admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-03-08T11:00:19.512216+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-03-08 11:03:49 +00:00
parent ef08857227
commit b122c189cb
13 changed files with 712 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
CVE-2024/CVE-2024-103xx/CVE-2024-10321.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-10321",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T09:15:29.657",
"lastModified": "2025-03-08T09:15:29.657",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The All-in-One Addons for Elementor \u2013 WidgetKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.4 in elements/advanced-tab/template/view.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/widgetkit-for-elementor/trunk/elements/advanced-tab/template/view.php#L68",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2e470017-c453-435d-8342-66874a794537?source=cve",
"source": "security@wordfence.com"
}
]
}

68
CVE-2024/CVE-2024-133xx/CVE-2024-13359.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-13359",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T10:15:09.977",
"lastModified": "2025-03-08T10:15:09.977",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the add_product_input_fields_to_order_item_meta() function in all versions up to, and including, 1.12.1. This may make it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Please note that by default the plugin is only vulnerable to a double extension file upload attack, unless an administrators leaves the accepted file extensions field blank which can make .php file uploads possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/product-input-fields-for-woocommerce/tags/-1.8.2/includes/class-alg-wc-pif-main.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3234567%40product-input-fields-for-woocommerce&new=3234567%40product-input-fields-for-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3250201%40product-input-fields-for-woocommerce&new=3250201%40product-input-fields-for-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9c08f2e-bffd-40a6-89f3-559cb34f4395?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-138xx/CVE-2024-13816.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13816",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T09:15:31.077",
"lastModified": "2025-03-08T09:15:31.077",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 2.3.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and delete posts, list and delete batches, list assistant uploaded files, delete personas, delete forms, delete templates, and clear logs. The vulnerability was partially patched in version 2.3.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://coderevolution.ro/knowledge-base/faq/full-changelog-aiomatic-automatic-ai-content-writer-editor-gpt-3-gpt-4-chatgpt-chatbot-ai-toolkit/#item-description__changelog",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/69de7d93-b255-4d41-8680-9762ff632804?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-138xx/CVE-2024-13882.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-13882",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T09:15:31.250",
"lastModified": "2025-03-08T09:15:31.250",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_generate_featured_image' function in all versions up to, and including, 2.3.8. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://coderevolution.ro/knowledge-base/faq/full-changelog-aiomatic-automatic-ai-content-writer-editor-gpt-3-gpt-4-chatgpt-chatbot-ai-toolkit/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7108df0d-771a-4404-b90d-8ac8bc572898?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-01xx/CVE-2025-0177.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-0177",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T09:15:31.420",
"lastModified": "2025-03-08T09:15:31.420",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://themeforest.net/item/javo-directory-wordpress-theme/8390513#item-description__update-history",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d636768-37b4-4343-9028-30e7b1f997f2?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2025/CVE-2025-12xx/CVE-2025-1287.json Normal file
View File

@ -0,0 +1,72 @@
{
"id": "CVE-2025-1287",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T09:15:31.590",
"lastModified": "2025-03-08T09:15:31.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The The Plus Addons for Elementor \u2013 Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown, Syntax Highlighter, and Page Scroll widgets in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/the-plus-addons-for-elementor-page-builder/tags/6.2.0/modules/widgets/tp_countdown.php#L1868",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/the-plus-addons-for-elementor-page-builder/tags/6.2.0/modules/widgets/tp_page_scroll.php#L1015",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/the-plus-addons-for-elementor-page-builder/tags/6.2.0/modules/widgets/tp_syntax_highlighter.php#L1043",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3252092/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fbf86da7-621d-4fb7-ba16-d132db5b602a?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-13xx/CVE-2025-1322.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-1322",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T10:15:10.583",
"lastModified": "2025-03-08T10:15:10.583",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 16.26.10 via the 'feed' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to view data from password protected, private, or draft posts that they should not have access to."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3250094/wp-recall/trunk/add-on/rcl-chat/core.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c667be65-e6d3-40e1-aeec-384d309fde3d?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-13xx/CVE-2025-1323.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-1323",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T10:15:11.003",
"lastModified": "2025-03-08T10:15:11.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection via the 'databeat' parameter in all versions up to, and including, 16.26.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3250094/wp-recall/trunk/add-on/rcl-chat/core.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae5b4d81-c2f1-4d0d-b7b0-5556bf0451f5?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-13xx/CVE-2025-1324.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-1324",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T10:15:11.217",
"lastModified": "2025-03-08T10:15:11.217",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode in all versions up to, and including, 16.26.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3250094/wp-recall/trunk/add-on/publicpost/shortcodes.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3e0be093-d61a-4634-ba9b-91dd7328e8cd?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2025/CVE-2025-13xx/CVE-2025-1325.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-1325",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T10:15:11.427",
"lastModified": "2025-03-08T10:15:11.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP-Recall \u2013 Registration, Profile, Commerce & More plugin for WordPress is vulnerable to arbitrary shortcode execution due to a missing capability check on the 'rcl_preview_post' AJAX endpoint in all versions up to, and including, 16.26.10. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3250094/wp-recall/trunk/add-on/publicpost/functions-ajax.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad3b9040-05ed-452d-9b3f-26d1a93c62ba?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2025/CVE-2025-17xx/CVE-2025-1783.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-1783",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-03-08T10:15:11.647",
"lastModified": "2025-03-08T10:15:11.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gallery Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery Block in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gallery-styles/tags/1.3.4/gallery-styles.php#L34",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3251908/gallery-styles/trunk/gallery-styles.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9443e36-648c-4984-8b06-28e9da959e26?source=cve",
"source": "security@wordfence.com"
}
]
}

21
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-03-08T09:00:19.843552+00:00
2025-03-08T11:00:19.512216+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-03-08T07:15:10.690000+00:00
2025-03-08T10:15:11.647000+00:00
```
### Last Data Feed Release
@ -33,15 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
284535
284546
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `11`
- [CVE-2024-11087](CVE-2024/CVE-2024-110xx/CVE-2024-11087.json) (`2025-03-08T07:15:09.720`)
- [CVE-2024-13908](CVE-2024/CVE-2024-139xx/CVE-2024-13908.json) (`2025-03-08T07:15:10.690`)
- [CVE-2024-10321](CVE-2024/CVE-2024-103xx/CVE-2024-10321.json) (`2025-03-08T09:15:29.657`)
- [CVE-2024-13359](CVE-2024/CVE-2024-133xx/CVE-2024-13359.json) (`2025-03-08T10:15:09.977`)
- [CVE-2024-13816](CVE-2024/CVE-2024-138xx/CVE-2024-13816.json) (`2025-03-08T09:15:31.077`)
- [CVE-2024-13882](CVE-2024/CVE-2024-138xx/CVE-2024-13882.json) (`2025-03-08T09:15:31.250`)
- [CVE-2025-0177](CVE-2025/CVE-2025-01xx/CVE-2025-0177.json) (`2025-03-08T09:15:31.420`)
- [CVE-2025-1287](CVE-2025/CVE-2025-12xx/CVE-2025-1287.json) (`2025-03-08T09:15:31.590`)
- [CVE-2025-1322](CVE-2025/CVE-2025-13xx/CVE-2025-1322.json) (`2025-03-08T10:15:10.583`)
- [CVE-2025-1323](CVE-2025/CVE-2025-13xx/CVE-2025-1323.json) (`2025-03-08T10:15:11.003`)
- [CVE-2025-1324](CVE-2025/CVE-2025-13xx/CVE-2025-1324.json) (`2025-03-08T10:15:11.217`)
- [CVE-2025-1325](CVE-2025/CVE-2025-13xx/CVE-2025-1325.json) (`2025-03-08T10:15:11.427`)
- [CVE-2025-1783](CVE-2025/CVE-2025-17xx/CVE-2025-1783.json) (`2025-03-08T10:15:11.647`)
### CVEs modified in the last Commit

15
_state.csv
View File

@ -244534,6 +244534,7 @@ CVE-2024-10318,0,0,1208a954737503f9ae621559bc099386d5e97f2e4507045726c3130f57b32
CVE-2024-10319,0,0,68d02b703a0a786e535b0c06357fe7c6d9a4d92b566f67658115227be405d0f3,2024-11-08T15:25:16.317000
CVE-2024-1032,0,0,c6d8d12d638c10dd834e783d36f86ba17d33a36b799d5e13aadbdfedd22b0728,2024-11-21T08:49:38.587000
CVE-2024-10320,0,0,727a463e6d691153e4adf6d21dfba57d62d85f0e63e6347b0c5272cff36a9bf2,2024-12-06T09:15:04.710000
CVE-2024-10321,1,1,da1c1d01bfd86779c48eac76a82f4a44680288327e3611217ac5778e8a964a4d,2025-03-08T09:15:29.657000
CVE-2024-10322,0,0,65e160abc627e6b2fb9f1eeeb2a4000315ec9c0044ac5b8e323b66f8d27f2ca9,2025-02-20T20:40:34.440000
CVE-2024-10323,0,0,74c01ce4124a9449f0a3de143c2d6269eaaed2dcc05dfdfdac09c2b033a02614,2025-02-05T17:18:49.550000
CVE-2024-10324,0,0,cfaeca60a4f0aa309330a37a66e2005b2fce423bc7c33f12b5f1c3188e784a63,2025-02-04T19:41:41.250000
@ -245230,7 +245231,7 @@ CVE-2024-11082,0,0,2068f4ddbc0d21e33db6ba3989176bd5aedcb5da6f30a07d96e2944d8ba88
CVE-2024-11083,0,0,8060d1be07c2085add29a68ce088e46bf1b117fbd5e8fe231b842cd4d2355c1d,2024-11-27T06:15:17.707000
CVE-2024-11085,0,0,997988ac78259b1ae8db8c6e9651c22f46fbbaea4f307171e6fff12e9b424710,2024-11-18T17:11:17.393000
CVE-2024-11086,0,0,f4d7f35e95dad05e023fed49ac9e59da09a947f51bc79e0e10dc6b97e93d7482,2024-11-20T13:15:04.020000
CVE-2024-11087,1,1,848ba3dab32ff0162f5d034f77bfa9e62fe8169091600aa61dde0d51e75daeb2,2025-03-08T07:15:09.720000
CVE-2024-11087,0,0,848ba3dab32ff0162f5d034f77bfa9e62fe8169091600aa61dde0d51e75daeb2,2025-03-08T07:15:09.720000
CVE-2024-11088,0,0,63268aae491d1c648e7cfec2d8bb4b9b8988c9a8de960fef99629298e381225d,2024-11-21T15:15:21.097000
CVE-2024-11089,0,0,0f46a9a629be88f215b4a7ad0d79575a4e3b0caab898de683427fa2e5561e411,2024-11-21T15:15:21.500000
CVE-2024-1109,0,0,a7b1e71489d6774ecfe851782646b725fb9b27ab957ae0f8b7f311d63d7950f6,2024-11-21T08:49:48.980000
@ -247353,6 +247354,7 @@ CVE-2024-13354,0,0,70c8df8ffc765e671782c1c5275e6f7668ade0103b0f3f6fd1920147a9a81
CVE-2024-13355,0,0,b14926ff025e929de229a84af4734d711f0473d16ba82bc6498a7b20173af029,2025-01-16T10:15:08.750000
CVE-2024-13356,0,0,4c62ebf770eb8ffd31345cb0ef6c5025a9e134a147f2b545dcf049e579341f09,2025-02-04T10:15:07.920000
CVE-2024-13358,0,0,b1c8c907a5b672a39adc84aa5bad4ea5001bafb396499be4fc518e46c65a928d,2025-03-01T04:15:09.550000
CVE-2024-13359,1,1,df76a7fae90c0c3618e5cfaf0bc4ad676abf7e64e8eef5848c9e384e16259fd1,2025-03-08T10:15:09.977000
CVE-2024-1336,0,0,5ac217bb74b5afa6bf4a3181b1971e5eb197bf861678b67cc85953b7d0e71d82,2024-12-31T16:51:04.857000
CVE-2024-13360,0,0,42c7ef7264873842b1b321dcb1d9eb02287e4b9dd082710569d0b72683473221,2025-01-24T18:58:46.177000
CVE-2024-13361,0,0,796ae81aa903e35e91be1aa59cd637cc5eee53bc205bb2f1ae10309102da0980,2025-01-24T18:55:22.577000
@ -247758,6 +247760,7 @@ CVE-2024-13811,0,0,5b94a426632e0b7858178241c275865820be67c397c2529c7a30884806a0b
CVE-2024-13813,0,0,fdc4ad5ea8556267af57de167767e42189cf8d83fe0a9d1183500203243c2b38,2025-02-20T15:56:04.087000
CVE-2024-13814,0,0,1eaa34671c59ff347de019eb0f7db92c91d554728619786a007d058e64ccd6e0,2025-02-18T21:30:00.523000
CVE-2024-13815,0,0,c26d747b30e16449187df89ae1a63f232878b2518b742ef230f0e1b934e49302,2025-03-05T10:15:18.210000
CVE-2024-13816,1,1,cc0ed660c4e98ec0c8e0139557ba1a1f397c873674f832242bf2408bfc3089b8,2025-03-08T09:15:31.077000
CVE-2024-13817,0,0,b5a69d8e5693042f6213842e77c8ea5e9adad031b258d4d25f98e0b0bd22c27b,2025-01-31T03:15:10.910000
CVE-2024-13818,0,0,b34cef01cb19d809209555e3902d48d3c034a9e483326b43d02f63f2eb6722a8,2025-02-25T17:03:16.093000
CVE-2024-1382,0,0,46ba372cc585c5cc80406db23ae24542751b0e1ef43905cbc6e0bcf967676a5e,2025-01-21T17:04:33.737000
@ -247800,6 +247803,7 @@ CVE-2024-1387,0,0,8e6bcbdaec79085616e17d0cff8f7e9074033b4370339ebb2fb375231d6ccb
CVE-2024-13873,0,0,ef7d81633c3243b5a662796d38d39a610ff44d855cd436a1a77aa5716496d20c,2025-02-22T04:15:09.567000
CVE-2024-13879,0,0,840cef42e99ba3012c3b31f8bded69776814665d9c25d0869b7b55ae4acecc40,2025-02-17T16:15:15.950000
CVE-2024-1388,0,0,4055ac29f5fc98e5c697dde8e9fd854a4a3e80aad935e1d1af922e2721330e53,2025-01-16T15:18:18.140000
CVE-2024-13882,1,1,d23d49c98387f6442c8f9aba1e2405a91c54af6f21f17367597a68563af5b8f3,2025-03-08T09:15:31.250000
CVE-2024-13883,0,0,1e82cdf8d40eea1cf0fdba117374eff50482e8082835729e73b8298b4bf2a5eb,2025-02-25T03:39:21.267000
CVE-2024-13888,0,0,45ea465fd1196bf38b8c341b411c16c5302500649feb2c402e910f2e8aae7f79,2025-02-25T20:39:44.927000
CVE-2024-1389,0,0,44c915b89d8f24815db27dcf9521c10fcca5d968291afb2cbd201094aadb9d12,2025-01-27T17:15:51.567000
@ -247818,7 +247822,7 @@ CVE-2024-13904,0,0,6ed46fabfefc9c5da61282f47ce5a7f4388439dd6fcf28ed8981cf00c9bb3
CVE-2024-13905,0,0,94a06017058e47ea224d64f1fcc59573ef0629f841649e95825b26eac6b9c491,2025-02-27T05:15:13.610000
CVE-2024-13906,0,0,49d3c886d6eb569e3be95840598d3644d2e3a759a922a1777a4a1a594b4b6b41,2025-03-07T08:15:37.467000
CVE-2024-13907,0,0,f2da3425f3470ad3127836884558cd2ad3921d2f9bdfdbcb35d8a21b911174f4,2025-02-27T07:15:33.543000
CVE-2024-13908,1,1,b02feb571c3f56395c71015215fc0c37a39f6c271a94ae36e8f1cf1686537b5a,2025-03-08T07:15:10.690000
CVE-2024-13908,0,0,b02feb571c3f56395c71015215fc0c37a39f6c271a94ae36e8f1cf1686537b5a,2025-03-08T07:15:10.690000
CVE-2024-1391,0,0,fccbf24dfb651f372e2b51106217c90f4de85c1f936edcd91290184be12fa7b9,2025-01-17T19:52:57.843000
CVE-2024-13910,0,0,1da974c8b4278339ddaf4e1b70396d7d0139387963424ab28e0cb7907c842a5e,2025-03-01T09:15:09.517000
CVE-2024-13911,0,0,5c6ec30a98a23b22a75401ffb9290b39df569bd0f5609894fc8fdc52c5d0d4f8,2025-03-01T08:15:33.803000
@ -280205,6 +280209,7 @@ CVE-2025-0173,0,0,f8b0314ed39e527fabb4cd92dfd81e3169abbd8b79f7d02c23b85a331bfa3d
CVE-2025-0174,0,0,2781e194f9798c75bf0ec32dea68200ca4aca4903740e2d2b80a2f0be0df417e,2025-02-25T22:42:09.023000
CVE-2025-0175,0,0,80758939dc78975a0b0f11b5122318c85771cff4c6d6324f77ed7ad227d42c7f,2025-02-25T22:42:22.270000
CVE-2025-0176,0,0,4f166ededfe603f7b909f38bf43e5476f4c4acc90bc4bca3384ed33dd9906445,2025-01-03T15:15:11.360000
CVE-2025-0177,1,1,51fc39af6d3f2140426d8a331c9fc94d9dafec3f019efc3bb9078a88e2f86525,2025-03-08T09:15:31.420000
CVE-2025-0178,0,0,944748b325d4376009262d91b41fb752899bf5d01e4dc12f97d2cde619932e0c,2025-02-14T14:15:32.403000
CVE-2025-0180,0,0,45564097f8949edeaed9ca9ee45d4b95a2a515d148fe7f516835a6a631636cf0,2025-02-11T07:15:29.277000
CVE-2025-0181,0,0,3daa095a8ef29b155e27eb528b6494dc885d5fb57d0193f8fe2a690199fb3ae3,2025-02-11T07:15:29.827000
@ -280910,6 +280915,7 @@ CVE-2025-1270,0,0,a0fba4bca59afda304bf8335640266a3acf6a1624640bee675db51d94e9fc4
CVE-2025-1271,0,0,0359319eae8a142a0720b34e58c3d3808902c47ddd06a524c0e8a18f2f2f366a,2025-02-13T13:15:09.433000
CVE-2025-1282,0,0,135e0d0f84484b53270653b79f9e366f1c0baa627fbaf4af3fe538f7cdb33c50,2025-02-27T09:15:10.160000
CVE-2025-1283,0,0,4175667403ef8488e39c5e8c2dd94a274e533a8ac41a5d588031878a218b6b1e,2025-03-04T20:59:05.417000
CVE-2025-1287,1,1,37b8d6e5bb02fec4db4fe6ebb7f78e649494f82b2a965d784db2bbf955be9dfb,2025-03-08T09:15:31.590000
CVE-2025-1291,0,0,bb482c13e6ea46eaa51479ea468a757d12dfa1292b1f2ec778322441cd52e4d5,2025-03-01T09:15:09.710000
CVE-2025-1293,0,0,60a11b51b89461cf0f7c120de5ab3c93294ee5f6a5e19d6ba8d0bb06e8828d44,2025-02-20T01:15:09.950000
CVE-2025-1295,0,0,24bdaaeb758634ffe52b87573cb2760c08e1a07ac9682ba1ed20b65d22033cf6,2025-02-27T06:15:21.990000
@ -280923,6 +280929,10 @@ CVE-2025-1315,0,0,5be04aa629598e4be5d357c662948434207fa248de797d14003b93bcf9fdac
CVE-2025-1316,0,0,f932f98d5a32b1e0c223e88762610c5952375892982b9e178aa7ca013cbd0ec3,2025-03-05T00:15:35.057000
CVE-2025-1319,0,0,33bda93fd3980ba7b6a91272d6a6ae7036010f8fa7bdd3f4dc099ca7b24e3ab8,2025-03-06T15:00:16.447000
CVE-2025-1321,0,0,fe193fa44353594440aac216be48f78f1d1914788baa79c358bb03fb8eb369f9,2025-03-04T04:15:11.547000
CVE-2025-1322,1,1,ef532a524b09825661ab421375ab624604880ea49516d5ffa6abd3daa6646678,2025-03-08T10:15:10.583000
CVE-2025-1323,1,1,033b81ac968bdbd8998abfe50ff1029213aaccbbd88f79ffcc07fefd27cf79c7,2025-03-08T10:15:11.003000
CVE-2025-1324,1,1,7683703969288304647be96e6e18acedc0aaa47738bdb4c92e55ffe9d48662b4,2025-03-08T10:15:11.217000
CVE-2025-1325,1,1,b4fb99b87c595d4997dd2b75e32d285cdf4b5b8e9910ed9f6bc4a7a9a97b0ede,2025-03-08T10:15:11.427000
CVE-2025-1328,0,0,e2b9ad996048bde72d17ec9a6affa826b875b275e51ef749199b511eae0ab088,2025-02-25T18:03:46.410000
CVE-2025-1332,0,0,04253da72e8edd91cac77b4f2ad8533b669f4d496d09ec3f2573f85295be125b,2025-02-16T01:15:20.440000
CVE-2025-1335,0,0,bb409ff99c8e3378896a9535373b62c93c367d19339145f6746127b81b9cf3e2,2025-02-28T19:47:07.220000
@ -281125,6 +281135,7 @@ CVE-2025-1757,0,0,78b33a074cf39bfe778889068f984255867e6a5fb09e8f531bc6334acbd95f
CVE-2025-1768,0,0,e21e53cb16776247b7fcdb1da98b2a5a84bc79fed4b5aeb36139ff1ea1a21bd9,2025-03-07T11:15:15.653000
CVE-2025-1776,0,0,1a12423b233b2ef4ba69976c3f13498310a33efb7f09102cfb934a1191ac53f0,2025-02-28T14:15:35.943000
CVE-2025-1780,0,0,226a30a5273cda636f0411ff11753517352eef60dfa6b2b998a1836a6dc818bf,2025-03-01T04:15:09.713000
CVE-2025-1783,1,1,7fcaf339289a48edd534e2424306b8cd911988b21bbe826dd21f100c86d4c9de,2025-03-08T10:15:11.647000
CVE-2025-1786,0,0,6efea7c83ade59c3484e3ccdf6b16455298d78bd2d350ead5c28c52e73509d8e,2025-03-03T21:15:16.130000
CVE-2025-1788,0,0,65633b0fdde44bd6e8f752d6a57d4e3e26e3a2eb678db1c79ca98769400305da,2025-03-03T21:15:16.263000
CVE-2025-1791,0,0,3c9031f43c5aed2d49ec4c2e3a617d4eaa134c60206475ea4448611f5ca2f51c,2025-03-03T21:15:16.433000

Can't render this file because it is too large.