widgets/button/button.php#L355", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3027675%40so-widgets-bundle%2Ftrunk&old=3027506%40so-widgets-bundle%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f7c164f-2f78-4857-94b9-077c2dea13df?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-09xx/CVE-2024-0969.json b/CVE-2024/CVE-2024-09xx/CVE-2024-0969.json new file mode 100644 index 00000000000..e7556b690b9 --- /dev/null +++ b/CVE-2024/CVE-2024-09xx/CVE-2024-0969.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-0969", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:06.767", + "lastModified": "2024-02-05T22:16:06.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's \"Default Restriction\" feature and view restricted post content." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3030044/armember-membership/trunk/core/classes/class.arm_restriction.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ea4e6718-4e1e-44ce-8463-860f0d3d80f5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1020.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1020.json index 3ac38adc56c..5f4547765dd 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1020.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1020.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1020", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-29T22:15:08.313", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:17:34.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.5.5", + "matchCriteriaId": "C149F519-0311-442C-91C5-75F428245EE1" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.252289", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252289", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/gdd3hiwz8uo6ylab", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1024.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1024.json index 0074f4b112f..03ac67e4825 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1024.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1024.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1024", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-30T01:15:59.380", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:51:46.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,14 +95,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:facebook_news_feed_like:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F7D92CFE-1206-4F8C-BF15-22055B9F8FBC" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.252292", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252292", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1028.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1028.json index 5fdb32eaa45..844cfeb26e9 100644 --- a/CVE-2024/CVE-2024-10xx/CVE-2024-1028.json +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1028.json @@ -2,8 +2,8 @@ "id": "CVE-2024-1028", "sourceIdentifier": "cna@vuldb.com", "published": "2024-01-30T05:15:08.773", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:39:56.013", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,14 +95,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:facebook_news_feed_like:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F7D92CFE-1206-4F8C-BF15-22055B9F8FBC" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.252301", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.252301", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1046.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1046.json new file mode 100644 index 00000000000..33a917b55a8 --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1046.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1046", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:06.930", + "lastModified": "2024-02-05T22:16:06.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content \u2013 ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin 'reg-number-field' shortcode in all versions up to, and including, 4.14.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3030229/wp-user-avatar/trunk/src/ShortcodeParser/Builder/FieldsShortcodeCallback.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7911c774-3fb0-4d6c-a847-101e5ad8637a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1052.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1052.json new file mode 100644 index 00000000000..e4b6be2032f --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1052.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-1052", + "sourceIdentifier": "security@hashicorp.com", + "published": "2024-02-05T21:15:11.640", + "lastModified": "2024-02-05T21:15:11.640", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Boundary and Boundary Enterprise (\u201cBoundary\u201d) is vulnerable to session hijacking through TLS certificate tampering. An attacker with privileges to enumerate active or pending sessions, obtain a private key pertaining to a session, and obtain a valid trust on first use (TOFU) token may craft a TLS certificate to hijack an active session and gain access to the underlying service or application." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@hashicorp.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "references": [ + { + "url": "https://discuss.hashicorp.com/t/hcsec-2024-02-boundary-vulnerable-to-session-hijacking-through-tls-certificate-tampering/62458", + "source": "security@hashicorp.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1072.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1072.json new file mode 100644 index 00000000000..fe52bbac48f --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1072.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1072", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:07.100", + "lastModified": "2024-02-05T22:16:07.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Website Builder by SeedProd \u2014 Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprod_lite_new_lpage function in all versions up to, and including, 6.15.21. This makes it possible for unauthenticated attackers to change the contents of coming-soon, maintenance pages, login and 404 pages set up with the plugin. Version 6.15.22 addresses this issue but introduces a bug affecting admin pages. We suggest upgrading to 6.15.23." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.2 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3029567/coming-soon/trunk/app/lpage.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78d7920b-3e20-43c7-a522-72bac824c2cb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1075.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1075.json new file mode 100644 index 00000000000..b2616b7cbd7 --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1075.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-1075", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:07.283", + "lastModified": "2024-02-05T22:16:07.283", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Minimal Coming Soon \u2013 Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. This is due to the plugin improperly validating the request path. This makes it possible for unauthenticated attackers to bypass maintenance mode and view pages that should be hidden." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/minimal-coming-soon-maintenance-mode/trunk/framework/public/init.php#L67", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3031149/minimal-coming-soon-maintenance-mode/trunk/framework/public/init.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78203b98-15bc-4d8e-9278-c472b518be07?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-10xx/CVE-2024-1092.json b/CVE-2024/CVE-2024-10xx/CVE-2024-1092.json new file mode 100644 index 00000000000..6349aea42f9 --- /dev/null +++ b/CVE-2024/CVE-2024-10xx/CVE-2024-1092.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1092", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:07.460", + "lastModified": "2024-02-05T22:16:07.460", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the feedzy dashboard in all versions up to, and including, 4.4.1. This makes it possible for authenticated attackers, with contributor access or higher, to create, edit or delete feed categories created by them." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3030538%40feedzy-rss-feeds%2Ftrunk&old=3028200%40feedzy-rss-feeds%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/98053141-fe97-4bd4-b820-b6cca3426109?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1121.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1121.json new file mode 100644 index 00000000000..47339b0f668 --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1121.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1121", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:07.640", + "lastModified": "2024-02-05T22:16:07.640", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_json_file() function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3031007%40advanced-forms&new=3031007%40advanced-forms&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7b33f2ee-3f20-4494-bdae-3f8cc3c6dc73?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-11xx/CVE-2024-1177.json b/CVE-2024/CVE-2024-11xx/CVE-2024-1177.json new file mode 100644 index 00000000000..99ab623f75e --- /dev/null +++ b/CVE-2024/CVE-2024-11xx/CVE-2024-1177.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2024-1177", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:07.813", + "lastModified": "2024-02-05T22:16:07.813", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Club Manager \u2013 WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings_save() function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update the permalink structure for the clubs" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030843%40wp-club-manager&new=3030843%40wp-club-manager&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64c2c8c2-58f5-4b7d-b226-39ba39e887d5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1208.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1208.json new file mode 100644 index 00000000000..3f29256db11 --- /dev/null +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1208.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-1208", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:07.977", + "lastModified": "2024-02-05T22:16:07.977", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210", + "source": "security@wordfence.com" + }, + { + "url": "https://www.learndash.com/release-notes/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae735117-e68b-448e-ad41-258d1be3aebc?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1209.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1209.json new file mode 100644 index 00000000000..5414b8c1037 --- /dev/null +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1209.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-1209", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:08.143", + "lastModified": "2024-02-05T22:16:08.143", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://github.com/karlemilnikka/CVE-2024-1209", + "source": "security@wordfence.com" + }, + { + "url": "https://www.learndash.com/release-notes/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7191955e-0db1-4ad1-878b-74f90ca59c91?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-12xx/CVE-2024-1210.json b/CVE-2024/CVE-2024-12xx/CVE-2024-1210.json new file mode 100644 index 00000000000..fdd7c0e423e --- /dev/null +++ b/CVE-2024/CVE-2024-12xx/CVE-2024-1210.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2024-1210", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-02-05T22:16:08.310", + "lastModified": "2024-02-05T22:16:08.310", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210", + "source": "security@wordfence.com" + }, + { + "url": "https://www.learndash.com/release-notes/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61ca5ab6-5fe9-4313-9b0d-8736663d0e89?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22136.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22136.json index 4e9460a90ec..1a137bafaa5 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22136.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22136.json @@ -2,16 +2,40 @@ "id": "CVE-2024-22136", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T14:15:49.430", - "lastModified": "2024-01-31T14:28:47.077", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T22:08:24.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Elementor Addons \u2013 Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons \u2013 Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5.\n\n" + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en DroitThemes Droit Elementor Addons \u2013 Widgets, Blocks, Templates Library For Elementor Builder. Este problema afecta a los complementos de Droit Elementor Addons \u2013 Widgets, Blocks, Templates Library For Elementor Builder: desde n/a hasta 3.1.5 ." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:droitthemes:droit_elementor_addons:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.1.5", + "matchCriteriaId": "C4CD4B3C-970C-4987-A64D-9B278151EFE8" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/droit-elementor-addons/wordpress-droit-elementor-addons-plugin-3-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json index d79f2a8236c..83c5abf01de 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22160.json @@ -2,16 +2,40 @@ "id": "CVE-2024-22160", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:47.590", - "lastModified": "2024-01-31T19:54:43.623", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-02-05T22:22:14.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bradley B. Dalina Image Tag Manager allows Reflected XSS.This issue affects Image Tag Manager: from n/a through 1.5.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Bradley B. Dalina Image Tag Manager permite XSS reflejado. Este problema afecta a Image Tag Manager: desde n/a hasta 1.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +60,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +68,42 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bradleybdalina:image_tag_manager:1.5:*:*:*:*:*:*:*", + "matchCriteriaId": "9632F43E-7829-448D-B950-68D8FCFC5D3C" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/image-tag-manager/wordpress-image-tag-manager-plugin-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json b/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json index a75e9143d8d..d1218c2dfe8 100644 --- a/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json +++ b/CVE-2024/CVE-2024-221xx/CVE-2024-22161.json @@ -2,16 +2,40 @@ "id": "CVE-2024-22161", "sourceIdentifier": "audit@patchstack.com", "published": "2024-01-31T18:15:47.773", - "lastModified": "2024-01-31T19:54:43.623", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2024-02-05T22:25:31.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11.\n\n" + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('cross-site Scripting') en Harmonic Design HD Quiz permite XSS almacenado. Este problema afecta a HD Quiz: desde n/a hasta 1.8.11." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +60,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +68,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:harmonicdesign:hd_quiz:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.8.11", + "matchCriteriaId": "5EEB16E7-0340-41B5-AE1F-89E2D7B4A752" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/hd-quiz/wordpress-hd-quiz-plugin-1-8-11-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-222xx/CVE-2024-22208.json b/CVE-2024/CVE-2024-222xx/CVE-2024-22208.json new file mode 100644 index 00000000000..a451ceb37b3 --- /dev/null +++ b/CVE-2024/CVE-2024-222xx/CVE-2024-22208.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-22208", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-02-05T21:15:11.830", + "lastModified": "2024-02-05T21:15:11.830", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The 'sharing FAQ' functionality allows any unauthenticated actor to misuse the phpMyFAQ application to send arbitrary emails to a large range of targets. The phpMyFAQ application has a functionality where anyone can share a FAQ item to others. The front-end of this functionality allows any phpMyFAQ articles to be shared with 5 email addresses. Any unauthenticated actor can perform this action. There is a CAPTCHA in place, however the amount of people you email with a single request is not limited to 5 by the backend. An attacker can thus solve a single CAPTCHA and send thousands of emails at once. An attacker can utilize the target application's email server to send phishing messages. This can get the server on a blacklist, causing all emails to end up in spam. It can also lead to reputation damages. This issue has been patched in version 3.2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thorsten/phpMyFAQ/commit/a34d94ab7b1be9256a9ef898f18ea6bfb63f6f1e", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9hhf-xmcw-r3xg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-226xx/CVE-2024-22682.json b/CVE-2024/CVE-2024-226xx/CVE-2024-22682.json index f658142e1a3..155230cdc07 100644 --- a/CVE-2024/CVE-2024-226xx/CVE-2024-22682.json +++ b/CVE-2024/CVE-2024-226xx/CVE-2024-22682.json @@ -2,8 +2,8 @@ "id": "CVE-2024-22682", "sourceIdentifier": "cve@mitre.org", "published": "2024-01-30T01:16:00.020", - "lastModified": "2024-01-30T14:18:33.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-02-05T21:47:19.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,68 @@ "value": "DuckDB <=0.9.2 y DuckDB extension-template <=0.9.2 son vulnerables a la inyecci\u00f3n de extensiones maliciosas a trav\u00e9s de la funci\u00f3n de extensi\u00f3n personalizada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:duckdb:duckdb:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.9.2", + "matchCriteriaId": "B85FB41B-1FBC-427C-AC66-7FC42EB7EB9A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Tu0Laj1/database_test", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24543.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24543.json new file mode 100644 index 00000000000..40604534725 --- /dev/null +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24543.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2024-24543", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-02-05T21:15:12.073", + "lastModified": "2024-02-05T21:15:12.073", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/TimeSeg/IOT_CVE/blob/main/tenda/AC9V3/0130/setSchedWifi.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24559.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24559.json new file mode 100644 index 00000000000..3a92bd04c19 --- /dev/null +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24559.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2024-24559", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-02-05T21:15:12.127", + "lastModified": "2024-02-05T21:15:12.127", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the `IR` for `sha3_64`. Concretely, the `height` variable is miscalculated. The vulnerability can't be triggered without writing the `IR` by hand (that is, it cannot be triggered from regular vyper code). `sha3_64` is used for retrieval in mappings. No flow that would cache the `key` was found so the issue shouldn't be possible to trigger when compiling the compiler-generated `IR`. This issue isn't triggered during normal compilation of vyper code so the impact is low. At the time of publication there is no patch available." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-327" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/vyperlang/vyper/blob/c150fc49ee9375a930d177044559b83cb95f7963/vyper/ir/compile_ir.py#L585-L586", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-6845-xw22-ffxv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24574.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24574.json new file mode 100644 index 00000000000..09790742a10 --- /dev/null +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24574.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2024-24574", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-02-05T21:15:12.340", + "lastModified": "2024-02-05T21:15:12.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Unsafe echo of filename in phpMyFAQ\\phpmyfaq\\admin\\attachments.php leads to allowed execution of JavaScript code in client side (XSS). This vulnerability has been patched in version 3.2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thorsten/phpMyFAQ/commit/5479b4a4603cce71aa7eb4437f1c201153a1f1f5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/thorsten/phpMyFAQ/pull/2827", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-7m8g-fprr-47fx", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-245xx/CVE-2024-24595.json b/CVE-2024/CVE-2024-245xx/CVE-2024-24595.json new file mode 100644 index 00000000000..13e8874ccac --- /dev/null +++ b/CVE-2024/CVE-2024-245xx/CVE-2024-24595.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2024-24595", + "sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", + "published": "2024-02-05T22:16:08.480", + "lastModified": "2024-02-05T22:16:08.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Allegro AI\u2019s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + } + ], + "references": [ + { + "url": "https://hiddenlayer.com/research/not-so-clear-how-mlops-solutions-can-muddy-the-waters-of-your-supply-chain/", + "source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-248xx/CVE-2024-24807.json b/CVE-2024/CVE-2024-248xx/CVE-2024-24807.json new file mode 100644 index 00000000000..4b3609a89ed --- /dev/null +++ b/CVE-2024/CVE-2024-248xx/CVE-2024-24807.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2024-24807", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-02-05T21:15:12.557", + "lastModified": "2024-02-05T21:15:12.557", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones affected. The problem is patched with version(s) 2.4.16 and 2.5.12." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-80" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/sulu/sulu/releases/tag/2.4.16", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/sulu/sulu/releases/tag/2.5.12", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/sulu/sulu/security/advisories/GHSA-gfrh-gwqc-63cv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 622fd0c559d..54858b52686 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-02-05T21:00:25.415535+00:00 +2024-02-05T23:00:25.171839+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-02-05T20:59:05.240000+00:00 +2024-02-05T22:25:31.533000+00:00 ``` ### Last Data Feed Release @@ -29,47 +29,62 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -237588 +237677 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `89` -* [CVE-2024-24396](CVE-2024/CVE-2024-243xx/CVE-2024-24396.json) (`2024-02-05T19:15:08.557`) -* [CVE-2024-22202](CVE-2024/CVE-2024-222xx/CVE-2024-22202.json) (`2024-02-05T20:15:55.390`) -* [CVE-2024-22567](CVE-2024/CVE-2024-225xx/CVE-2024-22567.json) (`2024-02-05T20:15:55.620`) +* [CVE-2024-0701](CVE-2024/CVE-2024-07xx/CVE-2024-0701.json) (`2024-02-05T22:16:04.380`) +* [CVE-2024-0709](CVE-2024/CVE-2024-07xx/CVE-2024-0709.json) (`2024-02-05T22:16:04.553`) +* [CVE-2024-0761](CVE-2024/CVE-2024-07xx/CVE-2024-0761.json) (`2024-02-05T22:16:04.733`) +* [CVE-2024-0790](CVE-2024/CVE-2024-07xx/CVE-2024-0790.json) (`2024-02-05T22:16:04.907`) +* [CVE-2024-0791](CVE-2024/CVE-2024-07xx/CVE-2024-0791.json) (`2024-02-05T22:16:05.077`) +* [CVE-2024-0796](CVE-2024/CVE-2024-07xx/CVE-2024-0796.json) (`2024-02-05T22:16:05.243`) +* [CVE-2024-0797](CVE-2024/CVE-2024-07xx/CVE-2024-0797.json) (`2024-02-05T22:16:05.407`) +* [CVE-2024-0823](CVE-2024/CVE-2024-08xx/CVE-2024-0823.json) (`2024-02-05T22:16:05.577`) +* [CVE-2024-0834](CVE-2024/CVE-2024-08xx/CVE-2024-0834.json) (`2024-02-05T22:16:05.750`) +* [CVE-2024-0835](CVE-2024/CVE-2024-08xx/CVE-2024-0835.json) (`2024-02-05T22:16:05.917`) +* [CVE-2024-0859](CVE-2024/CVE-2024-08xx/CVE-2024-0859.json) (`2024-02-05T22:16:06.090`) +* [CVE-2024-0869](CVE-2024/CVE-2024-08xx/CVE-2024-0869.json) (`2024-02-05T22:16:06.267`) +* [CVE-2024-0954](CVE-2024/CVE-2024-09xx/CVE-2024-0954.json) (`2024-02-05T22:16:06.433`) +* [CVE-2024-0961](CVE-2024/CVE-2024-09xx/CVE-2024-0961.json) (`2024-02-05T22:16:06.597`) +* [CVE-2024-0969](CVE-2024/CVE-2024-09xx/CVE-2024-0969.json) (`2024-02-05T22:16:06.767`) +* [CVE-2024-1046](CVE-2024/CVE-2024-10xx/CVE-2024-1046.json) (`2024-02-05T22:16:06.930`) +* [CVE-2024-1072](CVE-2024/CVE-2024-10xx/CVE-2024-1072.json) (`2024-02-05T22:16:07.100`) +* [CVE-2024-1075](CVE-2024/CVE-2024-10xx/CVE-2024-1075.json) (`2024-02-05T22:16:07.283`) +* [CVE-2024-1092](CVE-2024/CVE-2024-10xx/CVE-2024-1092.json) (`2024-02-05T22:16:07.460`) +* [CVE-2024-1121](CVE-2024/CVE-2024-11xx/CVE-2024-1121.json) (`2024-02-05T22:16:07.640`) +* [CVE-2024-1177](CVE-2024/CVE-2024-11xx/CVE-2024-1177.json) (`2024-02-05T22:16:07.813`) +* [CVE-2024-1208](CVE-2024/CVE-2024-12xx/CVE-2024-1208.json) (`2024-02-05T22:16:07.977`) +* [CVE-2024-1209](CVE-2024/CVE-2024-12xx/CVE-2024-1209.json) (`2024-02-05T22:16:08.143`) +* [CVE-2024-1210](CVE-2024/CVE-2024-12xx/CVE-2024-1210.json) (`2024-02-05T22:16:08.310`) +* [CVE-2024-24595](CVE-2024/CVE-2024-245xx/CVE-2024-24595.json) (`2024-02-05T22:16:08.480`) ### CVEs modified in the last Commit -Recently modified CVEs: `36` +Recently modified CVEs: `18` -* [CVE-2023-40546](CVE-2023/CVE-2023-405xx/CVE-2023-40546.json) (`2024-02-05T20:06:26.127`) -* [CVE-2023-46231](CVE-2023/CVE-2023-462xx/CVE-2023-46231.json) (`2024-02-05T20:59:05.240`) -* [CVE-2024-1027](CVE-2024/CVE-2024-10xx/CVE-2024-1027.json) (`2024-02-05T19:27:53.177`) -* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-02-05T19:33:59.377`) -* [CVE-2024-1022](CVE-2024/CVE-2024-10xx/CVE-2024-1022.json) (`2024-02-05T20:08:39.697`) -* [CVE-2024-1021](CVE-2024/CVE-2024-10xx/CVE-2024-1021.json) (`2024-02-05T20:13:11.287`) -* [CVE-2024-23508](CVE-2024/CVE-2024-235xx/CVE-2024-23508.json) (`2024-02-05T20:27:29.570`) -* [CVE-2024-23505](CVE-2024/CVE-2024-235xx/CVE-2024-23505.json) (`2024-02-05T20:27:44.793`) -* [CVE-2024-1103](CVE-2024/CVE-2024-11xx/CVE-2024-1103.json) (`2024-02-05T20:39:28.830`) -* [CVE-2024-1030](CVE-2024/CVE-2024-10xx/CVE-2024-1030.json) (`2024-02-05T20:40:39.707`) -* [CVE-2024-1086](CVE-2024/CVE-2024-10xx/CVE-2024-1086.json) (`2024-02-05T20:41:24.390`) -* [CVE-2024-1085](CVE-2024/CVE-2024-10xx/CVE-2024-1085.json) (`2024-02-05T20:41:40.513`) -* [CVE-2024-23507](CVE-2024/CVE-2024-235xx/CVE-2024-23507.json) (`2024-02-05T20:42:09.590`) -* [CVE-2024-22305](CVE-2024/CVE-2024-223xx/CVE-2024-22305.json) (`2024-02-05T20:42:22.943`) -* [CVE-2024-1031](CVE-2024/CVE-2024-10xx/CVE-2024-1031.json) (`2024-02-05T20:43:36.340`) -* [CVE-2024-1099](CVE-2024/CVE-2024-10xx/CVE-2024-1099.json) (`2024-02-05T20:44:23.767`) -* [CVE-2024-1098](CVE-2024/CVE-2024-10xx/CVE-2024-1098.json) (`2024-02-05T20:45:38.343`) -* [CVE-2024-1012](CVE-2024/CVE-2024-10xx/CVE-2024-1012.json) (`2024-02-05T20:46:22.983`) -* [CVE-2024-0836](CVE-2024/CVE-2024-08xx/CVE-2024-0836.json) (`2024-02-05T20:47:03.430`) -* [CVE-2024-1077](CVE-2024/CVE-2024-10xx/CVE-2024-1077.json) (`2024-02-05T20:49:00.927`) -* [CVE-2024-1060](CVE-2024/CVE-2024-10xx/CVE-2024-1060.json) (`2024-02-05T20:49:55.413`) -* [CVE-2024-1059](CVE-2024/CVE-2024-10xx/CVE-2024-1059.json) (`2024-02-05T20:50:26.783`) -* [CVE-2024-1036](CVE-2024/CVE-2024-10xx/CVE-2024-1036.json) (`2024-02-05T20:51:31.707`) -* [CVE-2024-24565](CVE-2024/CVE-2024-245xx/CVE-2024-24565.json) (`2024-02-05T20:55:23.270`) -* [CVE-2024-23840](CVE-2024/CVE-2024-238xx/CVE-2024-23840.json) (`2024-02-05T20:56:21.880`) +* [CVE-2023-52192](CVE-2023/CVE-2023-521xx/CVE-2023-52192.json) (`2024-02-05T21:01:02.157`) +* [CVE-2023-4554](CVE-2023/CVE-2023-45xx/CVE-2023-4554.json) (`2024-02-05T21:24:36.410`) +* [CVE-2023-40549](CVE-2023/CVE-2023-405xx/CVE-2023-40549.json) (`2024-02-05T21:33:24.707`) +* [CVE-2023-40550](CVE-2023/CVE-2023-405xx/CVE-2023-40550.json) (`2024-02-05T21:38:37.280`) +* [CVE-2023-4553](CVE-2023/CVE-2023-45xx/CVE-2023-4553.json) (`2024-02-05T21:56:14.073`) +* [CVE-2023-4552](CVE-2023/CVE-2023-45xx/CVE-2023-4552.json) (`2024-02-05T21:59:35.087`) +* [CVE-2023-4551](CVE-2023/CVE-2023-45xx/CVE-2023-4551.json) (`2024-02-05T22:02:02.550`) +* [CVE-2023-5372](CVE-2023/CVE-2023-53xx/CVE-2023-5372.json) (`2024-02-05T22:05:37.100`) +* [CVE-2023-6592](CVE-2023/CVE-2023-65xx/CVE-2023-6592.json) (`2024-02-05T22:15:55.937`) +* [CVE-2024-1020](CVE-2024/CVE-2024-10xx/CVE-2024-1020.json) (`2024-02-05T21:17:34.467`) +* [CVE-2024-1028](CVE-2024/CVE-2024-10xx/CVE-2024-1028.json) (`2024-02-05T21:39:56.013`) +* [CVE-2024-22682](CVE-2024/CVE-2024-226xx/CVE-2024-22682.json) (`2024-02-05T21:47:19.313`) +* [CVE-2024-1024](CVE-2024/CVE-2024-10xx/CVE-2024-1024.json) (`2024-02-05T21:51:46.250`) +* [CVE-2024-22136](CVE-2024/CVE-2024-221xx/CVE-2024-22136.json) (`2024-02-05T22:08:24.077`) +* [CVE-2024-0237](CVE-2024/CVE-2024-02xx/CVE-2024-0237.json) (`2024-02-05T22:15:59.487`) +* [CVE-2024-0238](CVE-2024/CVE-2024-02xx/CVE-2024-0238.json) (`2024-02-05T22:15:59.563`) +* [CVE-2024-22160](CVE-2024/CVE-2024-221xx/CVE-2024-22160.json) (`2024-02-05T22:22:14.233`) +* [CVE-2024-22161](CVE-2024/CVE-2024-221xx/CVE-2024-22161.json) (`2024-02-05T22:25:31.533`) ## Download and Usage