diff --git a/CVE-2023/CVE-2023-442xx/CVE-2023-44258.json b/CVE-2023/CVE-2023-442xx/CVE-2023-44258.json new file mode 100644 index 00000000000..90c21611086 --- /dev/null +++ b/CVE-2023/CVE-2023-442xx/CVE-2023-44258.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-44258", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:07.020", + "lastModified": "2025-01-02T12:15:07.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Schema App Schema App Structured Data allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schema App Structured Data: from n/a through 1.23.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/schema-app-structured-data-for-schemaorg/vulnerability/wordpress-schema-app-structured-data-plugin-1-22-3-csrf-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-449xx/CVE-2023-44988.json b/CVE-2023/CVE-2023-449xx/CVE-2023-44988.json new file mode 100644 index 00000000000..d07c13cbe70 --- /dev/null +++ b/CVE-2023/CVE-2023-449xx/CVE-2023-44988.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-44988", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.073", + "lastModified": "2025-01-02T12:15:08.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-custom-admin-interface/vulnerability/wordpress-wp-custom-admin-interface-plugin-7-32-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45002.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45002.json new file mode 100644 index 00000000000..5ff471400a5 --- /dev/null +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45002.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45002", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.213", + "lastModified": "2025-01-02T12:15:08.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-user-frontend/vulnerability/wordpress-wp-user-frontend-plugin-3-6-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45045.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45045.json new file mode 100644 index 00000000000..d677ceb22bd --- /dev/null +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45045.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45045", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.363", + "lastModified": "2025-01-02T12:15:08.363", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Kishor Khambu WP Custom Widget area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget area: from n/a through 1.2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-custom-widget-area/vulnerability/wordpress-wp-custom-widget-area-plugin-1-2-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-450xx/CVE-2023-45061.json b/CVE-2023/CVE-2023-450xx/CVE-2023-45061.json new file mode 100644 index 00000000000..31d19e98f15 --- /dev/null +++ b/CVE-2023/CVE-2023-450xx/CVE-2023-45061.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45061", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.507", + "lastModified": "2025-01-02T12:15:08.507", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in AWSM Innovations WP Job Openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a through 3.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-job-openings/vulnerability/wordpress-wp-job-openings-plugin-3-4-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45101.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45101.json new file mode 100644 index 00000000000..bfc83621bdb --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45101.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45101", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.650", + "lastModified": "2025-01-02T12:15:08.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Customer Reviews for WooCommerce: from n/a through 5.36.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/customer-reviews-woocommerce/vulnerability/wordpress-customer-reviews-for-woocommerce-plugin-5-36-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45104.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45104.json new file mode 100644 index 00000000000..4213eadcb5a --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45104.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45104", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.790", + "lastModified": "2025-01-02T12:15:08.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WPDeveloper BetterLinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through 1.6.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/betterlinks/vulnerability/wordpress-betterlinks-plugin-1-6-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45110.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45110.json new file mode 100644 index 00000000000..4c30e1d6627 --- /dev/null +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45110.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45110", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:08.940", + "lastModified": "2025-01-02T12:15:08.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in BoldThemes Bold Timeline Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: from n/a through 1.1.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/bold-timeline-lite/vulnerability/wordpress-bold-timeline-lite-plugin-1-1-9-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-452xx/CVE-2023-45271.json b/CVE-2023/CVE-2023-452xx/CVE-2023-45271.json new file mode 100644 index 00000000000..2e021454444 --- /dev/null +++ b/CVE-2023/CVE-2023-452xx/CVE-2023-45271.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45271", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.087", + "lastModified": "2025-01-02T12:15:09.087", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WowStore Team ProductX \u2013 Gutenberg WooCommerce Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ProductX \u2013 Gutenberg WooCommerce Blocks: from n/a through 2.7.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/product-blocks/vulnerability/wordpress-productx-gutenberg-woocommerce-blocks-plugin-2-7-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-452xx/CVE-2023-45275.json b/CVE-2023/CVE-2023-452xx/CVE-2023-45275.json new file mode 100644 index 00000000000..208f92c9e1e --- /dev/null +++ b/CVE-2023/CVE-2023-452xx/CVE-2023-45275.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45275", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.253", + "lastModified": "2025-01-02T12:15:09.253", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.28." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/kali-forms/vulnerability/wordpress-contact-form-builder-with-drag-drop-plugin-2-3-27-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-456xx/CVE-2023-45631.json b/CVE-2023/CVE-2023-456xx/CVE-2023-45631.json new file mode 100644 index 00000000000..884fc4e600a --- /dev/null +++ b/CVE-2023/CVE-2023-456xx/CVE-2023-45631.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45631", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.390", + "lastModified": "2025-01-02T12:15:09.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/gallery-album/vulnerability/wordpress-gallery-image-and-video-gallery-with-thumbnails-plugin-2-0-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-456xx/CVE-2023-45636.json b/CVE-2023/CVE-2023-456xx/CVE-2023-45636.json new file mode 100644 index 00000000000..b2f8bf13ccf --- /dev/null +++ b/CVE-2023/CVE-2023-456xx/CVE-2023-45636.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45636", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.530", + "lastModified": "2025-01-02T12:15:09.530", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WebToffee WordPress Backup & Migration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Backup & Migration: from n/a through 1.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-migration-duplicator/vulnerability/wordpress-wordpress-backup-migration-plugin-1-4-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-456xx/CVE-2023-45649.json b/CVE-2023/CVE-2023-456xx/CVE-2023-45649.json new file mode 100644 index 00000000000..cb34bbfbde2 --- /dev/null +++ b/CVE-2023/CVE-2023-456xx/CVE-2023-45649.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45649", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.680", + "lastModified": "2025-01-02T12:15:09.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in CodePeople Appointment Hour Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Hour Booking: from n/a through 1.4.23." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/appointment-hour-booking/vulnerability/wordpress-appointment-hour-booking-plugin-1-4-23-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45760.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45760.json new file mode 100644 index 00000000000..70ca8fe154b --- /dev/null +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45760.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45760", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.827", + "lastModified": "2025-01-02T12:15:09.827", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpdiscuz/vulnerability/wordpress-wpdiscuz-plugin-7-6-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45765.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45765.json new file mode 100644 index 00000000000..0670c57bfa6 --- /dev/null +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45765.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45765", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:09.970", + "lastModified": "2025-01-02T12:15:09.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in weDevs WP ERP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP ERP: from n/a through 1.12.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/erp/vulnerability/wordpress-wp-erp-plugin-1-12-6-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45766.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45766.json new file mode 100644 index 00000000000..d4c16b3f355 --- /dev/null +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45766.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45766", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.113", + "lastModified": "2025-01-02T12:15:10.113", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through 4.7.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/poll-maker/vulnerability/wordpress-poll-maker-plugin-4-7-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-458xx/CVE-2023-45828.json b/CVE-2023/CVE-2023-458xx/CVE-2023-45828.json new file mode 100644 index 00000000000..ff206d85baf --- /dev/null +++ b/CVE-2023/CVE-2023-458xx/CVE-2023-45828.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-45828", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.247", + "lastModified": "2025-01-02T12:15:10.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in RumbleTalk Ltd RumbleTalk Live Group Chat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RumbleTalk Live Group Chat: from n/a through 6.2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/rumbletalk-chat-a-chat-with-themes/vulnerability/wordpress-rumbletalk-live-group-chat-plugin-6-1-9-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46073.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46073.json new file mode 100644 index 00000000000..79e05c40628 --- /dev/null +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46073.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46073", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.397", + "lastModified": "2025-01-02T12:15:10.397", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in nofearinc DX Delete Attached Media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DX Delete Attached Media: from n/a through 2.0.5.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dx-delete-attached-media/vulnerability/wordpress-dx-delete-attached-media-plugin-2-0-5-1-broken-access-control-vulnerability-csrf?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46079.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46079.json new file mode 100644 index 00000000000..a8499f02f74 --- /dev/null +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46079.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46079", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.533", + "lastModified": "2025-01-02T12:15:10.533", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ashe-extra/vulnerability/wordpress-ashe-extra-plugin-1-2-6-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46080.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46080.json new file mode 100644 index 00000000000..44f478bc927 --- /dev/null +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46080.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46080", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.667", + "lastModified": "2025-01-02T12:15:10.667", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Farhan Noor ApplyOnline \u2013 Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ApplyOnline \u2013 Application Form Builder and Manager: from n/a through 2.5.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/apply-online/vulnerability/wordpress-applyonline-application-form-builder-and-manager-plugin-2-5-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46082.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46082.json new file mode 100644 index 00000000000..bb3bb4acfb6 --- /dev/null +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46082.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46082", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.817", + "lastModified": "2025-01-02T12:15:10.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Cyberlord92 Broken Link Checker | Finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker | Finder: from n/a through 2.4.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/broken-link-finder/vulnerability/wordpress-broken-link-checker-finder-plugin-2-4-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-460xx/CVE-2023-46083.json b/CVE-2023/CVE-2023-460xx/CVE-2023-46083.json new file mode 100644 index 00000000000..3950d1b11f3 --- /dev/null +++ b/CVE-2023/CVE-2023-460xx/CVE-2023-46083.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46083", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:10.980", + "lastModified": "2025-01-02T12:15:10.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.27." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/kali-forms/vulnerability/wordpress-kali-forms-plugin-2-3-27-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46188.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46188.json new file mode 100644 index 00000000000..158cea107f3 --- /dev/null +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46188.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46188", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.127", + "lastModified": "2025-01-02T12:15:11.127", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Jose Mortellaro Freesoul Deactivate Plugins \u2013 Plugin manager and cleanup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Freesoul Deactivate Plugins \u2013 Plugin manager and cleanup: from n/a through 2.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/freesoul-deactivate-plugins/vulnerability/wordpress-freesoul-deactivate-plugins-plugin-2-1-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46195.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46195.json new file mode 100644 index 00000000000..bc36eb64d6a --- /dev/null +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46195.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46195", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.270", + "lastModified": "2025-01-02T12:15:11.270", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in CoSchedule Headline Analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: from n/a through 1.3.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/headline-analyzer/vulnerability/wordpress-headline-analyzer-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46196.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46196.json new file mode 100644 index 00000000000..380a8166028 --- /dev/null +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46196.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46196", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.407", + "lastModified": "2025-01-02T12:15:11.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social proof testimonials and reviews by Repuso: from n/a through 4.97." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/social-testimonials-and-reviews-widget/vulnerability/wordpress-social-proof-testimonials-and-reviews-by-repuso-plugin-4-97-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-462xx/CVE-2023-46203.json b/CVE-2023/CVE-2023-462xx/CVE-2023-46203.json new file mode 100644 index 00000000000..3cf2b270a35 --- /dev/null +++ b/CVE-2023/CVE-2023-462xx/CVE-2023-46203.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46203", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.560", + "lastModified": "2025-01-02T12:15:11.560", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Custom Fields: from n/a through 3.3.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/just-custom-fields/vulnerability/wordpress-just-custom-fields-plugin-3-3-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-462xx/CVE-2023-46206.json b/CVE-2023/CVE-2023-462xx/CVE-2023-46206.json new file mode 100644 index 00000000000..ab04802c525 --- /dev/null +++ b/CVE-2023/CVE-2023-462xx/CVE-2023-46206.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46206", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.710", + "lastModified": "2025-01-02T12:15:11.710", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in websoudan MW WP Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MW WP Form: from n/a through 4.4.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mw-wp-form/vulnerability/wordpress-mw-wp-form-plugin-4-4-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-463xx/CVE-2023-46309.json b/CVE-2023/CVE-2023-463xx/CVE-2023-46309.json new file mode 100644 index 00000000000..94b11937695 --- /dev/null +++ b/CVE-2023/CVE-2023-463xx/CVE-2023-46309.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46309", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.857", + "lastModified": "2025-01-02T12:15:11.857", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpdiscuz/vulnerability/wordpress-wpdiscuz-plugin-7-6-10-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46605.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46605.json new file mode 100644 index 00000000000..f2640fafe7e --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46605.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46605", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:11.993", + "lastModified": "2025-01-02T12:15:11.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Ruslan Suhar Convertful \u2013 Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Convertful \u2013 Your Ultimate On-Site Conversion Tool: from n/a through 2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/convertful/vulnerability/wordpress-convertful-your-ultimate-on-site-conversion-tool-plugin-2-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46606.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46606.json new file mode 100644 index 00000000000..4af324a532d --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46606.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46606", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:12.133", + "lastModified": "2025-01-02T12:15:12.133", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in AtomChat AtomChat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through 1.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/atomchat/vulnerability/wordpress-atomchat-plugin-1-1-4-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46607.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46607.json new file mode 100644 index 00000000000..81d2fd9658e --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46607.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46607", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:12.283", + "lastModified": "2025-01-02T12:15:12.283", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from n/a through 1.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-ical-availability/vulnerability/wordpress-wp-ical-availability-plugin-1-0-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46608.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46608.json new file mode 100644 index 00000000000..f4f38918bdc --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46608.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46608", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:12.437", + "lastModified": "2025-01-02T12:15:12.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WPDO DoLogin Security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through 3.7.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dologin/vulnerability/wordpress-dologin-security-plugin-3-7-1-multiple-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46609.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46609.json new file mode 100644 index 00000000000..bb38f25ec72 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46609.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46609", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:12.593", + "lastModified": "2025-01-02T12:15:12.593", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in FeedFocal FeedFocal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FeedFocal: from n/a through 1.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/feedfocal/vulnerability/wordpress-feedfocal-plugin-1-2-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46610.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46610.json new file mode 100644 index 00000000000..fca27bfdc03 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46610.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46610", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:12.730", + "lastModified": "2025-01-02T12:15:12.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in quillforms.com Quill Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quill Forms: from n/a through 3.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/quillforms/vulnerability/wordpress-quill-forms-plugin-3-3-0-broken-access-control-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46611.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46611.json new file mode 100644 index 00000000000..7bb4cb761f5 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46611.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46611", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:12.867", + "lastModified": "2025-01-02T12:15:12.867", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.This issue affects YOP Poll: from n/a through 6.5.28." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-305" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/yop-poll/vulnerability/wordpress-yop-poll-plugin-6-5-28-vote-manipulation-due-to-broken-captcha-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46612.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46612.json new file mode 100644 index 00000000000..d6be05fbf2c --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46612.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46612", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.007", + "lastModified": "2025-01-02T12:15:13.007", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in codedrafty Mediabay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mediabay: from n/a through 1.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mediabay-lite/vulnerability/wordpress-mediabay-plugin-1-6-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46616.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46616.json new file mode 100644 index 00000000000..7cde8b976ea --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46616.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46616", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.170", + "lastModified": "2025-01-02T12:15:13.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/draw-attention/vulnerability/wordpress-draw-attention-plugin-2-0-15-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46628.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46628.json new file mode 100644 index 00000000000..f15b05d2e98 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46628.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46628", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.353", + "lastModified": "2025-01-02T12:15:13.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in RedLettuce Plugins WP Word Count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Word Count: from n/a through 3.2.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-word-count/vulnerability/wordpress-wp-word-count-plugin-3-2-4-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46631.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46631.json new file mode 100644 index 00000000000..bed5b0fd1ca --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46631.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46631", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.503", + "lastModified": "2025-01-02T12:15:13.503", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in RevenueHunt Product Recommendation Quiz for eCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Recommendation Quiz for eCommerce: from n/a through 2.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/product-recommendation-quiz-for-ecommerce/vulnerability/wordpress-product-recommendation-quiz-for-ecommerce-plugin-2-1-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46632.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46632.json new file mode 100644 index 00000000000..46b69de0efa --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46632.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46632", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.643", + "lastModified": "2025-01-02T12:15:13.643", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Shortcodes: from n/a through 2.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/my-shortcodes/vulnerability/wordpress-my-shortcodes-plugin-2-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46633.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46633.json new file mode 100644 index 00000000000..55372d475c9 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46633.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46633", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.790", + "lastModified": "2025-01-02T12:15:13.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-glossary/vulnerability/wordpress-wp-glossary-plugin-3-1-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46635.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46635.json new file mode 100644 index 00000000000..b75deb6d538 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46635.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46635", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:13.940", + "lastModified": "2025-01-02T12:15:13.940", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in YITH YITH WooCommerce Product Add-Ons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/yith-woocommerce-product-add-ons/vulnerability/wordpress-yith-woocommerce-product-add-ons-plugin-4-2-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46637.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46637.json new file mode 100644 index 00000000000..5b554ca82be --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46637.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46637", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:14.090", + "lastModified": "2025-01-02T12:15:14.090", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/generate-dummy-posts/vulnerability/wordpress-generate-dummy-posts-plugin-1-0-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46639.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46639.json new file mode 100644 index 00000000000..0331d98fc38 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46639.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46639", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:14.243", + "lastModified": "2025-01-02T12:15:14.243", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/kk-star-ratings/vulnerability/wordpress-kk-star-ratings-plugin-5-4-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46644.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46644.json new file mode 100644 index 00000000000..4893558e020 --- /dev/null +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46644.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-46644", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:14.417", + "lastModified": "2025-01-02T12:15:14.417", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP CTA PRO WordPress CTA allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress CTA: from n/a through 1.5.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/easy-sticky-sidebar/vulnerability/wordpress-wordpress-cta-wordpress-call-to-action-sticky-cta-floating-buttons-floating-tab-plugin-plugin-1-5-6-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47179.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47179.json new file mode 100644 index 00000000000..b2b27c30fb1 --- /dev/null +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47179.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47179", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:14.560", + "lastModified": "2025-01-02T12:15:14.560", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through 2.4.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/byconsole-woo-order-delivery-time/vulnerability/wordpress-wooodt-lite-plugin-2-4-6-arbitrary-site-option-update-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47180.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47180.json new file mode 100644 index 00000000000..1761b79d6b8 --- /dev/null +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47180.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47180", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:14.713", + "lastModified": "2025-01-02T12:15:14.713", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in XLPlugins Finale Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Finale Lite: from n/a through 2.16.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/finale-woocommerce-sales-countdown-timer-discount/vulnerability/wordpress-finale-lite-sales-countdown-timer-discount-for-woocommerce-plugin-2-16-0-arbitrary-content-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47183.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47183.json new file mode 100644 index 00000000000..cbff68dd64f --- /dev/null +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47183.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47183", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:14.873", + "lastModified": "2025-01-02T12:15:14.873", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in GiveWP GiveWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through 2.33.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/give/vulnerability/wordpress-givewp-plugin-2-33-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47187.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47187.json new file mode 100644 index 00000000000..e2f8cbcf3f3 --- /dev/null +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47187.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47187", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.000", + "lastModified": "2025-01-02T12:15:15.000", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through 5.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/css3-rotating-words/vulnerability/wordpress-animated-rotating-words-plugin-5-4-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-471xx/CVE-2023-47188.json b/CVE-2023/CVE-2023-471xx/CVE-2023-47188.json new file mode 100644 index 00000000000..29827a2c318 --- /dev/null +++ b/CVE-2023/CVE-2023-471xx/CVE-2023-47188.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47188", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.180", + "lastModified": "2025-01-02T12:15:15.180", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in PressTigers Simple Job Board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Job Board: from n/a through 2.10.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/simple-job-board/vulnerability/wordpress-simple-job-board-plugin-2-10-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47224.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47224.json new file mode 100644 index 00000000000..a3ebeb67404 --- /dev/null +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47224.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47224", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.317", + "lastModified": "2025-01-02T12:15:15.317", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through 7.8.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-travel/vulnerability/wordpress-wp-travel-plugin-7-5-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47225.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47225.json new file mode 100644 index 00000000000..defc6739e5f --- /dev/null +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47225.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47225", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.470", + "lastModified": "2025-01-02T12:15:15.470", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in KaizenCoders Short URL allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Short URL: from n/a through 1.6.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/shorten-url/vulnerability/wordpress-short-url-plugin-1-6-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47241.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47241.json new file mode 100644 index 00000000000..8bba4474800 --- /dev/null +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47241.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47241", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.600", + "lastModified": "2025-01-02T12:15:15.600", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in CoCart Headless, LLC CoCart \u2013 Headless ecommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CoCart \u2013 Headless ecommerce: from n/a through 3.11.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cart-rest-api-for-woocommerce/vulnerability/wordpress-cocart-headless-ecommerce-plugin-3-9-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47515.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47515.json new file mode 100644 index 00000000000..680b09e847f --- /dev/null +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47515.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47515", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.733", + "lastModified": "2025-01-02T12:15:15.733", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Seers Seers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seers: from n/a through 8.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/seers-cookie-consent-banner-privacy-policy/vulnerability/wordpress-seers-gdpr-ccpa-cookie-consent-compliance-plugin-8-0-6-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47523.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47523.json new file mode 100644 index 00000000000..59264cd8442 --- /dev/null +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47523.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47523", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.863", + "lastModified": "2025-01-02T12:15:15.863", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Ecreate Infotech Auto Tag Creator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Tag Creator: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/auto-tag-creator/vulnerability/wordpress-auto-tag-creator-plugin-1-0-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-475xx/CVE-2023-47557.json b/CVE-2023/CVE-2023-475xx/CVE-2023-47557.json new file mode 100644 index 00000000000..58b82c1446f --- /dev/null +++ b/CVE-2023/CVE-2023-475xx/CVE-2023-47557.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47557", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:15.990", + "lastModified": "2025-01-02T12:15:15.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in wp-buy Visitors Traffic Real Time Statistics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visitors Traffic Real Time Statistics: from n/a through 7.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/visitors-traffic-real-time-statistics/vulnerability/wordpress-visitor-traffic-real-time-statistics-plugin-7-2-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47647.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47647.json new file mode 100644 index 00000000000..373780a04c4 --- /dev/null +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47647.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47647", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:16.127", + "lastModified": "2025-01-02T12:15:16.127", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in LearningTimes BadgeOS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BadgeOS: from n/a through 3.7.1.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/badgeos/vulnerability/wordpress-badgeos-plugin-3-7-1-6-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47648.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47648.json new file mode 100644 index 00000000000..d31315dfe7a --- /dev/null +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47648.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47648", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:16.260", + "lastModified": "2025-01-02T12:15:16.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through 2.3.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/eazydocs/vulnerability/wordpress-eazydocs-plugin-2-3-3-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47661.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47661.json new file mode 100644 index 00000000000..ef6611d8b35 --- /dev/null +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47661.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47661", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:16.413", + "lastModified": "2025-01-02T12:15:16.413", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Dragfy Dragfy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dragfy Addons for Elementor: from n/a through 1.0.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/dragfy-addons-for-elementor/vulnerability/wordpress-dragfy-addons-for-elementor-plugin-1-0-2-broken-access-control-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47689.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47689.json new file mode 100644 index 00000000000..238661f904b --- /dev/null +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47689.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47689", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:16.543", + "lastModified": "2025-01-02T12:15:16.543", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Toast Plugins Animator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animator: from n/a through 3.0.10." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/scroll-triggered-animations/vulnerability/wordpress-animator-plugin-3-0-9-unauthenticated-plugin-settings-change-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47692.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47692.json new file mode 100644 index 00000000000..4cc638d3f46 --- /dev/null +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47692.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47692", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:16.673", + "lastModified": "2025-01-02T12:15:16.673", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Flothemes Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through 1.0.41." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/flo-forms/vulnerability/wordpress-flo-forms-plugin-1-0-41-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47693.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47693.json new file mode 100644 index 00000000000..f036db072f9 --- /dev/null +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47693.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2023-47693", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:16.800", + "lastModified": "2025-01-02T12:15:16.800", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.2.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ultimate-addons-for-contact-form-7/vulnerability/wordpress-ultimate-addons-for-contact-form-7-plugin-3-2-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13104.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13104.json new file mode 100644 index 00000000000..7bf9363002a --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13104.json @@ -0,0 +1,156 @@ +{ + "id": "CVE-2024-13104", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-02T11:15:06.500", + "lastModified": "2025-01-02T11:15:06.500", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "En D-Link DIR-816 A2 1.10CNB05_R1B011D88210 se ha detectado una vulnerabilidad clasificada como cr\u00edtica. Se trata de una funci\u00f3n desconocida del archivo /goform/form2AdvanceSetup.cgi del componente WiFi Settings Handler. La manipulaci\u00f3n conduce a controles de acceso inadecuados. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2AdvanceSetup.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289920", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289920", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472076", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13105.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13105.json new file mode 100644 index 00000000000..ac110c86be2 --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13105.json @@ -0,0 +1,156 @@ +{ + "id": "CVE-2024-13105", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-02T11:15:07.547", + "lastModified": "2025-01-02T11:15:07.547", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en D-Link DIR-816 A2 1.10CNB05_R1B011D88210 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /goform/form2Dhcpd.cgi del componente DHCPD Setting Handler. La manipulaci\u00f3n conduce a controles de acceso inadecuados. El ataque puede ejecutarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2Dhcpd.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289921", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289921", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472085", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13106.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13106.json new file mode 100644 index 00000000000..8b45b9f2dc1 --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13106.json @@ -0,0 +1,152 @@ +{ + "id": "CVE-2024-13106", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-02T12:15:16.940", + "lastModified": "2025-01-02T12:15:16.940", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/form2IPQoSTcAdd of the component IP QoS Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2IPQoSTcAdd.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289922", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289922", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472086", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-131xx/CVE-2024-13107.json b/CVE-2024/CVE-2024-131xx/CVE-2024-13107.json new file mode 100644 index 00000000000..8f0c474a91c --- /dev/null +++ b/CVE-2024/CVE-2024-131xx/CVE-2024-13107.json @@ -0,0 +1,152 @@ +{ + "id": "CVE-2024-13107", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-01-02T12:15:17.147", + "lastModified": "2025-01-02T12:15:17.147", + "vulnStatus": "Received", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. This affects an unknown part of the file /goform/form2LocalAclEditcfg.cgi of the component ACL Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + }, + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2LocalAclEditcfg.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289923", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289923", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.472087", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.dlink.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-370xx/CVE-2024-37093.json b/CVE-2024/CVE-2024-370xx/CVE-2024-37093.json new file mode 100644 index 00000000000..d263406d6c4 --- /dev/null +++ b/CVE-2024/CVE-2024-370xx/CVE-2024-37093.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37093", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:17.320", + "lastModified": "2025-01-02T12:15:17.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes MasterStudy LMS allows Cross Site Request Forgery.This issue affects MasterStudy LMS: from n/a through 3.2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/masterstudy-lms-learning-management-system/vulnerability/wordpress-masterstudy-lms-wordpress-plugin-plugin-3-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37102.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37102.json new file mode 100644 index 00000000000..c9808f428cc --- /dev/null +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37102.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37102", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:17.457", + "lastModified": "2025-01-02T12:15:17.457", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Vilva allows Cross Site Request Forgery.This issue affects Vilva: from n/a through 1.2.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/vilva/vulnerability/wordpress-vilva-theme-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37103.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37103.json new file mode 100644 index 00000000000..f2463cee60f --- /dev/null +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37103.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37103", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:17.590", + "lastModified": "2025-01-02T12:15:17.590", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Education Zone allows Cross Site Request Forgery.This issue affects Education Zone: from n/a through 1.3.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/education-zone/vulnerability/wordpress-education-zone-theme-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-371xx/CVE-2024-37104.json b/CVE-2024/CVE-2024-371xx/CVE-2024-37104.json new file mode 100644 index 00000000000..57f26238aa6 --- /dev/null +++ b/CVE-2024/CVE-2024-371xx/CVE-2024-37104.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37104", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:17.733", + "lastModified": "2025-01-02T12:15:17.733", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Chic Lite allows Cross Site Request Forgery.This issue affects Chic Lite: from n/a through 1.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/chic-lite/vulnerability/wordpress-chic-lite-theme-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37235.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37235.json new file mode 100644 index 00000000000..ce6ae54a0b5 --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37235.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37235", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:17.870", + "lastModified": "2025-01-02T12:15:17.870", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg allows Cross Site Request Forgery.This issue affects Groundhogg: from n/a through 3.4.2.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/groundhogg/vulnerability/wordpress-groundhogg-plugin-3-4-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37236.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37236.json new file mode 100644 index 00000000000..9d19b9a2ca9 --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37236.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37236", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.007", + "lastModified": "2025-01-02T12:15:18.007", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Tim Whitlock Loco Translate allows Cross Site Request Forgery.This issue affects Loco Translate: from n/a through 2.6.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/loco-translate/vulnerability/wordpress-loco-translate-plugin-2-6-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37238.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37238.json new file mode 100644 index 00000000000..2e11b45dfde --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37238.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37238", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.150", + "lastModified": "2025-01-02T12:15:18.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Greg Winiarski WPAdverts \u2013 Classifieds Plugin allows Cross Site Request Forgery.This issue affects WPAdverts \u2013 Classifieds Plugin: from n/a through 2.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpadverts/vulnerability/wordpress-wpadverts-classifieds-plugin-2-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37240.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37240.json new file mode 100644 index 00000000000..7bdb198ca98 --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37240.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37240", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.283", + "lastModified": "2025-01-02T12:15:18.283", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Faboba Falang multilanguage allows Cross Site Request Forgery.This issue affects Falang multilanguage: from n/a through 1.3.51." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/falang/vulnerability/wordpress-falang-multilanguage-for-wordpress-plugin-1-3-51-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37242.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37242.json new file mode 100644 index 00000000000..222f9f229b7 --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37242.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37242", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.443", + "lastModified": "2025-01-02T12:15:18.443", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters allows Cross Site Request Forgery.This issue affects Newspack Newsletters: from n/a through 2.13.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/newspack-newsletters/vulnerability/wordpress-newspack-newsletters-plugin-2-13-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37243.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37243.json new file mode 100644 index 00000000000..a8a530874ae --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37243.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37243", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.580", + "lastModified": "2025-01-02T12:15:18.580", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Vandana Lite allows Cross Site Request Forgery.This issue affects Vandana Lite: from n/a through 1.1.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/vandana-lite/vulnerability/wordpress-vandana-lite-theme-1-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37272.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37272.json new file mode 100644 index 00000000000..393f6a68cf6 --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37272.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37272", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.710", + "lastModified": "2025-01-02T12:15:18.710", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WP Travel Engine Travel Monster allows Cross Site Request Forgery.This issue affects Travel Monster: from n/a through 1.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/travel-monster/vulnerability/wordpress-travel-monster-theme-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-372xx/CVE-2024-37274.json b/CVE-2024/CVE-2024-372xx/CVE-2024-37274.json new file mode 100644 index 00000000000..650fabcad44 --- /dev/null +++ b/CVE-2024/CVE-2024-372xx/CVE-2024-37274.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37274", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.857", + "lastModified": "2025-01-02T12:15:18.857", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Freshlight Lab WP Mobile Menu allows Cross Site Request Forgery.This issue affects WP Mobile Menu: from n/a through 2.8.4.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mobile-menu/vulnerability/wordpress-wp-mobile-menu-the-mobile-friendly-responsive-menu-plugin-2-8-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37412.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37412.json new file mode 100644 index 00000000000..a03db159e75 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37412.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37412", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:18.997", + "lastModified": "2025-01-02T12:15:18.997", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Blossom Shop allows Cross Site Request Forgery.This issue affects Blossom Shop: from n/a through 1.1.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/blossom-shop/vulnerability/wordpress-blossom-shop-theme-1-1-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37413.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37413.json new file mode 100644 index 00000000000..715307f0d8b --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37413.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37413", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.130", + "lastModified": "2025-01-02T12:15:19.130", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Preschool and Kindergarten allows Cross Site Request Forgery.This issue affects Preschool and Kindergarten: from n/a through 1.2.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/preschool-and-kindergarten/vulnerability/wordpress-preschool-and-kindergarten-theme-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37417.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37417.json new file mode 100644 index 00000000000..31e19eb8d0f --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37417.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37417", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.263", + "lastModified": "2025-01-02T12:15:19.263", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Coachify Coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through 1.0.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/coachify/vulnerability/wordpress-coachify-theme-1-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37421.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37421.json new file mode 100644 index 00000000000..87d8da55ac9 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37421.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37421", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.393", + "lastModified": "2025-01-02T12:15:19.393", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme JobScout allows Cross Site Request Forgery.This issue affects JobScout: from n/a through 1.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/jobscout/vulnerability/wordpress-jobscout-theme-1-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37426.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37426.json new file mode 100644 index 00000000000..11a07cc84e8 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37426.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37426", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.520", + "lastModified": "2025-01-02T12:15:19.520", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Elegant Pink allows Cross Site Request Forgery.This issue affects Elegant Pink: from n/a through 1.3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/elegant-pink/vulnerability/wordpress-elegant-pink-theme-1-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37431.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37431.json new file mode 100644 index 00000000000..edeb896fd90 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37431.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37431", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.650", + "lastModified": "2025-01-02T12:15:19.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Horea Radu Mesmerize allows Cross Site Request Forgery.This issue affects Mesmerize: from n/a through 1.6.120." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/mesmerize/vulnerability/wordpress-mesmerize-theme-1-6-120-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37435.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37435.json new file mode 100644 index 00000000000..3d9fa477135 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37435.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37435", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.787", + "lastModified": "2025-01-02T12:15:19.787", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Perfect Portfolio allows Cross Site Request Forgery.This issue affects Perfect Portfolio: from n/a through 1.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/perfect-portfolio/vulnerability/wordpress-perfect-portfolio-theme-1-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37441.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37441.json new file mode 100644 index 00000000000..cf225242b00 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37441.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37441", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:19.923", + "lastModified": "2025-01-02T12:15:19.923", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in DesertThemes NewsMash allows Cross Site Request Forgery.This issue affects NewsMash: from n/a through 1.0.34." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/newsmash/vulnerability/wordpress-newsmash-theme-1-0-34-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37448.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37448.json new file mode 100644 index 00000000000..bf709ac3cae --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37448.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37448", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.050", + "lastModified": "2025-01-02T12:15:20.050", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in FameThemes OnePress allows Cross Site Request Forgery.This issue affects OnePress: from n/a through 2.3.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/onepress/vulnerability/wordpress-onepress-theme-2-3-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37450.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37450.json new file mode 100644 index 00000000000..298a1279926 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37450.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37450", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.187", + "lastModified": "2025-01-02T12:15:20.187", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Benevolent allows Cross Site Request Forgery.This issue affects Benevolent: from n/a through 1.3.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/benevolent/vulnerability/wordpress-benevolent-theme-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37451.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37451.json new file mode 100644 index 00000000000..08125086e5b --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37451.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37451", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.327", + "lastModified": "2025-01-02T12:15:20.327", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Travel Agency allows Cross Site Request Forgery.This issue affects Travel Agency: from n/a through 1.4.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/travel-agency/vulnerability/wordpress-travel-agency-theme-1-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37458.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37458.json new file mode 100644 index 00000000000..5e929f1a24a --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37458.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37458", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.463", + "lastModified": "2025-01-02T12:15:20.463", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in ExtendThemes Highlight allows Cross Site Request Forgery.This issue affects Highlight: from n/a through 1.0.29." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/highlight/vulnerability/wordpress-highlight-theme-1-0-29-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37467.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37467.json new file mode 100644 index 00000000000..445d92fa69a --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37467.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37467", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.590", + "lastModified": "2025-01-02T12:15:20.590", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in ThemeIsle Hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through 3.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/hestia/vulnerability/wordpress-hestia-theme-3-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37469.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37469.json new file mode 100644 index 00000000000..c9dbfc58c2b --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37469.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37469", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.717", + "lastModified": "2025-01-02T12:15:20.717", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in CreativeThemes Blocksy allows Cross Site Request Forgery.This issue affects Blocksy: from n/a through 2.0.22." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/blocksy/vulnerability/wordpress-blocksy-theme-1-9-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37473.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37473.json new file mode 100644 index 00000000000..338908dda1a --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37473.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37473", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.850", + "lastModified": "2025-01-02T12:15:20.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in BlazeThemes Trendy News allows Cross Site Request Forgery.This issue affects Trendy News: from n/a through 1.0.15." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/trendy-news/vulnerability/wordpress-trendy-news-theme-1-0-15-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37478.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37478.json new file mode 100644 index 00000000000..42c0b5d4bd6 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37478.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37478", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:20.990", + "lastModified": "2025-01-02T12:15:20.990", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Ashe allows Cross Site Request Forgery.This issue affects Ashe: from n/a through 2.233." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/ashe/vulnerability/wordpress-ashe-theme-2-233-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37490.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37490.json new file mode 100644 index 00000000000..502ccdbfa07 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37490.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37490", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.123", + "lastModified": "2025-01-02T12:15:21.123", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Bard allows Cross Site Request Forgery.This issue affects Bard: from n/a through 2.210." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/bard/vulnerability/wordpress-bard-theme-2-210-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37491.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37491.json new file mode 100644 index 00000000000..34ba55445ed --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37491.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37491", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.260", + "lastModified": "2025-01-02T12:15:21.260", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Rife Free allows Cross Site Request Forgery.This issue affects Rife Free: from n/a through 2.4.18." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/rife-free/vulnerability/wordpress-rife-free-theme-2-4-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-374xx/CVE-2024-37493.json b/CVE-2024/CVE-2024-374xx/CVE-2024-37493.json new file mode 100644 index 00000000000..973154fd9c7 --- /dev/null +++ b/CVE-2024/CVE-2024-374xx/CVE-2024-37493.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37493", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.390", + "lastModified": "2025-01-02T12:15:21.390", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in SKT Themes Posterity allows Cross Site Request Forgery.This issue affects Posterity: from n/a through 3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/posterity/vulnerability/wordpress-posterity-theme-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37503.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37503.json new file mode 100644 index 00000000000..a662d86c1ab --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37503.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37503", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.517", + "lastModified": "2025-01-02T12:15:21.517", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Lawyer Landing Page allows Cross Site Request Forgery.This issue affects Lawyer Landing Page: from n/a through 1.2.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/lawyer-landing-page/vulnerability/wordpress-lawyer-landing-page-theme-1-2-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37508.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37508.json new file mode 100644 index 00000000000..b3a6595556d --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37508.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37508", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.650", + "lastModified": "2025-01-02T12:15:21.650", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Construction Landing Page allows Cross Site Request Forgery.This issue affects Construction Landing Page: from n/a through 1.3.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/construction-landing-page/vulnerability/wordpress-construction-landing-page-theme-1-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37511.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37511.json new file mode 100644 index 00000000000..1541d7a07f0 --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37511.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37511", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.780", + "lastModified": "2025-01-02T12:15:21.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in SWTE Swift Performance Lite allows Cross Site Request Forgery.This issue affects Swift Performance Lite: from n/a through 2.3.6.20." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/swift-performance-lite/vulnerability/wordpress-swift-performance-lite-plugin-2-3-6-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37518.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37518.json new file mode 100644 index 00000000000..6acb6c40647 --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37518.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37518", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:21.910", + "lastModified": "2025-01-02T12:15:21.910", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar The Events Calendar allows Cross Site Request Forgery.This issue affects The Events Calendar: from n/a through 6.5.1.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/the-events-calendar/vulnerability/wordpress-the-events-calendar-plugin-6-5-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37540.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37540.json new file mode 100644 index 00000000000..85a0afa6799 --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37540.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37540", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.040", + "lastModified": "2025-01-02T12:15:22.040", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Leaky Paywall Leaky Paywall allows Cross Site Request Forgery.This issue affects Leaky Paywall: from n/a through 4.21.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/leaky-paywall/vulnerability/wordpress-leaky-paywall-plugin-4-21-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-375xx/CVE-2024-37543.json b/CVE-2024/CVE-2024-375xx/CVE-2024-37543.json new file mode 100644 index 00000000000..a62e477dbbb --- /dev/null +++ b/CVE-2024/CVE-2024-375xx/CVE-2024-37543.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37543", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.170", + "lastModified": "2025-01-02T12:15:22.170", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Nitesh Singh Ultimate Auction allows Cross Site Request Forgery.This issue affects Ultimate Auction : from n/a through 4.2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ultimate-auction/vulnerability/wordpress-ultimate-auction-plugin-4-2-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-379xx/CVE-2024-37937.json b/CVE-2024/CVE-2024-379xx/CVE-2024-37937.json new file mode 100644 index 00000000000..f1ca7bf623d --- /dev/null +++ b/CVE-2024/CVE-2024-379xx/CVE-2024-37937.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-37937", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.297", + "lastModified": "2025-01-02T12:15:22.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Rara Business allows Cross Site Request Forgery.This issue affects Rara Business: from n/a through 1.2.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/rara-business/vulnerability/wordpress-rara-business-theme-1-2-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-386xx/CVE-2024-38691.json b/CVE-2024/CVE-2024-386xx/CVE-2024-38691.json new file mode 100644 index 00000000000..a5e0f5c9b8d --- /dev/null +++ b/CVE-2024/CVE-2024-386xx/CVE-2024-38691.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38691", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.423", + "lastModified": "2025-01-02T12:15:22.423", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Metorik Metorik \u2013 Reports & Email Automation for WooCommerce allows Cross Site Request Forgery.This issue affects Metorik \u2013 Reports & Email Automation for WooCommerce: from n/a through 1.7.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/metorik-helper/vulnerability/wordpress-metorik-plugin-1-7-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38729.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38729.json new file mode 100644 index 00000000000..beb50c128b9 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38729.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38729", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.553", + "lastModified": "2025-01-02T12:15:22.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in MBE Worldwide S.p.A. MBE eShip allows Cross Site Request Forgery.This issue affects MBE eShip: from n/a through 2.1.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mail-boxes-etc/vulnerability/wordpress-mbe-eship-plugin-2-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38751.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38751.json new file mode 100644 index 00000000000..003b42f65ab --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38751.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38751", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.680", + "lastModified": "2025-01-02T12:15:22.680", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Google Adsense & Banner Ads by AdsforWP allows Cross Site Request Forgery.This issue affects Google Adsense & Banner Ads by AdsforWP: from n/a through 1.9.28." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ads-for-wp/vulnerability/wordpress-adsforwp-plugin-1-9-28-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38753.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38753.json new file mode 100644 index 00000000000..7a019d38b94 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38753.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38753", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.813", + "lastModified": "2025-01-02T12:15:22.813", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Animated Rotating Words allows Cross Site Request Forgery.This issue affects Animated Rotating Words: from n/a through 5.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/css3-rotating-words/vulnerability/wordpress-animated-rotating-words-plugin-5-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38754.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38754.json new file mode 100644 index 00000000000..faf21dcc180 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38754.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38754", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:22.943", + "lastModified": "2025-01-02T12:15:22.943", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Tagbox Taggbox allows Cross Site Request Forgery.This issue affects Taggbox: from n/a through 3.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/taggbox-widget/vulnerability/wordpress-tagbox-plugin-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38762.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38762.json new file mode 100644 index 00000000000..fe49c1ea122 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38762.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38762", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.073", + "lastModified": "2025-01-02T12:15:23.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar Event Tickets allows Cross Site Request Forgery.This issue affects Event Tickets: from n/a through 5.11.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/event-tickets/vulnerability/wordpress-event-tickets-and-registration-plugin-5-11-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38763.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38763.json new file mode 100644 index 00000000000..233d3aac069 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38763.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38763", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.207", + "lastModified": "2025-01-02T12:15:23.207", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP Popularis Verse allows Cross Site Request Forgery.This issue affects Popularis Verse: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/popularis-verse/vulnerability/wordpress-popularis-verse-theme-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38765.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38765.json new file mode 100644 index 00000000000..9f1b7b04bed --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38765.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38765", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.337", + "lastModified": "2025-01-02T12:15:23.337", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Freelancelot Oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through 1.0.48." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/oceanic/vulnerability/wordpress-oceanic-theme-1-0-48-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38766.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38766.json new file mode 100644 index 00000000000..eae1b01b917 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38766.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38766", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.487", + "lastModified": "2025-01-02T12:15:23.487", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Matomo Matomo Analytics allows Cross Site Request Forgery.This issue affects Matomo Analytics: from n/a through 5.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/matomo/vulnerability/wordpress-matomo-analytics-plugin-5-1-0-cross-site-request-forgery-csrf-leading-to-notice-dismissal-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38789.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38789.json new file mode 100644 index 00000000000..c635d0aa28b --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38789.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38789", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.633", + "lastModified": "2025-01-02T12:15:23.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Telegram Bot & Channel allows Cross Site Request Forgery.This issue affects Telegram Bot & Channel: from n/a through 3.8.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/telegram-bot/vulnerability/wordpress-telegram-bot-channel-plugin-3-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-387xx/CVE-2024-38790.json b/CVE-2024/CVE-2024-387xx/CVE-2024-38790.json new file mode 100644 index 00000000000..c99dc3a6c95 --- /dev/null +++ b/CVE-2024/CVE-2024-387xx/CVE-2024-38790.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-38790", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.763", + "lastModified": "2025-01-02T12:15:23.763", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Smartsupp Smartsupp \u2013 live chat, chatbots, AI and lead generation allows Cross Site Request Forgery.This issue affects Smartsupp \u2013 live chat, chatbots, AI and lead generation: from n/a through 3.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/smartsupp-live-chat/vulnerability/wordpress-smartsupp-plugin-3-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-439xx/CVE-2024-43927.json b/CVE-2024/CVE-2024-439xx/CVE-2024-43927.json new file mode 100644 index 00000000000..2723cbefb3f --- /dev/null +++ b/CVE-2024/CVE-2024-439xx/CVE-2024-43927.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-43927", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:23.887", + "lastModified": "2025-01-02T12:15:23.887", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Till Kr\u00fcss Email Address Encoder allows Cross Site Request Forgery.This issue affects Email Address Encoder: from n/a through 1.0.23." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/email-address-encoder/vulnerability/wordpress-email-address-encoder-plugin-1-0-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56018.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56018.json new file mode 100644 index 00000000000..25ac9e00634 --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56018.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56018", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.023", + "lastModified": "2025-01-02T12:15:24.023", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Boston University (IS&T) BU Section Editing allows Reflected XSS.This issue affects BU Section Editing: from n/a through 0.9.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/bu-section-editing/vulnerability/wordpress-bu-section-editing-plugin-0-9-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56022.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56022.json new file mode 100644 index 00000000000..ac2873fd211 --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56022.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56022", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.157", + "lastModified": "2025-01-02T12:15:24.157", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress Monsters Preloader by WordPress Monsters allows Reflected XSS.This issue affects Preloader by WordPress Monsters: from n/a through 1.2.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/preloader-sws/vulnerability/wordpress-preloader-by-wordpress-monsters-plugin-1-2-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56023.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56023.json new file mode 100644 index 00000000000..27d75d4499c --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56023.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56023", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.297", + "lastModified": "2025-01-02T12:15:24.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perfect Solution WP eCommerce Quickpay allows Reflected XSS.This issue affects WP eCommerce Quickpay: from n/a through 1.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-ecommerce-quickpay/vulnerability/wordpress-wp-ecommerce-quickpay-plugin-1-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56024.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56024.json new file mode 100644 index 00000000000..9aff4c2f733 --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56024.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56024", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.433", + "lastModified": "2025-01-02T12:15:24.433", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek Custom Dashboard Widget allows Reflected XSS.This issue affects Custom Dashboard Widget: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/create-custom-dashboard-widget/vulnerability/wordpress-custom-dashboard-widget-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56025.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56025.json new file mode 100644 index 00000000000..d3298a3512f --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56025.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56025", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.570", + "lastModified": "2025-01-02T12:15:24.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AdWorkMedia.com AdWork Media EZ Content Locker allows Reflected XSS.This issue affects AdWork Media EZ Content Locker: from n/a through 3.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/adwork-media-ez-content-locker/vulnerability/wordpress-adwork-media-ez-content-locker-plugin-3-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56026.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56026.json new file mode 100644 index 00000000000..9cb76a4aa84 --- /dev/null +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56026.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56026", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.707", + "lastModified": "2025-01-02T12:15:24.707", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg Priday Simple Proxy allows Reflected XSS.This issue affects Simple Proxy: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/simple-proxy/vulnerability/wordpress-simple-proxy-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-560xx/CVE-2024-56069.json b/CVE-2024/CVE-2024-560xx/CVE-2024-56069.json index 0a0daedfd47..b0e874abbaf 100644 --- a/CVE-2024/CVE-2024-560xx/CVE-2024-56069.json +++ b/CVE-2024/CVE-2024-560xx/CVE-2024-56069.json @@ -9,6 +9,10 @@ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Azzaroco WP SuperBackup allows Reflected XSS.This issue affects WP SuperBackup: from n/a through 2.3.3." + }, + { + "lang": "es", + "value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Azzaroco WP SuperBackup permite XSS reflejado. Este problema afecta a WP SuperBackup: desde n/a hasta 2.3.3." } ], "metrics": { diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56236.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56236.json new file mode 100644 index 00000000000..1bd636670c9 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56236.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56236", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.850", + "lastModified": "2025-01-02T12:15:24.850", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Jakob Bouchard Hestia Nginx Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hestia Nginx Cache: from n/a through 2.4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/hestia-nginx-cache/vulnerability/wordpress-hestia-nginx-cache-plugin-2-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56237.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56237.json new file mode 100644 index 00000000000..a53201112c9 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56237.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56237", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:24.993", + "lastModified": "2025-01-02T12:15:24.993", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Contest Gallery Contest Gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through 24.0.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/contest-gallery/vulnerability/wordpress-contest-gallery-plugin-24-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56238.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56238.json new file mode 100644 index 00000000000..ba9fcb4b8af --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56238.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56238", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.120", + "lastModified": "2025-01-02T12:15:25.120", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in QunatumCloud Floating Action Buttons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Floating Action Buttons: from n/a through 0.9.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/floating-action-buttons/vulnerability/wordpress-floating-action-buttons-plugin-0-9-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56239.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56239.json new file mode 100644 index 00000000000..bdd62901335 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56239.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56239", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.250", + "lastModified": "2025-01-02T12:15:25.250", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Themify Audio Dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through 2.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/themify-audio-dock/vulnerability/wordpress-themify-audio-dock-plugin-2-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56240.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56240.json new file mode 100644 index 00000000000..928dd306d9c --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56240.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56240", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.380", + "lastModified": "2025-01-02T12:15:25.380", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pronamic Pronamic Google Maps allows Stored XSS.This issue affects Pronamic Google Maps: from n/a through 2.3.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/pronamic-google-maps/vulnerability/wordpress-pronamic-google-maps-plugin-2-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56241.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56241.json new file mode 100644 index 00000000000..de671854e9d --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56241.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56241", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.510", + "lastModified": "2025-01-02T12:15:25.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through 3.1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpkoi-templates-for-elementor/vulnerability/wordpress-wpkoi-templates-for-elementor-plugin-3-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56242.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56242.json new file mode 100644 index 00000000000..4ce8ba0a9e8 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56242.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56242", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.640", + "lastModified": "2025-01-02T12:15:25.640", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tyche Softwares Arconix Shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through 2.1.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/arconix-shortcodes/vulnerability/wordpress-arconix-shortcodes-plugin-2-1-14-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56243.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56243.json new file mode 100644 index 00000000000..d4cef1c0a68 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56243.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56243", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.773", + "lastModified": "2025-01-02T12:15:25.773", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in JS Morisset WPSSO Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through 18.18.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpsso/vulnerability/wordpress-wpsso-core-plugin-18-18-1-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56244.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56244.json new file mode 100644 index 00000000000..68bf2e21e11 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56244.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56244", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:25.900", + "lastModified": "2025-01-02T12:15:25.900", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.92." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ashe-extra/vulnerability/wordpress-ashe-extra-plugin-1-2-92-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56245.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56245.json new file mode 100644 index 00000000000..f23fde50aed --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56245.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56245", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.033", + "lastModified": "2025-01-02T12:15:26.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Blocks \u2013 Gutenberg Blocks for WordPress allows Stored XSS.This issue affects Premium Blocks \u2013 Gutenberg Blocks for WordPress: from n/a through 2.1.42." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/premium-blocks-for-gutenberg/vulnerability/wordpress-premium-blocks-plugin-2-1-42-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56246.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56246.json new file mode 100644 index 00000000000..d830ac3d3b0 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56246.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56246", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.167", + "lastModified": "2025-01-02T12:15:26.167", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through 4.0.4." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/the-plus-addons-for-block-editor/vulnerability/wordpress-nexter-blocks-plugin-4-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56247.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56247.json new file mode 100644 index 00000000000..60dc67060f2 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56247.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56247", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.293", + "lastModified": "2025-01-02T12:15:26.293", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author allows SQL Injection.This issue affects WP Post Author: from n/a through 3.8.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-post-author/vulnerability/wordpress-wp-post-author-plugin-3-8-2-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56248.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56248.json new file mode 100644 index 00000000000..06d1d439164 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56248.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56248", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.433", + "lastModified": "2025-01-02T12:15:26.433", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Webdeclic WPMasterToolKit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through 1.13.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpmastertoolkit/vulnerability/wordpress-wpmastertoolkit-plugin-1-13-1-arbitrary-file-download-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56249.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56249.json new file mode 100644 index 00000000000..d6088549e2b --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56249.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56249", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.573", + "lastModified": "2025-01-02T12:15:26.573", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through 1.13.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpmastertoolkit/vulnerability/wordpress-wpmastertoolkit-plugin-1-13-1-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56250.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56250.json new file mode 100644 index 00000000000..190746d898d --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56250.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56250", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.703", + "lastModified": "2025-01-02T12:15:26.703", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GregRoss Just Writing Statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through 4.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/just-writing-statistics/vulnerability/wordpress-just-writing-statistics-plugin-4-7-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56251.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56251.json new file mode 100644 index 00000000000..baa0fed0222 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56251.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56251", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.840", + "lastModified": "2025-01-02T12:15:26.840", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf allows Cross Site Request Forgery.This issue affects Event Espresso 4 Decaf: from n/a through 5.0.28.decaf." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/event-espresso-decaf/vulnerability/wordpress-event-espresso-plugin-5-0-28-decaf-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56252.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56252.json new file mode 100644 index 00000000000..4e26a2e826d --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56252.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56252", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:26.973", + "lastModified": "2025-01-02T12:15:26.973", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeLooks Enter Addons allows Stored XSS.This issue affects Enter Addons: from n/a through 2.1.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/enteraddons/vulnerability/wordpress-enter-addons-plugin-2-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56253.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56253.json new file mode 100644 index 00000000000..1b316a2ddd1 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56253.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56253", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.110", + "lastModified": "2025-01-02T12:15:27.110", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in supsystic.com Data Tables Generator by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Data Tables Generator by Supsystic: from n/a through 1.10.36." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/data-tables-generator-by-supsystic/vulnerability/wordpress-data-tables-generator-by-supsystic-plugin-1-10-36-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56254.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56254.json new file mode 100644 index 00000000000..9760e511582 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56254.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56254", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.247", + "lastModified": "2025-01-02T12:15:27.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/move-addons/vulnerability/wordpress-move-addons-for-elementor-plugin-1-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56255.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56255.json new file mode 100644 index 00000000000..37d0f3bf173 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56255.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56255", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.373", + "lastModified": "2025-01-02T12:15:27.373", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in AyeCode AyeCode Connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through 1.3.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ayecode-connect/vulnerability/wordpress-ayecode-connect-plugin-1-3-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56258.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56258.json new file mode 100644 index 00000000000..aa3652472e6 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56258.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56258", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.510", + "lastModified": "2025-01-02T12:15:27.510", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBlockArt Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through 1.3.20." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/magazine-blocks/vulnerability/wordpress-magazine-blocks-plugin-1-3-20-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56259.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56259.json new file mode 100644 index 00000000000..8eda738264b --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56259.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56259", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.647", + "lastModified": "2025-01-02T12:15:27.647", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AyeCode - WP Business Directory Plugins GeoDirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through 2.3.84." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/geodirectory/vulnerability/wordpress-geodirectory-plugin-2-3-84-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56260.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56260.json new file mode 100644 index 00000000000..6b9e0f3b458 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56260.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56260", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.780", + "lastModified": "2025-01-02T12:15:27.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StorePlugin ShopElement allows Stored XSS.This issue affects ShopElement: from n/a through 2.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/shopelement/vulnerability/wordpress-shopelement-plugin-2-0-0-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56261.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56261.json new file mode 100644 index 00000000000..3d96e7035cf --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56261.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56261", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:27.920", + "lastModified": "2025-01-02T12:15:27.920", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins Project Showcase allows Stored XSS.This issue affects Project Showcase: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/gs-projects/vulnerability/wordpress-project-showcase-plugin-1-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56262.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56262.json new file mode 100644 index 00000000000..993c63af9e7 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56262.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56262", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:28.053", + "lastModified": "2025-01-02T12:15:28.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Coaches allows Stored XSS.This issue affects GS Coaches: from n/a through 1.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/gs-coach/vulnerability/wordpress-gs-coaches-plugin-1-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56263.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56263.json new file mode 100644 index 00000000000..820a29d1e03 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56263.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56263", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:28.193", + "lastModified": "2025-01-02T12:15:28.193", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Shots for Dribbble allows DOM-Based XSS.This issue affects GS Shots for Dribbble: from n/a through 1.2.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/gs-dribbble-portfolio/vulnerability/wordpress-gs-shots-for-dribbble-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56264.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56264.json new file mode 100644 index 00000000000..24bd86b4b9b --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56264.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56264", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:28.327", + "lastModified": "2025-01-02T12:15:28.327", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Beee ACF City Selector allows Upload a Web Shell to a Web Server.This issue affects ACF City Selector: from n/a through 1.14.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/acf-city-selector/vulnerability/wordpress-acf-city-selector-plugin-1-14-0-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56266.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56266.json new file mode 100644 index 00000000000..34225037283 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56266.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56266", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:28.480", + "lastModified": "2025-01-02T12:15:28.480", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mp3-music-player-by-sonaar/vulnerability/wordpress-mp3-audio-player-plugin-5-8-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-562xx/CVE-2024-56267.json b/CVE-2024/CVE-2024-562xx/CVE-2024-56267.json new file mode 100644 index 00000000000..7a2aaade8b6 --- /dev/null +++ b/CVE-2024/CVE-2024-562xx/CVE-2024-56267.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56267", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:28.617", + "lastModified": "2025-01-02T12:15:28.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fla-shop.com Interactive UK Map allows Stored XSS.This issue affects Interactive UK Map: from n/a through 3.4.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/interactive-uk-map/vulnerability/wordpress-interactive-uk-map-plugin-3-4-8-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-563xx/CVE-2024-56302.json b/CVE-2024/CVE-2024-563xx/CVE-2024-56302.json new file mode 100644 index 00000000000..94fd0763f27 --- /dev/null +++ b/CVE-2024/CVE-2024-563xx/CVE-2024-56302.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2024-56302", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-01-02T12:15:28.753", + "lastModified": "2025-01-02T12:15:28.753", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ConvertCalculator ConvertCalculator for WordPress allows Stored XSS.This issue affects ConvertCalculator for WordPress: from n/a through 1.1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/convertcalculator/vulnerability/wordpress-convertcalculator-for-wordpress-plugin-1-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 605bb78533f..f7200c211af 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-01-02T11:00:19.750896+00:00 +2025-01-02T13:00:20.303428+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-01-02T10:15:08.783000+00:00 +2025-01-02T12:15:28.753000+00:00 ``` ### Last Data Feed Release @@ -33,40 +33,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -275413 +275565 ``` ### CVEs added in the last Commit -Recently added CVEs: `20` +Recently added CVEs: `152` -- [CVE-2024-12912](CVE-2024/CVE-2024-129xx/CVE-2024-12912.json) (`2025-01-02T09:15:17.470`) -- [CVE-2024-13062](CVE-2024/CVE-2024-130xx/CVE-2024-13062.json) (`2025-01-02T10:15:06.153`) -- [CVE-2024-13092](CVE-2024/CVE-2024-130xx/CVE-2024-13092.json) (`2025-01-02T09:15:17.790`) -- [CVE-2024-13093](CVE-2024/CVE-2024-130xx/CVE-2024-13093.json) (`2025-01-02T09:15:18.047`) -- [CVE-2024-13102](CVE-2024/CVE-2024-131xx/CVE-2024-13102.json) (`2025-01-02T10:15:06.427`) -- [CVE-2024-13103](CVE-2024/CVE-2024-131xx/CVE-2024-13103.json) (`2025-01-02T10:15:06.690`) -- [CVE-2024-56019](CVE-2024/CVE-2024-560xx/CVE-2024-56019.json) (`2025-01-02T10:15:06.883`) -- [CVE-2024-56027](CVE-2024/CVE-2024-560xx/CVE-2024-56027.json) (`2025-01-02T10:15:07.060`) -- [CVE-2024-56028](CVE-2024/CVE-2024-560xx/CVE-2024-56028.json) (`2025-01-02T10:15:07.240`) -- [CVE-2024-56029](CVE-2024/CVE-2024-560xx/CVE-2024-56029.json) (`2025-01-02T10:15:07.390`) -- [CVE-2024-56030](CVE-2024/CVE-2024-560xx/CVE-2024-56030.json) (`2025-01-02T10:15:07.523`) -- [CVE-2024-56032](CVE-2024/CVE-2024-560xx/CVE-2024-56032.json) (`2025-01-02T10:15:07.663`) -- [CVE-2024-56033](CVE-2024/CVE-2024-560xx/CVE-2024-56033.json) (`2025-01-02T10:15:07.803`) -- [CVE-2024-56034](CVE-2024/CVE-2024-560xx/CVE-2024-56034.json) (`2025-01-02T10:15:07.947`) -- [CVE-2024-56035](CVE-2024/CVE-2024-560xx/CVE-2024-56035.json) (`2025-01-02T10:15:08.080`) -- [CVE-2024-56036](CVE-2024/CVE-2024-560xx/CVE-2024-56036.json) (`2025-01-02T10:15:08.220`) -- [CVE-2024-56037](CVE-2024/CVE-2024-560xx/CVE-2024-56037.json) (`2025-01-02T10:15:08.350`) -- [CVE-2024-56038](CVE-2024/CVE-2024-560xx/CVE-2024-56038.json) (`2025-01-02T10:15:08.497`) -- [CVE-2024-56060](CVE-2024/CVE-2024-560xx/CVE-2024-56060.json) (`2025-01-02T10:15:08.643`) -- [CVE-2024-56069](CVE-2024/CVE-2024-560xx/CVE-2024-56069.json) (`2025-01-02T10:15:08.783`) +- [CVE-2024-56241](CVE-2024/CVE-2024-562xx/CVE-2024-56241.json) (`2025-01-02T12:15:25.510`) +- [CVE-2024-56242](CVE-2024/CVE-2024-562xx/CVE-2024-56242.json) (`2025-01-02T12:15:25.640`) +- [CVE-2024-56243](CVE-2024/CVE-2024-562xx/CVE-2024-56243.json) (`2025-01-02T12:15:25.773`) +- [CVE-2024-56244](CVE-2024/CVE-2024-562xx/CVE-2024-56244.json) (`2025-01-02T12:15:25.900`) +- [CVE-2024-56245](CVE-2024/CVE-2024-562xx/CVE-2024-56245.json) (`2025-01-02T12:15:26.033`) +- [CVE-2024-56246](CVE-2024/CVE-2024-562xx/CVE-2024-56246.json) (`2025-01-02T12:15:26.167`) +- [CVE-2024-56247](CVE-2024/CVE-2024-562xx/CVE-2024-56247.json) (`2025-01-02T12:15:26.293`) +- [CVE-2024-56248](CVE-2024/CVE-2024-562xx/CVE-2024-56248.json) (`2025-01-02T12:15:26.433`) +- [CVE-2024-56249](CVE-2024/CVE-2024-562xx/CVE-2024-56249.json) (`2025-01-02T12:15:26.573`) +- [CVE-2024-56250](CVE-2024/CVE-2024-562xx/CVE-2024-56250.json) (`2025-01-02T12:15:26.703`) +- [CVE-2024-56251](CVE-2024/CVE-2024-562xx/CVE-2024-56251.json) (`2025-01-02T12:15:26.840`) +- [CVE-2024-56252](CVE-2024/CVE-2024-562xx/CVE-2024-56252.json) (`2025-01-02T12:15:26.973`) +- [CVE-2024-56253](CVE-2024/CVE-2024-562xx/CVE-2024-56253.json) (`2025-01-02T12:15:27.110`) +- [CVE-2024-56254](CVE-2024/CVE-2024-562xx/CVE-2024-56254.json) (`2025-01-02T12:15:27.247`) +- [CVE-2024-56255](CVE-2024/CVE-2024-562xx/CVE-2024-56255.json) (`2025-01-02T12:15:27.373`) +- [CVE-2024-56258](CVE-2024/CVE-2024-562xx/CVE-2024-56258.json) (`2025-01-02T12:15:27.510`) +- [CVE-2024-56259](CVE-2024/CVE-2024-562xx/CVE-2024-56259.json) (`2025-01-02T12:15:27.647`) +- [CVE-2024-56260](CVE-2024/CVE-2024-562xx/CVE-2024-56260.json) (`2025-01-02T12:15:27.780`) +- [CVE-2024-56261](CVE-2024/CVE-2024-562xx/CVE-2024-56261.json) (`2025-01-02T12:15:27.920`) +- [CVE-2024-56262](CVE-2024/CVE-2024-562xx/CVE-2024-56262.json) (`2025-01-02T12:15:28.053`) +- [CVE-2024-56263](CVE-2024/CVE-2024-562xx/CVE-2024-56263.json) (`2025-01-02T12:15:28.193`) +- [CVE-2024-56264](CVE-2024/CVE-2024-562xx/CVE-2024-56264.json) (`2025-01-02T12:15:28.327`) +- [CVE-2024-56266](CVE-2024/CVE-2024-562xx/CVE-2024-56266.json) (`2025-01-02T12:15:28.480`) +- [CVE-2024-56267](CVE-2024/CVE-2024-562xx/CVE-2024-56267.json) (`2025-01-02T12:15:28.617`) +- [CVE-2024-56302](CVE-2024/CVE-2024-563xx/CVE-2024-56302.json) (`2025-01-02T12:15:28.753`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2024-12595](CVE-2024/CVE-2024-125xx/CVE-2024-12595.json) (`2025-01-02T06:15:07.983`) +- [CVE-2024-56069](CVE-2024/CVE-2024-560xx/CVE-2024-56069.json) (`2025-01-02T10:15:08.783`) ## Download and Usage diff --git a/_state.csv b/_state.csv index d297da9902f..b33cbc2872c 100644 --- a/_state.csv +++ b/_state.csv @@ -234147,6 +234147,7 @@ CVE-2023-44254,0,0,475ef6ce457d30d091835ffaf71dd3aad018d0e54862a597c59869af0501a CVE-2023-44255,0,0,7fdcb3d3de35862cfec3d92f0ef2423e8b11fe79c792f372bb9fd7b3037b5267,2024-11-13T17:01:16.850000 CVE-2023-44256,0,0,e10f4305e62a4a76d73f69a54ab165b287870937a6bf5c86952e332366741db4,2024-11-21T08:25:31.910000 CVE-2023-44257,0,0,17e774c297b8ffbfc8fd6f5419c407c46c026eea2c723e8720dca22698aa3dc5,2024-11-21T08:25:32.047000 +CVE-2023-44258,1,1,6897cc84c7d6c24ffff4147a9812e65366d50155c88e7fbd3c9916b97c954299,2025-01-02T12:15:07.020000 CVE-2023-44259,0,0,107106cf27957fcbcdb0b6d581eccb8e60860af940707b0dffba5094bc488457,2024-11-21T08:25:32.177000 CVE-2023-4426,0,0,85d811740d556991ed843f74b070aad047f8fd173cdeac771e3fb7801d5144fc,2024-03-19T17:15:09.197000 CVE-2023-44260,0,0,956359ba5648c0b416c257454f101fdb85f6ccf505807cef9b5d691e3d6e2b5a,2024-11-21T08:25:32.320000 @@ -234482,6 +234483,7 @@ CVE-2023-44984,0,0,a36f916c005713c56aa27371fa6fb87c965646d9965f7652c4ca1da4239d5 CVE-2023-44985,0,0,fb7349a06e003d1a374cdf9f0266f7b885b58762dfeb985543aa713a7873cd62,2024-11-21T08:26:10.917000 CVE-2023-44986,0,0,54dc86299ae22cf69ad3c4a76edebaccf8354864a265299b84d37e8172fc6639,2024-11-21T08:26:11.040000 CVE-2023-44987,0,0,3010462704420d1d7a3054d8b3436bbfae0f54809d9e0aa2ee01bee53fde3efa,2024-11-21T08:26:11.170000 +CVE-2023-44988,1,1,8ff90b9c6315f1386073fa65175b8610dd026b49ba0b6ca9c09e2a5499e7af68,2025-01-02T12:15:08.073000 CVE-2023-44989,0,0,554ba5b6f645ec92df34f639273ef5f4fbc66c826d890bc66b81a333d18c13c9,2024-11-21T08:26:11.300000 CVE-2023-4499,0,0,d5e75e625539ca963d5a405884c2300e35ecb2111b3261d2c0032495be337c04,2024-11-21T08:35:17.763000 CVE-2023-44990,0,0,cf4b36fd873dba1d37ce5a582dbf7bcbff71e51e76cad48c9dd7c6cdac64c602,2024-11-21T08:26:11.430000 @@ -234496,6 +234498,7 @@ CVE-2023-44999,0,0,444952b9efd04a83fadbe72fa090e1791590098ccae3a889bb1d8154d7d29 CVE-2023-4500,0,0,e4e876677a323f721a42330b69404f9a5cdfbe31eb40b4ecc2dba9c49b3187ea,2024-11-21T08:35:17.893000 CVE-2023-45000,0,0,7a09e7624ca8028ff80f7c032e535fc64ad47c04054da47f50e27aee9fe404ee,2024-11-21T08:26:12.577000 CVE-2023-45001,0,0,98537898ba3424c877ebf2faa54c0135532a4d94495084e2ad604b6c259509d9,2024-11-21T08:26:12.707000 +CVE-2023-45002,1,1,ab5234752c9a0b38f10c81de67bfb7c30a4b1f927736744cb68627e7339dbe7a,2025-01-02T12:15:08.213000 CVE-2023-45003,0,0,54c4416fd646a73fb4862704ea1b8aa5b14ca76f6e6a2edddd3ef1a10193f8ae,2024-11-21T08:26:12.900000 CVE-2023-45004,0,0,476cccdef0dad54327113e351c831c01a39a4d1c6a8e52e2f6148a8bb319f0ac,2024-11-21T08:26:13.037000 CVE-2023-45005,0,0,3ee9d009d41ad131648c915ca4619dd737626e7e94816f68144d80d7f30e636b,2024-11-21T08:26:13.170000 @@ -234532,6 +234535,7 @@ CVE-2023-45041,0,0,9521c67f97b2759b39324f4b8a801a2dd4ca6541724b320f5b39cc10c4f5a CVE-2023-45042,0,0,6715eca42870ad76478c242b769a1c28ec11a08b55d77ea10a648cd605c16eef,2024-11-21T08:26:16.320000 CVE-2023-45043,0,0,e3972cdae6c482bae6bef8ee89b7e68b7bcc91477652b621697d40248d099005,2024-11-21T08:26:16.447000 CVE-2023-45044,0,0,06723c1a8dd02827cf0e82060184ceb35affd0538e33775bbf5f82a0c957a8bd,2024-11-21T08:26:16.563000 +CVE-2023-45045,1,1,938c34ced77fd5c3b849c480dcc84bb963652e57eecfc13ae68853c983064288,2025-01-02T12:15:08.363000 CVE-2023-45046,0,0,2657fab5d6ee46db9f817a392b479fd0ff732f3263eb6febdd6baaae83d14dbd,2024-11-21T08:26:16.690000 CVE-2023-45047,0,0,dc081ae88aba81cba18954c9fcd170003297d9bc6cfb2e37eba572f377ad74d6,2024-11-21T08:26:16.867000 CVE-2023-45048,0,0,bd017fe3f81f56f139d7e4e2d6889fee5fea8fc29005650fd4f34516e508da02,2024-11-21T08:26:17.013000 @@ -234549,6 +234553,7 @@ CVE-2023-45058,0,0,344c5792a766e2c6989c6de75d37b140f02dbfb8582e685b348f24483d9dc CVE-2023-45059,0,0,6ac225e9424da9d15406f7a1e38a0e0c5b9afcf3734fad7bedbce557546032ae,2024-11-21T08:26:18.440000 CVE-2023-4506,0,0,c2ad3a9525b8de4f564a0701673a61519bbe5d98062c5934003143fcec65c91f,2024-11-21T08:35:18.857000 CVE-2023-45060,0,0,31967b3500bcfbc9d925b1caa63587798e662f05842290dcec3e0a4e2278ee0d,2024-11-21T08:26:18.577000 +CVE-2023-45061,1,1,9b0dcd53ff1c612eccfd2c465358f3e1e9a5c8816feed88a7f8806f74cd04024,2025-01-02T12:15:08.507000 CVE-2023-45062,0,0,3056c4c71094d54847d17bcf1b6fb56fab071c525bffc1e1e62f64c7f5fec3ad,2024-11-21T08:26:18.717000 CVE-2023-45063,0,0,663d223734582ba7eb36b9085626de23837ffe629008d78e62b5fb9ca19bf6b9,2024-11-21T08:26:18.853000 CVE-2023-45064,0,0,0f7ab3f96d09bdde483d573a1ff1ea0d5e2bfcffa16ff55a1ef4c25148a86f23,2024-11-21T08:26:18.983000 @@ -234573,14 +234578,17 @@ CVE-2023-45083,0,0,3743538578c2e9a7b3cf417e490ee04603f9bf5a4fa95a25f5e9054707035 CVE-2023-45084,0,0,e140cc27d5c28d76849fecef9ad885e226819fcb74c7da18eb83c35c56bcac1e,2024-11-21T08:26:21.520000 CVE-2023-45085,0,0,cb82bc80bf471263d5f40a4a24295728702a1b98bd6772e81c80d200fe1526ba,2024-11-21T08:26:21.640000 CVE-2023-4509,0,0,82ba7df9df3ea867e50ef7feaa86f720928a6ba1cee4976a94918091292e789c,2024-11-21T08:35:19.260000 +CVE-2023-45101,1,1,c44d2de73646057932268aba96fe4eba519104b32fe29f6b6d5b3aa087672929,2025-01-02T12:15:08.650000 CVE-2023-45102,0,0,8dfb431d08e4bb6547ac932a1cd7a69df7e786aae8df335276cb697f9eac6d6e,2024-11-21T08:26:21.757000 CVE-2023-45103,0,0,e13888dfbd39792b0beee4852b93eda208a746c1f407d0bd3d6d9dab70a7a0ca,2024-11-21T08:26:21.887000 +CVE-2023-45104,1,1,a5c895a1ceec99127e1a87bcfc177593dc5dc70bae41d0d21ea8f18e397f96f7,2025-01-02T12:15:08.790000 CVE-2023-45105,0,0,f07988c83c6288eb26b95303e5b84136394595ee3fda32af482d0e999fc15bdd,2024-11-21T08:26:22.020000 CVE-2023-45106,0,0,887c38b06c9e84b501bbb6c0983cff5ea2bd2de24979034968ab736ba2dbc729,2024-11-21T08:26:22.153000 CVE-2023-45107,0,0,ad33f52b6d380908b7ebc56d47802ac38fff2ea580c38640e777add4e6066703,2024-11-21T08:26:22.280000 CVE-2023-45108,0,0,250653695c8f30f5217b1b6f7513d2949be73f08311959c223fbd69edb6b1f5e,2024-11-21T08:26:22.417000 CVE-2023-45109,0,0,125c853fd23b8fc5e8097f1247e8841919f4ba6838bdbe89f766b542c74f5526,2024-11-21T08:26:22.530000 CVE-2023-4511,0,0,2cc7523262f0cd0526f7468a595cea3ee9b38944601b3b447150535966efe223,2024-11-21T08:35:19.390000 +CVE-2023-45110,1,1,dff082be99156760d68019572bb91810305fb4030f15b531cb3650a4777fc725,2025-01-02T12:15:08.940000 CVE-2023-45111,0,0,dabf78c2895ad90380f6ec937607f05b92f7f758b3e997269c722917f1bd94a2,2024-11-21T08:26:22.657000 CVE-2023-45112,0,0,49bde636916cd1ee29a0731cfa4c99b92b301a1f930adc5f1e3cec0becafc716,2024-01-02T20:15:09.040000 CVE-2023-45113,0,0,950e6fcbe60da381702704a6ce4e4e2ab402467f5d96d4ab4a3924f95436f9da,2024-01-02T20:15:09.137000 @@ -234725,8 +234733,10 @@ CVE-2023-45268,0,0,05177482f5b68af05ad227dd88a3054b588ea3ee5f1056351918dacd5cb04 CVE-2023-45269,0,0,df30a628c2355b826a0763802258a5717003353b30d77a1d50a39de3f073d7be,2024-11-21T08:26:39.760000 CVE-2023-4527,0,0,943afa930acf035675be7abef1ad8853061357478138f6af4a913f2370031464,2024-11-21T08:35:21.017000 CVE-2023-45270,0,0,69d74393fbe2c6d6f764fac8b38d4261442e7ff349a1e5cd07739334d44fa0ca,2024-11-21T08:26:39.900000 +CVE-2023-45271,1,1,15d6c798434208028877090893f0413819c117a152f38c0a0620bb2787e9a8cb,2025-01-02T12:15:09.087000 CVE-2023-45273,0,0,880597879d86c39cfc7345a16e74549f291701eac300d25ab5053f72e06e8841,2024-11-21T08:26:40.033000 CVE-2023-45274,0,0,eaccf5088e491ebf40d3565e1cee1a9b753d3967d51ec070419a6f3208b48de9,2024-11-21T08:26:40.177000 +CVE-2023-45275,1,1,1a63d5429dd94c0adb57695315276f3ede5e76d26221302dd1e477afab0f8e2f,2025-01-02T12:15:09.253000 CVE-2023-45276,0,0,0849a7b8051dcc0c7c3bad6f1349ec1c81bc8cee1fae8cbbed375a224ba0d1ea,2024-11-21T08:26:40.330000 CVE-2023-45277,0,0,8a6021e0848ec5458c689344cbe56e04db686b88e0ea6c794bd47b5d71ea6933,2024-11-21T08:26:40.473000 CVE-2023-45278,0,0,cf99420fb8b0fefe0aa3db3239eb5ed08c90b60635ea3c761caa68573a5927b0,2024-11-21T08:26:40.630000 @@ -234938,9 +234948,11 @@ CVE-2023-45628,0,0,aa1e54e6874ec123a1f8ba368a7626d01a99646cee99ff92c139a229e4257 CVE-2023-45629,0,0,1d91397b6becb8e48aa8f576bd01279425106b0eb03912c963eb08369dd83969,2024-11-21T08:27:06.010000 CVE-2023-4563,0,0,0730069338f5b5d11e70d9694f23794253d9b20bae7af7d7369c55b6baaf1487,2023-11-07T04:22:45.673000 CVE-2023-45630,0,0,6213caba75dd922263fb0aa72a9c4f1456554d6f1ac1905e861f1468f40e2da9,2024-11-21T08:27:06.133000 +CVE-2023-45631,1,1,9feb485ea9c4e24757958b3ad776d75031cb23cabc8087ebaaa3410d87083fc6,2025-01-02T12:15:09.390000 CVE-2023-45632,0,0,a6298e4f42f2ceed48830766c13efa25f3f777090b30b7d8fa90e7f9e1355061,2024-11-21T08:27:06.263000 CVE-2023-45634,0,0,07cd55b9673d046a884d179dbc0626d8f87f51fb1ef0962b811142a6c11c524c,2024-11-21T08:27:06.400000 CVE-2023-45635,0,0,7d328bc254a6f0b9b9b922def763727e56b12509f217d0f3ed6e5d611b416d78,2024-11-21T08:27:06.523000 +CVE-2023-45636,1,1,4fa63986d10fb1a480439deba239ff6a48c2dab53bf7039085052656e354e24f,2025-01-02T12:15:09.530000 CVE-2023-45637,0,0,e7b5d8cbfaa320388bcace821af6502c5165747451a9ca04b586913c30e4e272,2024-11-21T08:27:06.630000 CVE-2023-45638,0,0,ea0cce487b7d6679d34e2789f9db203a96ffdebc32924bf0bd6d66cd49b58933,2024-11-21T08:27:06.783000 CVE-2023-45639,0,0,3320d4d586dc91e3a086037b4980fc90a6cd3c896be95d6abc5abd6fb0a538e2,2024-11-21T08:27:06.913000 @@ -234954,6 +234966,7 @@ CVE-2023-45645,0,0,621dcfd06a77fdbd0cba0040faad91d3444388d85b9dbf8b1705ed781f328 CVE-2023-45646,0,0,dc454cf88c2e61545f6fc8b7567ccdfd817b86d02e122a68e77279aaf48b3775,2024-11-21T08:27:07.843000 CVE-2023-45647,0,0,007bd6e5968e099b6ba7c028b7b04ff3ca864937c2a48c0c6112a3de13ec9180,2024-11-21T08:27:07.973000 CVE-2023-45648,0,0,95e9eb58636b6bcf11f3c2585e9edcb99db9f2c671b28f34501562a58a321897,2024-11-21T08:27:08.117000 +CVE-2023-45649,1,1,b807d441c7b87d47b145580bd44b2e90b2abddd8b8c1471fe488dfa3ec3b3fe7,2025-01-02T12:15:09.680000 CVE-2023-4565,0,0,eb51da395c5d086ca25cb5ecf97d820bdc0901d0e78788aa4ab2c6134bc354dc,2024-11-21T08:35:26.317000 CVE-2023-45650,0,0,d996a1b0c3f2320234e8eaad903154727d3bc103fd3f1dfec6c79da974386f90,2024-11-21T08:27:08.273000 CVE-2023-45651,0,0,d490c19c00c6827c61f06621c6a0af0562f762a189341cabee9b80d06c2d75b6,2024-11-21T08:27:08.413000 @@ -235049,10 +235062,13 @@ CVE-2023-45757,0,0,86a804504fd15f8999e08e85e8589c6006d3aa04ec05afa9cd1da06b72a51 CVE-2023-45758,0,0,dc41165b980b4d2829072c11a02dba42574db7b8e2a07a558070dea698d4d942,2024-11-21T08:27:19.297000 CVE-2023-45759,0,0,ebf3ebf9525f83c92a38355005f3c4dddcfe65ce1cd8a8de67d1c36a32a50dcf,2024-11-21T08:27:19.420000 CVE-2023-4576,0,0,73e1f9662824c051375a3eab2ba4fbe8f33a6e4b8c3fc573c6c6fdfdf55e142a,2024-11-21T08:35:27.927000 +CVE-2023-45760,1,1,57c6cbd7643317b69490ad8455387c1166cbf93ecf41ff58a9260f71502542ba,2025-01-02T12:15:09.827000 CVE-2023-45761,0,0,1fa8989cf5ad179f18340c17cabc2552240316d3148fec7c224b5f30625a1f25,2024-11-21T08:27:19.553000 CVE-2023-45762,0,0,2935e50308f10674f99f1aff0d3d30d4cb808bd71b5ac09e8acac6a970961b69,2024-11-21T08:27:19.700000 CVE-2023-45763,0,0,35ca2b9a1a42929396424b6b40b3277be18861c2f78068ae8a4315f253c07d92,2024-11-21T08:27:19.853000 CVE-2023-45764,0,0,f73ce73b289eeac0ca971418daab0cb0a02ff7f08fdabf982724ae50bffc7048,2024-11-21T08:27:19.987000 +CVE-2023-45765,1,1,43e39ac5ef00eb67bcb8b79d1ecc77b7dc96b528bb8575b5eac5af296be693e1,2025-01-02T12:15:09.970000 +CVE-2023-45766,1,1,b65c8553124ab92f517d52d0cd1aba8488ce4d42260d20dfdc9e7f8cf77b9382,2025-01-02T12:15:10.113000 CVE-2023-45767,0,0,9639d12d80c4414739ab511654332a0fc3ec223ab6cc04fedabe133e7c0c2a93,2024-11-21T08:27:20.123000 CVE-2023-45768,0,0,7947f3649a07af7232b75c48a8eca483c6fe0a4a430f1b6d3055d33475ff2746,2024-11-21T08:27:20.253000 CVE-2023-45769,0,0,c37c08d5b10562a216fcdcaeb1f5f5929e13712d1a3a38cbd63e3891e546db7a,2024-11-21T08:27:20.390000 @@ -235106,6 +235122,7 @@ CVE-2023-45824,0,0,3d8fd6df4d3c7d931456c63013fc6b84359bc44c0b4788412032c8d18c254 CVE-2023-45825,0,0,cc4f775aec9a77cdb80822f190dfb31088087996aff99b7b525e09a3649bcb6e,2024-11-21T08:27:26.060000 CVE-2023-45826,0,0,2049fdcfacd49e62f3dee07525456735a2621cfb7b2b713331b170eaaa2c4f93,2024-11-21T08:27:26.227000 CVE-2023-45827,0,0,abaf7216d57163ffcb299f06a62cc36e0969e2f3d40b98189cc2564ddfd70e0b,2024-11-21T08:27:26.363000 +CVE-2023-45828,1,1,786db299204ed9505d4e09afd2bc46f48afaba54dcaf68b53f72e70ccce49601,2025-01-02T12:15:10.247000 CVE-2023-45829,0,0,4efd05766fcb7f231bcbbc474299e618c4eaf51644a66cbc23550c25c9899dbd,2024-11-21T08:27:26.507000 CVE-2023-4583,0,0,835e187ebecd739807ae99e321ddffffd8eb61927da48ae6f2128275368fa205,2024-11-21T08:35:28.857000 CVE-2023-45830,0,0,ed4a123e9a8224afcac58e06b6f5d6f1d392ef3643d3c619de80877275b67a91,2024-11-21T08:27:26.630000 @@ -235276,13 +235293,18 @@ CVE-2023-4607,0,0,7454226332e2494bd6ff0ed193a578fa3120d089ae68e656d761aa04dfd4fb CVE-2023-46070,0,0,3af197f018312164b915672c4224645fbdbc6a58aeb1faa42b8e9ef084ef699a,2024-11-21T08:27:50.620000 CVE-2023-46071,0,0,700c30c8243167f692393bfd3be82cb840abe2f67cff87ee3c60ba0f76c9214c,2024-11-21T08:27:50.747000 CVE-2023-46072,0,0,0a74e576feb97d126a917ffbba11e261d9538806125a240896094b1f28f56acf,2024-11-21T08:27:50.877000 +CVE-2023-46073,1,1,4506253af1e30ccc02c2733759adca36ad6fc75ac933ded4477a53c8cb1136ef,2025-01-02T12:15:10.397000 CVE-2023-46074,0,0,3a0a38c4be6310217a7473ed79d76686b8b8fac0313b2ce829eea4843cad5ac4,2024-11-21T08:27:51.007000 CVE-2023-46075,0,0,07c76d395b73da5977f30f1c1057ecbed7d0993c17afd2a4238dbed6a907a1b3,2024-11-21T08:27:51.140000 CVE-2023-46076,0,0,61bb4566255652a5ad6373fae9642d1851cab406860c6789d54e5a14489e5602,2024-11-21T08:27:51.273000 CVE-2023-46077,0,0,d5aecbc356db9517f1834d502b91674a8223f59bfa9fe030b47e6ce45a509bf8,2024-11-21T08:27:51.410000 CVE-2023-46078,0,0,86d3134130245d4c04c141ab183c964ac7a9dc58884a6ed97b83c583bf7b50e2,2024-11-21T08:27:51.533000 +CVE-2023-46079,1,1,1e530240bfcc7a1ee6287a3365a04b002632633a6923da1b1291db5c8ea42ac1,2025-01-02T12:15:10.533000 CVE-2023-4608,0,0,cf987f6acb171956882b8d9a2f4f49c73373fa2f7f560b45b5cf28c24fba532f,2024-11-21T08:35:32.260000 +CVE-2023-46080,1,1,34d08aa6ec1399a2cc4d921517ffd7325b4b2294b472bb7cb107e1989b8dbec6,2025-01-02T12:15:10.667000 CVE-2023-46081,0,0,740244131b25b8b8a6871e327b1b4f86bde428b56162f886d17db598253b71f3,2024-11-21T08:27:51.670000 +CVE-2023-46082,1,1,3450587cd4916164ebeccff2b9dbe3ab028ccb2772a9b98b2e6d0e7917a89e18,2025-01-02T12:15:10.817000 +CVE-2023-46083,1,1,a1c790d47ddee3f492f5e987776ef4b865556a778e26d2ad366ad713f7789b3f,2025-01-02T12:15:10.980000 CVE-2023-46084,0,0,800c344f67acf10b702421be51098f4f2f8f344c43e4a6d3163cb68efa2a793c,2024-11-21T08:27:51.807000 CVE-2023-46085,0,0,3ca4dee942883790441114638f1ef508eeb257b6cf2124d47c7a788555d15ccd,2024-11-21T08:27:52.010000 CVE-2023-46086,0,0,74c8b956369f2d6311c6e441c90a8aa12190303fa6e18eee95ae16ac27d57cb3,2024-11-21T08:27:52.140000 @@ -235369,12 +235391,15 @@ CVE-2023-46181,0,0,7db94ce0542139fb0f4b825ee15b66e74831929caf8ec2bf9c6da1b7e7130 CVE-2023-46182,0,0,7705f9133b8264c630b8811790194e5b749781d9842f011884658162bd355d29,2024-11-21T08:28:01.980000 CVE-2023-46183,0,0,381c0c34e4bb85912abf6cef707f2b78273838b5e2c637ec311bfc3db3fa9ea1,2024-11-21T08:28:02.103000 CVE-2023-46186,0,0,80abfc94a8f15b17311bf769031b8a124644ec766e404d60459e5a868747eedd,2024-11-21T08:28:02.253000 +CVE-2023-46188,1,1,895e90c69d505f95bed506161e47600a034ca417836992597c93213a0f936b71,2025-01-02T12:15:11.127000 CVE-2023-46189,0,0,f28806dd1bbd926b5db91acfeb333ca7e88214a3d98d437fece40edfdf19737f,2024-11-21T08:28:02.410000 CVE-2023-46190,0,0,0ad59e8934a86a013c76f33b7c20f311ee90f6bc3cc0a4d121c6dc8d8c306d8d,2024-11-21T08:28:02.550000 CVE-2023-46191,0,0,d1865ead4dde5eec21bcf2401d38886de7c157f6333ae08c2e5a937b2fad0e80,2024-11-21T08:28:02.700000 CVE-2023-46192,0,0,28ab5d379d6785b917b0be08ab30fb915f5b959603724ca911c51ffe0dfc743e,2024-11-21T08:28:02.810000 CVE-2023-46193,0,0,74c77c2c17a3bd30e7ad6bb40fa34600a457b0f418337976b2e8ef750dd62f46,2024-11-21T08:28:02.943000 CVE-2023-46194,0,0,690f23dc30d3b28edbfda86fec6bd8801d171a9a9ec42905042d389b130a12c9,2024-11-21T08:28:03.063000 +CVE-2023-46195,1,1,a15389fdf916bd922691d7736bfa1bc676ea1d80a2b3906259c3902e9069f374,2025-01-02T12:15:11.270000 +CVE-2023-46196,1,1,d62fbb2a8252ea36c7941b5b897c8314e4355c3a3885c67336da1459074419a0,2025-01-02T12:15:11.407000 CVE-2023-46197,0,0,a2dd46f48fcaa62a7c2099e0d616db0cb2ebaa01bb6702c9312fe030b6de8e00,2024-11-21T08:28:03.190000 CVE-2023-46198,0,0,d4ad4a351d2a5453b6446c39aa985a2c07900ad28e0892ea4f6ce229eb573b28,2024-11-21T08:28:03.293000 CVE-2023-46199,0,0,81fd91dbcb97ceaa2c6965aa2edf785a9235be6cbf673b27935a9692a9c96dfb,2024-11-21T08:28:03.427000 @@ -235382,8 +235407,10 @@ CVE-2023-4620,0,0,5407789a477ab3bbcc8e1b7f45e1f09216788b80aa1cdba66277acbeebfc08 CVE-2023-46200,0,0,d9e56616d1d590e84f481e0e70eb2baa38d3926ad1f920928c17817c93fa0348,2024-11-21T08:28:03.557000 CVE-2023-46201,0,0,0c6dc1c2e580e33dfab1ab1e48ec54fc6f61900a994bd14a79390d5e7f8a3340,2024-11-21T08:28:03.687000 CVE-2023-46202,0,0,eb047b69b87ec0c9670e66573cf29968d954fdeddf10bab1bb029a51c91f94b2,2024-11-21T08:28:03.813000 +CVE-2023-46203,1,1,4df773e8cbefcf7f1e870c9123540d4bfbbf30938aa7324e9ae9005e7b9ece71,2025-01-02T12:15:11.560000 CVE-2023-46204,0,0,7956e8d96b7e0c84f3ff77cdbc0418a3c3b83fe4340b7b830995408943916f0e,2024-11-21T08:28:03.947000 CVE-2023-46205,0,0,6748f35160d12d67b449db898d3f46feca218a4ecf0e7b495e049d6ea8448e20,2024-11-21T08:28:04.073000 +CVE-2023-46206,1,1,4c26ddbccf18e711f0373829fdf7c2a8dc1b349b85920ce55f3b472c5700e41b,2025-01-02T12:15:11.710000 CVE-2023-46207,0,0,4c4dfc8c1a33df2b602ed3b4ec211b70c069954db68c7d910593afecc1d7410f,2024-11-21T08:28:04.193000 CVE-2023-46208,0,0,0f22f07a270b66d004beb0d376185b7f494d0a5b487760289ad7daad70e3f302,2024-11-21T08:28:04.327000 CVE-2023-46209,0,0,b2ab76d2a76815cacae8c7994ed129d0ead483e29c88e56bcbf19810fd960027,2024-11-21T08:28:04.450000 @@ -235481,6 +235508,7 @@ CVE-2023-46304,0,0,ce0fa68a4afba5643524b75af950cf94d4d8fce59c57472ffdb60216e0e19 CVE-2023-46306,0,0,1946a9bf182a07cba889b2e537e7d7e313fbf7cad532e1102bd4f27c441c4602,2024-11-21T08:28:16.250000 CVE-2023-46307,0,0,a6184b205e0bfffeb3a8dd7852c7b0302af883a2437b106f3e0b1bee400698d5,2024-11-21T08:28:16.440000 CVE-2023-46308,0,0,0c06a52efad3554b70fdc84de1b2b99159a549294651d3cda5934c77c762b50b,2024-11-21T08:28:16.600000 +CVE-2023-46309,1,1,38fa4eff1c983e10f5e4c775dcbf7cc3848e568ab040f8ba61d628be261eef95,2025-01-02T12:15:11.857000 CVE-2023-4631,0,0,cb69984536c4c4d201c6017911de5247d148bdfd6a179a081ca2021245a99180,2024-11-21T08:35:34.780000 CVE-2023-46310,0,0,62cb7f5596c7f2f6335cae214d4c7af60803f43b9db8f31eafe6efcfde6bad9d,2024-11-21T08:28:16.757000 CVE-2023-46311,0,0,02e25bae94a47f479c04d860d886afc1775f5ffb71d2803c9eda8f75dc507348,2024-11-21T08:28:16.863000 @@ -235687,10 +235715,19 @@ CVE-2023-46601,0,0,739bb1365ee90282b5f1d046dd503ea5eaf0a4d64f7dd95529af7b2550849 CVE-2023-46602,0,0,f59406848825161cde147d1e590fffa5776803a932b927e1ea2bcc795ebef0ce,2024-11-21T08:28:52.387000 CVE-2023-46603,0,0,c8e4a28d8170f5924386c421f801ce28ae08b9f2a2675bd0a6d3ffc0105d045d,2024-11-21T08:28:52.600000 CVE-2023-46604,0,0,94d70ad91b630a20bc50ca5fabf877ea6e71773ec87e106d5153b1b4609a1b14,2024-11-21T08:28:52.810000 +CVE-2023-46605,1,1,abc79e4b553ad7be54feef15f9c3d7653abc61ca95fa72abb5ece7a3d1d9d8ed,2025-01-02T12:15:11.993000 +CVE-2023-46606,1,1,3e82b2caf596bbaafc7092f7274edcea3ef40ef255d308bf78216d4f625152fd,2025-01-02T12:15:12.133000 +CVE-2023-46607,1,1,8d41295ddaead5a16914ad1fa30a307b1e942dbc8658ca741e1f74a2a8ec2daf,2025-01-02T12:15:12.283000 +CVE-2023-46608,1,1,d556cc4c15fd60bece733abadc4f558a7a5807b7d242a78abaec181e827a7918,2025-01-02T12:15:12.437000 +CVE-2023-46609,1,1,8a015517dc79bc0757713017541e7ddd1299475e9f3176e035e36b81e080e1af,2025-01-02T12:15:12.593000 CVE-2023-4661,0,0,500ccab89b65c44cc650c656e643df87c82a58f179d114ad92492bd266764dab,2024-11-21T08:35:37.950000 +CVE-2023-46610,1,1,5ac7724034162f50404c3dd1e83ad2aff1e756e73b933f62126e0d3127580e66,2025-01-02T12:15:12.730000 +CVE-2023-46611,1,1,df07805df8dfceaf2dd640f77eb686a88e75d25494286d4c5d99d89e1f0a8caa,2025-01-02T12:15:12.867000 +CVE-2023-46612,1,1,0f8090595d7b2a7cf00b9dd59842c171c18098a03edd3062c319a83d7eeaf828,2025-01-02T12:15:13.007000 CVE-2023-46613,0,0,27656e929b35b89d02f51e92d77ea6747cf195f40fbb5b9d33a9f4fa66ab860e,2024-11-21T08:28:53.077000 CVE-2023-46614,0,0,2908a5daf6a070356c0a29bb8086f07e0c0c5e99362a7259c0f87d206c45b02f,2024-11-21T08:28:53.343000 CVE-2023-46615,0,0,8c2ca0205a06f001172dd6a9fbb97d343ef1fe9b8acbe46617643db850e6907e,2024-11-21T08:28:53.527000 +CVE-2023-46616,1,1,6185e88619951e1b5706cf6483ea33bfc1ea7cb5e753a08e76351e145e9a3662,2025-01-02T12:15:13.170000 CVE-2023-46617,0,0,dce020a3b9da88b5e577acd86557c7c445f90630416dd9407b26955e5be3e6e0,2024-11-21T08:28:53.800000 CVE-2023-46618,0,0,3b085e7f1cea65ffac3c89f17ac7538379fd1b645e67844c8fd70ca342251b76,2024-11-21T08:28:53.987000 CVE-2023-46619,0,0,302b3ddc7191cdfe1502b4775a8d3246b9a269d1dfd5aed10c63413b30ef3166,2024-11-21T08:28:54.170000 @@ -235703,17 +235740,25 @@ CVE-2023-46624,0,0,3bc914a69a792f4523c5374966933ff8c19635691e8fef51b429b25d621f7 CVE-2023-46625,0,0,3fb001ed51dbe4fa7d36859bc5989d715a3de3cc9297e446efd463ae2f98666a,2024-11-21T08:28:55.290000 CVE-2023-46626,0,0,bac6563981ee6cca83e3e027c5ed5c221d5485c7477ca20e37acbcb3580009d5,2024-11-21T08:28:55.457000 CVE-2023-46627,0,0,50a101638a34630f2cc44e937f58830c9d50348f1d89f77b73bfd395d7df6954,2024-11-21T08:28:55.613000 +CVE-2023-46628,1,1,fab6cdee96892a3511bd704140f1e82e0c8134f6ab4e1b3a2bbfb9969c6bccca,2025-01-02T12:15:13.353000 CVE-2023-46629,0,0,8e1b57b30b6bd1ed74788d372768e673fa6c16789dda18c74fb8bad71e4c9dd1,2024-11-21T08:28:55.773000 CVE-2023-4663,0,0,8c314616f73571b0e6b65a0b47dfac3b701c0ffcafcb84ccf58aadc696ec7cf3,2024-11-21T08:35:38.190000 CVE-2023-46630,0,0,2252a8d74e2efd161cec92cb0e4c04cebffbf19b36fea42f68cc97c737da25d4,2024-11-21T08:28:55.957000 +CVE-2023-46631,1,1,d73a5032fac1686b49bb1ca15f71d93ed7d2fae5620595b792e8668296d06d95,2025-01-02T12:15:13.503000 +CVE-2023-46632,1,1,7f4689fada6472628b2abb908a8e1c28b89ef12788dd072c4ebff504dc727e8d,2025-01-02T12:15:13.643000 +CVE-2023-46633,1,1,2ea347dfb4d1aa93aec0e3535b7d0e5e4a592534c2ccd58599734dabb781ede5,2025-01-02T12:15:13.790000 CVE-2023-46634,0,0,2b175830d1de64bb4d27dd9a4f31b54a33edff64bad25a431276d31d92cdf528,2024-11-21T08:28:56.127000 +CVE-2023-46635,1,1,ca2f10111b6f1799f312cc5dd837979383ce31772f8b4fe1a9aa75d5dfeb49d6,2025-01-02T12:15:13.940000 CVE-2023-46636,0,0,fa2b3badca3826ed40df40a5bc074413186a70b26e39d04c540a59429d0efb5e,2024-11-21T08:28:56.320000 +CVE-2023-46637,1,1,bcc0c72f4ad6b2d322bc2b86447bb87b8229ea728b2356768d9e48c94502b457,2025-01-02T12:15:14.090000 CVE-2023-46638,0,0,24c8e660a18a3168ee1c08b23c14e4dacd53541bcb1837ec7cccba320e4334d5,2024-11-21T08:28:56.500000 +CVE-2023-46639,1,1,65cf6a1525c887d948df7eeb08348be69539dedfd2878e9146e45327b412e939,2025-01-02T12:15:14.243000 CVE-2023-4664,0,0,6121514e559345807fda2139d1d878f71d05b32b7fa23d766b48e7a6cdac4cce,2024-11-21T08:35:38.317000 CVE-2023-46640,0,0,6a468b17986acf39df0e9c6166cb26418e4223d8dc58a093abd09b986ef61265,2024-11-21T08:28:56.683000 CVE-2023-46641,0,0,e458628b48b0a8d8075bb6190954e4ca9660ea03c03832431eb9b33e3abb2483,2024-11-21T08:28:56.910000 CVE-2023-46642,0,0,333bcdde9199abc2b63f97cc5d28fed27186b8b52a610f2a66910719f007bfe8,2024-11-21T08:28:57.080000 CVE-2023-46643,0,0,609db5b2ea1bc56062cbe58ff09b91be86637ebd89f6c8bd21364a3b4c86f5d2,2024-11-21T08:28:57.273000 +CVE-2023-46644,1,1,9c49c49e97e49d7b53800d7871110a1b951b2203cfb3fd015a3a53362fb907c9,2025-01-02T12:15:14.417000 CVE-2023-46645,0,0,27976711a83671e987f70be273ef4d0424100275931fe14b9d803a3353aa79fd,2024-11-21T08:28:57.547000 CVE-2023-46646,0,0,a2c7e44e259fb2b2ed8c3950cd1500651525384a43ae3fa31e0a4b32f390aa4a,2024-12-16T19:07:42.750000 CVE-2023-46647,0,0,a5a22a6966b2e14e7bfeb00e348b5a45f32ad41ada6839623fa875dceb01cb60,2024-11-21T08:28:58.003000 @@ -236129,12 +236174,17 @@ CVE-2023-47174,0,0,3186c7e8ead148bdd3055be43e883eeb52845b4bb17391af02c9e2f9e782f CVE-2023-47175,0,0,e6466d777ede55f4ca2956ddf87f9d9ccb59b506c80c039228ad2f228638590c,2024-11-21T08:29:54.350000 CVE-2023-47177,0,0,5361d5e2ce6ca046282c69eed906a4725ac787feb21fc61cd92dd9eb5cb3b9f7,2024-11-21T08:29:54.483000 CVE-2023-47178,0,0,9e3e74ee64d9082a9fc57ea323f922533cf703e48212d65e6546566e75f8f805,2024-11-21T08:29:54.607000 +CVE-2023-47179,1,1,83312356e13d7dc7f05cefbe416f4417c407631d6eceffe8f96df46c047cdb4f,2025-01-02T12:15:14.560000 CVE-2023-4718,0,0,06a5b75b66fc698c34861c2a65bd83baf4703a617480c21068c1a488ea0f84fb,2024-11-21T08:35:49.300000 +CVE-2023-47180,1,1,e7c8142b2ae5a3ad5f6e5a7cdfe1ed8766324e1c3652fb74ab721d16aaa03333,2025-01-02T12:15:14.713000 CVE-2023-47181,0,0,7bf51233c46c33baf95b99b1f1bdcff1fd2d6944a184a6e7084a284f7c8d255f,2024-11-21T08:29:54.730000 CVE-2023-47182,0,0,a2fbe35fcb6ebbb2781e7732fefe75002a709c3a5f53c182b17454e5a7aa0586,2024-11-21T08:29:54.870000 +CVE-2023-47183,1,1,59e8c1e9140b76f0ab0feffec4f1b149007998c471d1b002d04f3b9417c7c142,2025-01-02T12:15:14.873000 CVE-2023-47184,0,0,c6e6aa826a6adb67677bec57a0a468566389c054c9e67de12418dd387cbb5bf6,2024-11-21T08:29:55.060000 CVE-2023-47185,0,0,0e2bc566c1bb83239599c48504b422761380119ea10ea7efc033fa74df1fced4,2024-11-21T08:29:55.177000 CVE-2023-47186,0,0,19ec53b7397547d682113797320740ce15fa183689e588929017f145ab406c5b,2024-11-21T08:29:55.293000 +CVE-2023-47187,1,1,6e7f1e9f2cf223f3c6bdec1b3d1c5cf025a2df21c2969cb1314cf33bb921e157,2025-01-02T12:15:15 +CVE-2023-47188,1,1,de2f2ca6d7dccb9eea68a66c3c1cc117ebf0b73d980eaff31887354649fabd10,2025-01-02T12:15:15.180000 CVE-2023-47189,0,0,b488d5b3f4fea6788b7d8089452bfdcdf786330c410a17aff3a0085eee4a46ac,2024-11-21T08:29:55.420000 CVE-2023-4719,0,0,98d5468c53f37525d3af5cb749a8b0773e56b5d779ee09385671da2960c9011b,2024-11-21T08:35:49.423000 CVE-2023-47190,0,0,63e1613b32ec0c177467a202f309b5a5fc7d3b4523fee0c96ab60cb18da7d85f,2024-11-21T08:29:55.537000 @@ -236169,6 +236219,8 @@ CVE-2023-47220,0,0,ca5c5c3d22b9fe083efc282dd5660c688dd7fe3fd528829d1726e650bc689 CVE-2023-47221,0,0,de12f252c3183917f1272970ebfebf1b90422f0b4fec831be6ea6093e15e7c00,2024-11-21T08:29:59.030000 CVE-2023-47222,0,0,26dd73cd443ee7fe409d1b473a0cb2d19d49d42b998f37dc862219d8a1973afa,2024-11-21T08:29:59.150000 CVE-2023-47223,0,0,2cf8910169250e2984d787c388091aa495ea0f9d8b3a8451bb118ffd06f19059,2024-11-21T08:29:59.280000 +CVE-2023-47224,1,1,e598d46c28ab53443a609d6e15db5d3835b4f82e93559f1fb0fb36e25d2d7b37,2025-01-02T12:15:15.317000 +CVE-2023-47225,1,1,2c605b3e4bec9b299731a78e0f63732ed4894dde0106465adebbfc355128fc0b,2025-01-02T12:15:15.470000 CVE-2023-47226,0,0,29377d06ccae0fdfb478f00ebf32b4d2e227f99eb01915b101484a2ead80bcea,2024-11-21T08:29:59.403000 CVE-2023-47227,0,0,6b64f9721fc94e06b36fcb3d1c94758deffc7d4a511d3dc2eb13b78354a80a58,2024-11-21T08:29:59.527000 CVE-2023-47228,0,0,b9c0277edb857b810bb52a8b8b6cf5db43cb849640d830b39c86f2c8e4f2d7af,2024-11-21T08:29:59.657000 @@ -236185,6 +236237,7 @@ CVE-2023-47238,0,0,89c04e120b178acd5f3a39ba71894b3a4357963de9b2872c2373ef0f30c17 CVE-2023-47239,0,0,4b1f1032c661a1f7b31aa316c803dcc90683388379a527ad77c442e7afbd77e5,2024-11-21T08:30:01.140000 CVE-2023-4724,0,0,6c76a5eb0ff7b6ccf846600945c0f870715b1293548263ffa69075f7435f9a2f,2024-11-21T08:35:50.087000 CVE-2023-47240,0,0,bee572ff8adc5dea7d8b1b5365a15d0034b1405cdb4455269fbd5de62ea4ac25,2024-11-21T08:30:01.270000 +CVE-2023-47241,1,1,c817b90da24738aae63f9c9d8eb69b369b8a3da35a4c07d5b8e1f796edc90d2f,2025-01-02T12:15:15.600000 CVE-2023-47242,0,0,16bd3d3d64cacd173b0167cd7f982783fdb69c0a81e914a2606e4716b69f19dd,2024-11-21T08:30:01.413000 CVE-2023-47243,0,0,30340c6d26e19c59b5978c6e1842ea9075173064b605307a556387765c45d03a,2024-11-21T08:30:01.567000 CVE-2023-47244,0,0,b0ebe338ebe88a1ffec7595b1ee713231f6705784898ca7f5320bbbb8ad00dde,2024-11-21T08:30:01.720000 @@ -236331,6 +236384,7 @@ CVE-2023-47511,0,0,c5d59cb800350f6c9ef8d2dd1cab1f09ae876a7d1429f9c79fd98e5a5af95 CVE-2023-47512,0,0,c52314ca2e1b59dfbcb49519d5305de8455ab9e05468ad5fca2a34ada5e593f4,2024-11-21T08:30:22.130000 CVE-2023-47513,0,0,34d362c97d2a576bafd84347c7bae6606ca324ddf83a7b5433e60fce9213634f,2024-11-21T08:30:22.263000 CVE-2023-47514,0,0,8d1cb10da426303c0741ed4cf1d3eb0473d235a9fabaf1302f04b2bc17c1b66b,2024-11-21T08:30:22.380000 +CVE-2023-47515,1,1,46c73c1efedbb08bb700f32822fd9ce3772c17fb8664449ff954e418c59ae9f8,2025-01-02T12:15:15.733000 CVE-2023-47516,0,0,7d25fd3d465d328c9ebf884b400408bc1a6ef56f6cfa46441fd3abc60e78d8d5,2024-11-21T08:30:22.520000 CVE-2023-47517,0,0,d858293631143dfbe3d5fdc519eae1103976b813def7813f50efd1a1d14d755b,2024-11-21T08:30:22.647000 CVE-2023-47518,0,0,283916a5255f43f1aa8cf4a3561902a4dbbea044bca8be49fab8fb9b7731e00e,2024-11-21T08:30:22.780000 @@ -236339,6 +236393,7 @@ CVE-2023-4752,0,0,adf0c14e1c3d0f4f3fd0eea5bd3fd8514fe0761db8dd0f423b0bbaffc3761d CVE-2023-47520,0,0,ed3247f3b4478c8d373d7b761ac9421fe7c2cebb5db2240d7bcd9d52ce65c351,2024-11-21T08:30:23.040000 CVE-2023-47521,0,0,0e16b24f0c8ca567d4ff2008bbd4b08e929088a9cc79733ac2f6644f8faa8e5c,2024-11-21T08:30:23.197000 CVE-2023-47522,0,0,333bdd12b8111ca11b8564bdbf0b55c094fd5869186b24ad2ff2815d19654e6e,2024-11-21T08:30:23.347000 +CVE-2023-47523,1,1,6e1170c0f1802f957616547b8d915f38cfb0c3d6648f2a9cad362e35433b4a67,2025-01-02T12:15:15.863000 CVE-2023-47524,0,0,c531e06fb47d75221d08b9550d6361b5f765da4aa8f524d08e0b6b1734b37201,2024-11-21T08:30:23.493000 CVE-2023-47525,0,0,a74d48d8300063d6db56c0655a8f13f3e17f293ab82bd862b59cbfa86e63edf4,2024-11-21T08:30:23.623000 CVE-2023-47526,0,0,6a3ec06793234d9e236d0b4c7055d574fe860a3fb0285080b20226b11cb1220d,2024-11-21T08:30:23.763000 @@ -236371,6 +236426,7 @@ CVE-2023-47552,0,0,10e3f2282ece31dbe84c5154599a463c4edff3e7fa0ac63aa152091e53096 CVE-2023-47553,0,0,89a256f7349474fd81dd2e5b7d032c857e87e08b008311d1fecf0caf710fde88,2024-11-21T08:30:26.880000 CVE-2023-47554,0,0,8ed48b9df831f170470843c7b635356afb94288ba00ecd6e70b99338398915b8,2024-11-21T08:30:27.017000 CVE-2023-47556,0,0,d9e4a37ea6b39f65ca6f237b24e7b65378f9444edc02119332cc37bf7471cab3,2024-11-21T08:30:27.147000 +CVE-2023-47557,1,1,f508ebcbe827145a8a117d38fe71d4090206f1cb1768bd9b5791fc78229680c6,2025-01-02T12:15:15.990000 CVE-2023-47558,0,0,e850ad188243e6bfbcdb5ec4ae2a09e8f462220a0c6408528341df07a1fd5b6d,2024-11-21T08:30:27.280000 CVE-2023-47559,0,0,d5f68df48dbcd1e49cb89b8ceaa882ec9dc5f1369e1f59c4ec566b86a7359be8,2024-11-21T08:30:27.400000 CVE-2023-4756,0,0,3adf71e55888c9933b1d5b0a4118c145dd66c2f76869aa63aa6d91ec11347ef1,2024-11-21T08:35:54.720000 @@ -236441,6 +236497,8 @@ CVE-2023-47643,0,0,0dc70fe917ae2ad5be73f94d83e6c2c8eddb8fad95e172fb95b0259491082 CVE-2023-47644,0,0,e4fda690679aecebddc07fddb41403aa0fc2da7a43ab4d01966e95012e597b41,2024-11-21T08:30:35.597000 CVE-2023-47645,0,0,c79b83241ba1bbbd8e659081e599ad9eb366ba3b1a96bd7c7ed2700017da6672,2024-11-21T08:30:35.757000 CVE-2023-47646,0,0,4a5f07398599af6c56ee8b99bf7210cafe2df340086c0ab21765843e45c74395,2024-11-21T08:30:35.900000 +CVE-2023-47647,1,1,bb4ed3f6879e2dd3b5daaf05364c1423452adcfd733a728ce8cd490aa28ee87e,2025-01-02T12:15:16.127000 +CVE-2023-47648,1,1,fe44a2a67d4cfbdbd9f5f677bb2b06709ba55ca7846343cd9a2510b97b171034,2025-01-02T12:15:16.260000 CVE-2023-47649,0,0,c7e7f5d23f04acb7bb0c8db6a070a50c654b6ed83b956e13cab0275ad6bd9456,2024-11-21T08:30:36.030000 CVE-2023-47650,0,0,7721feed13fbafec3d98f106931e00bf3d20b125d30ffae4b9aab5026cd107f3,2024-11-21T08:30:36.170000 CVE-2023-47651,0,0,de674ae82fb6a8f5100c7c6af15e148c09dd930edc5e1b0d5a3257e845a858c9,2024-11-21T08:30:36.307000 @@ -236454,6 +236512,7 @@ CVE-2023-47658,0,0,9407e7495b70d90b9cda62e625c1ed4c737dcbc7f328548cdf2e4e3fbcac9 CVE-2023-47659,0,0,63cafc409d112bc1fb8b936b66e385d592b5a47108c60ee7863a3766fa443345,2024-11-21T08:30:37.383000 CVE-2023-4766,0,0,e128c6b8b3e2ed394709c7b784ca746f4b8d1b4fd144a06617f6983cfac892e8,2024-11-21T08:35:56.267000 CVE-2023-47660,0,0,972d11e76d18e3232977b3940553c0db06ab3b493889b371669290d385a33321,2024-11-21T08:30:37.523000 +CVE-2023-47661,1,1,288e037765f1c8d26598d1805e24ae576043338c44a5f170012e7cd7f0f2b2b4,2025-01-02T12:15:16.413000 CVE-2023-47662,0,0,aa63c8f9e1d5803e61c4bb818ad604faa7058e96ec1f848bb0c28148082f8993,2024-11-21T08:30:37.650000 CVE-2023-47663,0,0,599300e69461e2567bc15a5b0a4840b357f7b5d63813950f5a7f84f4bed2a972,2024-11-21T08:30:37.787000 CVE-2023-47664,0,0,995631f07c3418eae7f2fdc636b1968ad9d163336fbab08c89f294a70defb802,2024-11-21T08:30:37.910000 @@ -236482,9 +236541,12 @@ CVE-2023-47685,0,0,43e8e2d91a8b97885591560d21f32212f75548f3cdf4a9fb23ef00d2b52a2 CVE-2023-47686,0,0,35d3d7b829bb258e0eccc6165292fd4d9130d0bd1046b42037579a0be57d39d7,2024-11-21T08:30:40.710000 CVE-2023-47687,0,0,f72903547e7871a48c56082735bbd081b79c58adb00fb6d223072652adee35ad,2024-11-21T08:30:41.163000 CVE-2023-47688,0,0,3ed651b310fbb1c150f74fd525079f5e7277f94a103ff9c25dbf96c621af4d9b,2024-11-21T08:30:41.287000 +CVE-2023-47689,1,1,a2918cd5ecde01dd6b5f4e586431f8ffd4848efccc18b1a44e630ab573761d50,2025-01-02T12:15:16.543000 CVE-2023-4769,0,0,2512bf19f4f065ccd5ffd45118a0c862cff3a81eaccc3721b3e14b866876cfa6,2024-11-21T08:35:56.673000 CVE-2023-47690,0,0,4f253489974c19d1424f77ec2578af129ff2d1b6bc7bc6d2cbd731d019c4ae14,2024-11-21T08:30:41.420000 CVE-2023-47691,0,0,61045da6f81e2a4bab853f5b0ef82e662dff1bb8c87d4acf5afe68a02e8415a1,2024-03-20T13:15:08.680000 +CVE-2023-47692,1,1,e3426411300a31115493e34dabe6f0a68e3056d1e0807ecb4ce6d9e7502b8c65,2025-01-02T12:15:16.673000 +CVE-2023-47693,1,1,d878e3021bd1b14133d2ae482e26b3b5b0c8c94b1363dd1e86e35f68992b5100,2025-01-02T12:15:16.800000 CVE-2023-47694,0,0,4e8ef763aa9522c9ebe3fdc3cf77829e009c33befac6555a8cdc00c3b2fcef52,2024-12-09T13:15:29.440000 CVE-2023-47695,0,0,9d8e03ba2005442a1153da5a0bdaafcfa67e0e4ce977f490b72c3e27c7118739,2024-11-21T08:30:41.547000 CVE-2023-47696,0,0,92ef29c78ef536fe0842cc20d3b4b53274d52d6489d62c2b73a2f6fbe1ffb10a,2024-11-21T08:30:41.663000 @@ -245038,7 +245100,7 @@ CVE-2024-12588,0,0,9ef4dd85f085f6ba612688cc14a2c49d05248e20e75bd2d7bdd4aff39b5ac CVE-2024-1259,0,0,1c6bb100fc9cba505c4d696801bfd3102c508e530bb2e36c86a6685675278bd7,2024-11-21T08:50:10.730000 CVE-2024-12591,0,0,ab3753b6008fbe3e6034e40f9f857196cd212596c7c67b4ab270eba30c140899,2024-12-21T10:15:09.177000 CVE-2024-12594,0,0,594b37b561926a174996b6f220ac2c193da316e698a771fbe44cfee2e4625e76,2024-12-24T06:15:33.297000 -CVE-2024-12595,0,1,86bfa2603380a1648d46254ba5a40fdb1e6815a8211e070a358db35a2064cce0,2025-01-02T06:15:07.983000 +CVE-2024-12595,0,0,86bfa2603380a1648d46254ba5a40fdb1e6815a8211e070a358db35a2064cce0,2025-01-02T06:15:07.983000 CVE-2024-12596,0,0,5fc66f30988060a8b7bb1a593c82bd6c3fc2c995268e617c35d93ef410dc9a09,2024-12-18T04:15:08.253000 CVE-2024-1260,0,0,237fdcd6650ec6f817190c6cbe0c450181ce5f478e263f9f314859cdec5f8244,2024-11-21T08:50:10.880000 CVE-2024-12601,0,0,f9b91f2d20d6914a3b5ca3c9af2a431f615ff9e20926a30171bf1c35967a6eba,2024-12-17T12:15:20.543000 @@ -245185,7 +245247,7 @@ CVE-2024-12902,0,0,f67161e0fccba6773f5846cbc230324e550643d0923f7ba0e7e1a11f1d4a5 CVE-2024-12903,0,0,934e7684198b909838e52981ff3e91a85ceaf2d8442d1b9996709c268c32e282,2024-12-23T13:15:06.390000 CVE-2024-12908,0,0,76a88b8500008d4ca56b5c37bddceec64b40a69d8577b8cdbf6118a2030881b4,2024-12-27T15:15:10.240000 CVE-2024-1291,0,0,52c4840726a3cf584db63abe3d1006ff575604ba403c25fca89470816948ce5e,2024-11-21T08:50:14.863000 -CVE-2024-12912,1,1,da59ed1d585a95c4abe6a706301a7f1fa88799a6e770560e9387cc1038ee7b71,2025-01-02T09:15:17.470000 +CVE-2024-12912,0,0,da59ed1d585a95c4abe6a706301a7f1fa88799a6e770560e9387cc1038ee7b71,2025-01-02T09:15:17.470000 CVE-2024-1292,0,0,38d9bc6a557167174bf37c6662c68d5de6a783380fb5a30941c923054e3f2f16,2024-11-21T08:50:14.983000 CVE-2024-12926,0,0,fc2a26ab92b192ae501d4e54cc781c262c43c0b12662ce958be5565acbb713e7,2024-12-27T15:15:10.360000 CVE-2024-12927,0,0,29caca6ad2306153fa9ab094fa9e0334461e2ea665f8d59bbd5e4f726fcaf708,2024-12-27T15:15:10.513000 @@ -245313,7 +245375,7 @@ CVE-2024-13051,0,0,1be1ae94a61dba469e5e49f0e3a210eb507d631c9c82589acffd3c6321150 CVE-2024-13058,0,0,91396049ed5baf4a6f156f57d5990485463c9e52e997b4c7fdc31249002c7bf7,2024-12-30T22:15:05.957000 CVE-2024-1306,0,0,0542247252f536db3d3f5f372f6b06cf8f9322e7de2b3d2f5040c13d3f80547b,2024-11-21T08:50:17.053000 CVE-2024-13061,0,0,f0d229ddc53c34e4105e6b89d4e6cbe6fcae50e1fc38e3eb92bb7d84d07d1623,2025-01-02T02:15:19.897000 -CVE-2024-13062,1,1,3982183cdfc38403cb2921b4af6fa3d63fc3965456e9613dd126a09b381c3913,2025-01-02T10:15:06.153000 +CVE-2024-13062,0,0,3982183cdfc38403cb2921b4af6fa3d63fc3965456e9613dd126a09b381c3913,2025-01-02T10:15:06.153000 CVE-2024-13067,0,0,e9d43e6d22a143227a87a6afa965695645cbe92ac8a9cc3c1dbae98beb301933,2024-12-31T16:15:25.280000 CVE-2024-13069,0,0,59f5977c5ed98428bf813528205c28472dbe30bb8d317db36e1c6f0f99974166,2024-12-31T16:15:25.580000 CVE-2024-1307,0,0,791d403fd6ce043b636953425f5891ef42986249387c4cd3003ec2c058fbc715,2024-11-21T08:50:17.233000 @@ -245333,11 +245395,15 @@ CVE-2024-13083,0,0,1a047accd8c6bf62a0e13b2217d254aaf7132e2a90bd9a91eb1e045a01732 CVE-2024-13084,0,0,e559e62a7f68da441035efccf01422348f99fa312e9708064911a59d65bf1249,2024-12-31T22:15:07.783000 CVE-2024-13085,0,0,b371abc8e4b783221836f4d3bb4132d91bacc513d5b9c3566d195e8a4416bf80,2024-12-31T23:15:07.440000 CVE-2024-1309,0,0,46059633232401d149997e4f4dfdb966bb51f1c7d1649dc6d177fd25783e7c4a,2024-11-22T20:03:02.910000 -CVE-2024-13092,1,1,fdc243cdef1525f395b7ef0f5264e50158df13076811b80aa3491ead2b5cd4ce,2025-01-02T09:15:17.790000 -CVE-2024-13093,1,1,05b1dfdc9125d77f61b18740cb652279e4dc1ec2ccad0fdedc23eefcdc6b5424,2025-01-02T09:15:18.047000 +CVE-2024-13092,0,0,fdc243cdef1525f395b7ef0f5264e50158df13076811b80aa3491ead2b5cd4ce,2025-01-02T09:15:17.790000 +CVE-2024-13093,0,0,05b1dfdc9125d77f61b18740cb652279e4dc1ec2ccad0fdedc23eefcdc6b5424,2025-01-02T09:15:18.047000 CVE-2024-1310,0,0,8eacc1832dc63ed57a42c33584abbb481a62a43a07e6f25f2b4df813accea989,2024-11-21T08:50:17.717000 -CVE-2024-13102,1,1,7b39c0a0478a999b8e3748221c14e048fdedb4f30f1c6a073ae787fef74618ba,2025-01-02T10:15:06.427000 -CVE-2024-13103,1,1,d3877d7f8220684f30cbee14cf9f2eccb8f60cce2a863863b2ba0be377a5d426,2025-01-02T10:15:06.690000 +CVE-2024-13102,0,0,7b39c0a0478a999b8e3748221c14e048fdedb4f30f1c6a073ae787fef74618ba,2025-01-02T10:15:06.427000 +CVE-2024-13103,0,0,d3877d7f8220684f30cbee14cf9f2eccb8f60cce2a863863b2ba0be377a5d426,2025-01-02T10:15:06.690000 +CVE-2024-13104,1,1,1ca6409167b7fd9d24c20d3c9ea82e9726c8afc4abbf055e799df8b28dc0ceb3,2025-01-02T11:15:06.500000 +CVE-2024-13105,1,1,076124d6c9e9be9350e5eacae06f3e9f67a9247fb0cd0ec67455df94bb2df709,2025-01-02T11:15:07.547000 +CVE-2024-13106,1,1,c892b963c8fce5d9c6bf879a645c1159143ee0f17deb7b6b105f2e8ba14874e2,2025-01-02T12:15:16.940000 +CVE-2024-13107,1,1,240c4343d3c045a3fbe49a7821a48459b69e2876bbb797c2d2f715558071e7eb,2025-01-02T12:15:17.147000 CVE-2024-1311,0,0,01ebf083283fbdbf324aa4188b2056da81574dace6d1d37e23fa5b3fb1764821,2024-11-21T08:50:17.897000 CVE-2024-1312,0,0,d16b3ecc82cd74d4071dc20055eab0a36b43013bc6757c1d62cda1a87b890d59,2024-11-21T08:50:18.020000 CVE-2024-1313,0,0,cad1078661641c2022e5f0188a431d9a70908db5ab4b61d98e0389abbba8b680,2024-11-21T08:50:18.207000 @@ -258979,6 +259045,7 @@ CVE-2024-37089,0,0,8d387479d3a2a6e03e30baefa0716f09d2a1a735bef61b94a2cbba881bf01 CVE-2024-37090,0,0,c8c780f174a978437f3b8dd70e2e53729b421f624c42b5d0406b423c315ea8d0,2024-11-21T09:23:10.460000 CVE-2024-37091,0,0,516fee9b33edc9a2ec4e5cbefae8497129a19a168e7efc3b6e9674fd24788fb2,2024-11-21T09:23:10.593000 CVE-2024-37092,0,0,7fec326954dcfe116fd2c6e3f2c5f0e501a13f13685558ec812a9e8d4848fc3a,2024-11-21T09:23:10.750000 +CVE-2024-37093,1,1,8a4c1a7d667f0d5c413ef0cad53acec62346286ac2c2733d9d3c9b14db833caf,2025-01-02T12:15:17.320000 CVE-2024-37094,0,0,461a573e0402bc0e49439ada6f1ee204f3ab4cdbf605a4d834cb0d003291654a,2024-12-02T14:15:05.967000 CVE-2024-37095,0,0,e6056456aed9cfa1233740ab02a62cd5d905d39ecc612d79030adf2d2b42d0e6,2024-11-01T20:24:53.730000 CVE-2024-37096,0,0,7640b912a9fe5480a0e761f27d148ee529239584c0f97b1b0a5419d2ae02ad37,2024-11-01T20:24:53.730000 @@ -258988,6 +259055,9 @@ CVE-2024-37099,0,0,cc8e9e9f0506c29c9a2fd62d5b1106a8b42de30cd5a5f763cb3592f1cbd1d CVE-2024-3710,0,0,7ec3f97b10ac1fe60f07b9bf951da6833d8afc2e302b0362fd5f7e2353b53b9b,2024-11-21T09:30:13.350000 CVE-2024-37100,0,0,a29f1dfdeaa5db571d48e4494f7b10d2e76b4d1a05f658b73227932b96a47c92,2024-11-21T09:23:11.557000 CVE-2024-37101,0,0,e362c5238a80ec7a190ba3406083074943b106b372ae9aa64e69b418abc96027,2024-11-21T09:23:11.763000 +CVE-2024-37102,1,1,c9d38667f0ba194a455692f442ef98908f3b300190ebed6f9fda65f2be9c3241,2025-01-02T12:15:17.457000 +CVE-2024-37103,1,1,bf6a0e1b280f920fcba118daa0a64baa49759cc067b98c9b4ce57646b6d2caf5,2025-01-02T12:15:17.590000 +CVE-2024-37104,1,1,9f306bb0c9e258c88c5432d5e3d509d38f60b0a1ba35b18578fd4b0eb59173ad,2025-01-02T12:15:17.733000 CVE-2024-37106,0,0,638b70645936d5ec0e77ab46522d7cd246fd38e014d5d4e3e616ed5608d4891c,2024-11-01T20:24:53.730000 CVE-2024-37107,0,0,069c02769fd08ae225172448bda7107e1d52220aa13748c11716de1279f85421,2024-11-21T09:23:12.200000 CVE-2024-37108,0,0,2f024bcb96a54633731412d88247412e079b9689105c34038dfb5d7ccf87b351,2024-11-01T20:24:53.730000 @@ -259111,8 +259181,14 @@ CVE-2024-37231,0,0,3ad064ba4b5f10d72e496bed1a9ff120d6b53c55abdbe4e7406ee7734b6a6 CVE-2024-37232,0,0,ee69c1b46c940c16ee5063727e5778ea296f8d09f87bf1b679fcee23e66f9b07,2024-11-01T20:24:53.730000 CVE-2024-37233,0,0,ff4b5a208c1e877d347067dddb448915ce2568c49f50635e2de406b1244062a6,2024-11-21T09:23:27.213000 CVE-2024-37234,0,0,dfee20b0bfaf0266ebf50e9e0d3d9b07265041782ac79dd514a9f8b935cdd18c,2024-11-21T09:23:27.333000 +CVE-2024-37235,1,1,e6c81b6948fcdb09bcbe85b80c03e42af41fba696e808db53513726c3b695850,2025-01-02T12:15:17.870000 +CVE-2024-37236,1,1,14bc48d622e8508a23a33b44f5e97ea1da35b47fc7855c32ac13776c9110e1c9,2025-01-02T12:15:18.007000 +CVE-2024-37238,1,1,fa55229d713170993ac1240df2a8a702b3adb682c46d2d726540d4b074fe6b82,2025-01-02T12:15:18.150000 CVE-2024-37239,0,0,7fcf88c0cdf82bb1d65ccc47c80d93fc90be0316771870c506f509ae04f42183,2024-11-21T09:23:27.450000 CVE-2024-3724,0,0,27b1cf35253c5c2be7a90d08590ce3b88eb769a4315bdf8272d8eb99efd8d05d,2024-11-21T09:30:15 +CVE-2024-37240,1,1,159490f34f06fcf210fb45e4bdee841a3eac3ac9f6fa22e0459a5b68b8501053,2025-01-02T12:15:18.283000 +CVE-2024-37242,1,1,5e64dca0d9f448bee7570476043be285197a8779229545c46eaaa45c242641cc,2025-01-02T12:15:18.443000 +CVE-2024-37243,1,1,f4ae47d85e41aaf397c533c190e67973f61378a0c6b08ed365835d5e161e3bb6,2025-01-02T12:15:18.580000 CVE-2024-37244,0,0,2d9ddb0832389f8e3d9bb7b51a8f709e0f3e5ed63094e185230d0d0e93b06be5,2024-11-21T09:23:27.587000 CVE-2024-37245,0,0,1c237098f0f71e873f0d0caebfc3c1df0e1578fa63c12dfed62419d16519f1e7,2024-11-21T09:23:27.710000 CVE-2024-37246,0,0,156860c9c79b4f6044007f8282d10c8d51a29152116aae67c53816a0dc15f826,2024-11-21T09:23:27.857000 @@ -259144,7 +259220,9 @@ CVE-2024-37269,0,0,50cfaed90856887542f673a1dfb88d7fd13e5fdf55b8ad491bbd60ab59cfa CVE-2024-3727,0,0,2d8208f3b688c881f68102b796e52d9dff8aff02a86009c642062b6098cac10d,2024-11-23T04:15:09.660000 CVE-2024-37270,0,0,f4caa4cb7a36858698643ac9409e3f8a4a2754c3391a1e0c22af7a74483970db,2024-11-21T09:23:30.753000 CVE-2024-37271,0,0,65ca3130a4d1f08f82ca6f2d8768dae2cc8655fdc443d30413ce77e2735a94c3,2024-11-21T09:23:30.873000 +CVE-2024-37272,1,1,b133dd0466544a7a3bf8be1810b71a816108e36199d994810d8eb968f7c7ef45,2025-01-02T12:15:18.710000 CVE-2024-37273,0,0,19aa6d304da1bd4a46159a727b6cd1e00f85560895b8810050128dc09a188fc0,2024-11-21T09:23:31.017000 +CVE-2024-37274,1,1,2d9aac24e4efad645522e86249f659a5812f435ae79666ba3a1f353304552b99,2025-01-02T12:15:18.857000 CVE-2024-37275,0,0,cd3274dcdadb7cfece3b7cc68a35fc8b7f02682cb36b503bd3d552d1bfd411e7,2024-11-21T09:23:31.230000 CVE-2024-37276,0,0,8fa601787078a7d94291da07862d06b98f1c8d76701e8d01e1801face58b737d,2024-11-01T20:24:53.730000 CVE-2024-37277,0,0,6bef2521d0e634706c130550687638a5e0ab6b669a9a86df1df6f2836a4f4834,2024-11-01T20:24:53.730000 @@ -259273,43 +259351,55 @@ CVE-2024-37409,0,0,9364581be7202e66bd5c8a53afaeb756c6aeadedc492bd33f3c9787adca55 CVE-2024-3741,0,0,25f326421b9f818a010f30a2786962f9dafa93ebdc2bfe2ac81f7a3e183b31bc,2024-11-21T09:30:17.370000 CVE-2024-37410,0,0,7d374fe738b2a70cda5e0bcde07b0f0eb08916fa0f8ce9b5c35b69dc1774839e,2024-11-21T09:23:48.417000 CVE-2024-37411,0,0,539c9ba74440ec757738413151a7caa54078daf55fae6c28eb195237b181237d,2024-11-01T20:24:53.730000 +CVE-2024-37412,1,1,b262111892584be3faa325b5d05770dc3bece80e6b7d87614c4fce4e933faef1,2025-01-02T12:15:18.997000 +CVE-2024-37413,1,1,9146b36921387f7a1e8f5485b16916992d408e5fe7e15c52bc1011f5039cf9e1,2025-01-02T12:15:19.130000 CVE-2024-37414,0,0,b17768a2c35322719424d82b8d99b8eeb1b0722ef7359df2fe47589a790d1925,2024-11-21T09:23:48.663000 CVE-2024-37415,0,0,af01d48384aaa99316a76dca69db0ae9461c2df511bd2ae9eaabb6a5470c82eb,2024-11-01T20:24:53.730000 CVE-2024-37416,0,0,5d0e845746017fcae9d68517946526ed3f162b7223f5b172e27215ba67612c5c,2024-11-21T09:23:48.853000 +CVE-2024-37417,1,1,b4d9326845ed65ca752cc6cb77c5fd409c8b095f256a471046b8a34b581a0ac1,2025-01-02T12:15:19.263000 CVE-2024-37418,0,0,b5be742f2b0f657f16ef7c7bee7b4c807147adfa718f99b39cb7ec43e344f8c6,2024-11-21T09:23:48.980000 CVE-2024-37419,0,0,ce6908adfa9df4a3084092c43dd8dd6fbb37b38bfb7e06168f786938fa5734b3,2024-11-21T09:23:49.103000 CVE-2024-3742,0,0,92f0216e3ffe17c0eac7085919b94390b8068f7e7562a49440014e107f536a32,2024-11-21T09:30:17.523000 CVE-2024-37420,0,0,72971d3e9f0e04f02a79c24a1e1e42247a7d8d6ebf642efa1a6c9e554e23530a,2024-11-21T09:23:49.250000 +CVE-2024-37421,1,1,b47e9dc4fb32e21fa31ac66d683302c4a0fe0b960d791cbb93a2ccf245a025bc,2025-01-02T12:15:19.393000 CVE-2024-37422,0,0,2a75b53972867e4c450d13b3adda7ab15279d47f310e3412d1005863565f7f97,2024-11-21T09:23:49.370000 CVE-2024-37423,0,0,b6f0a1ea10418a17e840207eeb44c598a61abfe2266cc6c15d18e80f98bac4d8,2024-11-01T20:24:53.730000 CVE-2024-37424,0,0,8896f10cbe1f17f758451dee058a446dec96812f1feb0772c8e1cc9a6ab7691c,2024-11-21T09:23:49.583000 CVE-2024-37425,0,0,2292e95a55260ae04bd40ca09028ff81d6c41159f24c174854d6ba533210fee2,2024-11-01T20:24:53.730000 +CVE-2024-37426,1,1,ab8151c552451867df87874bf61c2e21c938ca0affbbc0694fb24d0d9259049f,2025-01-02T12:15:19.520000 CVE-2024-37427,0,0,ca62e1a1fb136dd5921e721be945658c95f18d221b28bab4e797b9c114f2e12e,2024-11-01T20:24:53.730000 CVE-2024-37428,0,0,e0967feb0808fdb437078244ff52b2d8e71358f0e68724f3d851c25c00e914b4,2024-11-21T09:23:49.880000 CVE-2024-37429,0,0,5f8575bf5ff94ebcdae86f116fd20534f9071936711e2c54792c3462f65eb058,2024-11-21T09:23:50.013000 CVE-2024-3743,0,0,de46e1c474019ac3dd352982209bacac189f2e5ba678baed808dcd9c7d1841d5,2024-11-21T09:30:17.677000 CVE-2024-37430,0,0,ddd123a7460cd354e7c0ed943ed5fc44297b333202a2cdd449df9cadc0cb77ba,2024-11-21T09:23:50.140000 +CVE-2024-37431,1,1,28916c971478e2602f1473cc608c8f8d23607f7ae02508967d2854216a5aaaca,2025-01-02T12:15:19.650000 CVE-2024-37432,0,0,aa8f36053b0942c9c26f582f8f5dd0c866a94355bfb57fd6a4fbe735eb72ea35,2024-11-21T09:23:50.263000 CVE-2024-37433,0,0,f940424bb812dcda04e11d29d8e55ac92e99504ee6904ed439b2b46053eafa03,2024-11-21T09:23:50.390000 CVE-2024-37434,0,0,36120d9c7e87980e2e1307527cd7a11a11c938978239c4f0793c6fd51d9e5013,2024-11-21T09:23:50.550000 +CVE-2024-37435,1,1,c244abd5b5a0c9e9ff6f399da15a7aa19e42c76f519076885f1f38a29744e3dc,2025-01-02T12:15:19.787000 CVE-2024-37436,0,0,1a15e40a088feb3812b5adb71d40e9fed325434bcb9cf65e3541837334271430,2024-11-21T09:23:50.687000 CVE-2024-37437,0,0,1d5aa812e29f677a3fdd749cac96157277cd5c81faec5a3768ac19d998c5df1c,2024-11-21T09:23:50.810000 CVE-2024-37439,0,0,e354cda7ff9428e597c95a9d735ca775975bd731d74f0da107e81eebea381610,2024-11-01T20:24:53.730000 CVE-2024-3744,0,0,22f9854b72da83ac49e85589aa7e0e4063d3c8169d1d605457ec40388ddcc04e,2024-11-21T09:30:17.823000 CVE-2024-37440,0,0,305565e45f3715198853353fd9627bf7950e27892559b50de999fc20f04d05a2,2024-11-01T20:24:53.730000 +CVE-2024-37441,1,1,2b0e39683a2349ea61eb26db63be9665dfe66ef7e30e957ab5d15588309e16f5,2025-01-02T12:15:19.923000 CVE-2024-37442,0,0,73275032ea418b01749ad40b539b48faaffe178fddc98e687df9c49344c34c5c,2024-11-21T09:23:51.123000 CVE-2024-37443,0,0,56faf64bc7e5f806e0c917a0a87e9689e0edef414dc765493efbe22dbf4896ab,2024-11-01T20:24:53.730000 CVE-2024-37444,0,0,bb63ae53fa628263d67e135139e182b6540fcc9405b6b7913558391daaec022a,2024-11-01T20:24:53.730000 CVE-2024-37445,0,0,381f19939df3bbe8a9a4808864371852a860bcd29f2f44dbbf5431530b08859c,2024-11-21T09:23:51.443000 CVE-2024-37446,0,0,ad15fe211a810c1117f99534103e3225be21e668d5bb0ffc5b31540eebd44847,2024-11-21T09:23:51.580000 CVE-2024-37447,0,0,1c7c6713de8b87bfc9efba2ad8c394ac43348e721c4e8e0cc004881c32d80f0f,2024-11-21T09:23:51.727000 +CVE-2024-37448,1,1,d4f34cb902ec0d6f614662ac98cd32ffd93738bdebd0a773263713dfa8067d23,2025-01-02T12:15:20.050000 CVE-2024-37449,0,0,a49d6ac4a35ba380fb8a2490a21ce7b08e803c333878523105f56b6b9a9386c8,2024-11-21T09:23:51.860000 CVE-2024-3745,0,0,bd78f04b1f9885b753f7c5394e3eb0bd3c2c428bf9fb81209ae73f54857a7a9a,2024-11-21T09:30:17.980000 +CVE-2024-37450,1,1,1c62f26d8d251d21ed82a4aab3291bd8261e4d292b79c90f140c4cbae402b437,2025-01-02T12:15:20.187000 +CVE-2024-37451,1,1,58e700353c4f24fdf2969c5d109d675e650d8b4886133791d020e96183a48d1d,2025-01-02T12:15:20.327000 CVE-2024-37453,0,0,55e253b0530c8456bcd2f52458e3d6f97cd556a3402c78cd0ea080ec733fbea3,2024-11-01T20:24:53.730000 CVE-2024-37454,0,0,e3513982acda3f98ce6307afc907d7bb95bf1d6c166d57d52d9e5e2ac33304fb,2024-11-21T09:23:52.060000 CVE-2024-37455,0,0,61fb4c3f2d96636977b00a25748898b0c39865d33dc292ef3eaa4144c0709ddf,2024-11-21T09:23:52.190000 CVE-2024-37456,0,0,1cc3cc6f11e05765ed4a00c543680eb72b053e2a67ab38f68194c9577b3fe985,2024-11-01T20:24:53.730000 CVE-2024-37457,0,0,bafd833d3b96def9a07f67bceab0f2727767c4fa9dded6afdaeb57795e9311ba,2024-11-21T09:23:52.437000 +CVE-2024-37458,1,1,856f9a248a6e1922a655029a322c2a55e70721bc952cf36014af206c96ae3f2a,2025-01-02T12:15:20.463000 CVE-2024-37459,0,0,ff1563cc1939cadc439b57b47e17927a10d2501f2764d84ed7c115f738946788,2024-11-21T09:23:52.567000 CVE-2024-3746,0,0,9710baf9bf3be8f33102fd2b8e0974e70bd3be9d3e430d9f6a8c36294ef0635f,2024-11-21T09:30:18.127000 CVE-2024-37460,0,0,d49f6672c77d9335ba853d157c907d4557b655a080b084cc4c3c4d6c1d665f9f,2024-11-21T09:23:52.700000 @@ -259319,15 +259409,19 @@ CVE-2024-37463,0,0,0c9e3e9c69dc3b295f36153ab7d590b32c5c3df64d79ba1d89febb04fd4cb CVE-2024-37464,0,0,196b6f7930d259fe2421a832d6f3b5d725fc43d11ab6d9f62b376b28bd77997d,2024-11-21T09:23:53.200000 CVE-2024-37465,0,0,b0ecdc7b82d736b5ea68d2799308ae038a5de79d78d091c99e47d068d824b1df,2024-11-21T09:23:53.320000 CVE-2024-37466,0,0,15fbd8302b54cf76dcf3489b124c8132e7d1fe29ad5c3affe1b94cf346981a1b,2024-11-21T09:23:53.463000 +CVE-2024-37467,1,1,eed35d6860dce7d02b27dea5270ab64ce6edefbfb844db365d386c09b5f3c2e0,2025-01-02T12:15:20.590000 CVE-2024-37468,0,0,9dd792d48a98823a2e07622ccb861fe7cf4bcdf683ca987cf4c06817c1fde86b,2024-11-01T20:24:53.730000 +CVE-2024-37469,1,1,48a183cf23f61f641653908a040465f582090695b1f9c9ef21dd009cb3d7c9a0,2025-01-02T12:15:20.717000 CVE-2024-3747,0,0,febabd5446783135e6c674b16733ad6351fe6dc05d07359ae6eb30bc2e75fdf8,2024-11-21T09:30:18.343000 CVE-2024-37470,0,0,a92631a08fe94bbd806fe05edf14860a412e48e0eecb2ec3f6a20c694bfa7b7f,2024-11-01T20:24:53.730000 CVE-2024-37471,0,0,ab0e5e26fa182324f797d18d1a476a944d5268fb874b409c4ad9b61542eac7a4,2024-11-21T09:23:53.823000 CVE-2024-37472,0,0,07682d0adeda20462c52ba3c8c0200175d089eb326fa031c5a5f1123a0e8a30d,2024-11-21T09:23:53.977000 +CVE-2024-37473,1,1,7f23a38b99f9fc230ba6b58fce36fe9213f2608b79292cf118ca17c3ecd9baa9,2025-01-02T12:15:20.850000 CVE-2024-37474,0,0,ca717c5129dd6c68c010a23e527444fe17d1675b559385d0434496af65b3fc66,2024-11-21T09:23:54.100000 CVE-2024-37475,0,0,cbfefe230d52e2669fc5428c99656387af5b1fa2063bc21971532b1efb6e9e87,2024-11-01T20:24:53.730000 CVE-2024-37476,0,0,70a287032cfd661bff7984072099f8a4cdceab398083881040e461561ca16778,2024-12-06T20:15:25.137000 CVE-2024-37477,0,0,8c01fedbd87fceaee08e35077f2e94dbeb84cf888cf74c6ee69973e245a2067b,2024-11-01T20:24:53.730000 +CVE-2024-37478,1,1,9cf90e33af876073c3814a596c3aa61d7fea138133040be58374f4c65bae4193,2025-01-02T12:15:20.990000 CVE-2024-37479,0,0,9aaaa4ef25c7ae11e8537120cb7bf226d7aefef3269d483dc0189d1a534c10d8,2024-11-21T09:23:54.570000 CVE-2024-3748,0,0,3cd921e4f9a499070c7216feb1d71d75725cdd06cbd3ca5f07632f39dc91c5d5,2024-11-21T09:30:18.467000 CVE-2024-37480,0,0,3a9ce5f957562287d8293e2da6c5bc55870c81b6c7f39a22438c6ccce2ea473b,2024-11-21T09:23:54.693000 @@ -259341,7 +259435,10 @@ CVE-2024-37487,0,0,9ebd766436a2fd5bd9b61fb991e87f25113bebfcb8064a68bf386d030bc8e CVE-2024-37488,0,0,89004066ebb1e2e29c2c04113c1f621f64b7128b99827f58a654c2342ba906eb,2024-11-21T09:23:55.693000 CVE-2024-37489,0,0,0206d3b246bb22c770424ebfaf483aa27e5741bc7202322eb5d92c9fd54ff238,2024-11-21T09:23:55.850000 CVE-2024-3749,0,0,ab26c789a7ac8ce19fde4851e58bc204349974fd8de39683308df38fe8fe1f9f,2024-11-21T09:30:18.650000 +CVE-2024-37490,1,1,a975bc957dbc1a34f5c6acdf5da3a1dc49162241039a97505d5a1fb69777e9e4,2025-01-02T12:15:21.123000 +CVE-2024-37491,1,1,e75d28ffad74d40987b7b4a81d753803dbb387104305ddebb405de67e366c63c,2025-01-02T12:15:21.260000 CVE-2024-37492,0,0,54a6a2bc0ac12494e4277ce9fc5c8eabcf8c7c5eef95eaefc5db9387fbac47f4,2024-11-21T09:23:55.987000 +CVE-2024-37493,1,1,0d4d53aab30fd07c3939856cc6d18dc65643676dbec728321254cb09cf87522e,2025-01-02T12:15:21.390000 CVE-2024-37494,0,0,9bc61ecd0c2c4114785644239ca1b04987c739534fda2f5cae784b2b7fcafc06,2024-11-21T09:23:56.127000 CVE-2024-37495,0,0,c1803c5bbfed59e340334f71ccc952ffd361d9b4a916f866320643e4d6abdee6,2024-11-21T09:23:56.337000 CVE-2024-37497,0,0,9534c968c4bb6e17f48332b1174320fa5280929da5e69dcc848b7267047a8f42,2024-11-21T09:23:56.590000 @@ -259351,19 +259448,23 @@ CVE-2024-3750,0,0,86c6ed7778c45633413e0ed03a7373d172eb7038b6a0cdb8789612f34f0f4f CVE-2024-37500,0,0,dccc31504725aa5a851f4b073f43319be9fb504bc9ec56dc53740385ec62c99b,2024-11-21T09:23:57.100000 CVE-2024-37501,0,0,949e153b6e4351c512039580e6dff51c810c28d7f01c894d435f83ab3bfea1cc,2024-11-21T09:23:57.270000 CVE-2024-37502,0,0,d8e3c0a23c7f5f097cbdc5b67cb3f629b0c75ff86cb391078ddbbf49c7eb8708,2024-11-21T09:23:57.423000 +CVE-2024-37503,1,1,596848530f1f3c2017e054be0312aba12ac4c99dd37b1509dc9ce6e691f6f092,2025-01-02T12:15:21.517000 CVE-2024-37504,0,0,7cf56a6fb0a4b27472183180d64e2da8a921ae660fb222929e749e881597864e,2024-11-21T09:23:57.583000 CVE-2024-37505,0,0,790cb2431ca8438675fa8c073ac281a322c47e6587d9daef76c523a50d7a0fde,2024-11-01T20:24:53.730000 CVE-2024-37506,0,0,180626a8f97e1254795a7eddc69efe3b3cde29e2df2266b7db7465b0e8d37be7,2024-11-01T20:24:53.730000 CVE-2024-37507,0,0,fa4c1b084c5f9ef0879c78d2c96cede7fbccb4f1ca6abd60d1215bf7d7a19bd0,2024-11-21T09:23:57.957000 +CVE-2024-37508,1,1,c2ab1dfb2db632cf67dc1c5050cb1bf8205091abff48541d2c5a3b89f1993f16,2025-01-02T12:15:21.650000 CVE-2024-37509,0,0,d5e6b19ed3d1ad64df945928790d1a3a5613e29bb97344590c25e1d26093d4da,2024-11-21T09:23:58.110000 CVE-2024-3751,0,0,72e9fb4120c75b7bf3ad8c9d0ee0ee4cf520292ab9247727447e65abb1e849e6,2024-11-21T09:30:18.963000 CVE-2024-37510,0,0,24f65a45fcfdc8da10a3b0d214c6ef398c4bee32c150dcd42299d5919b41901d,2024-11-01T20:24:53.730000 +CVE-2024-37511,1,1,9e5950287c32151aa68a08e1701d0dc90302d3213ee324af9fdd37b21f54f8c9,2025-01-02T12:15:21.780000 CVE-2024-37512,0,0,3f655d61c5867892f2c2ea63742a763aafe9ad9bd93fdccfc32f6d0aa72d91dd,2024-11-21T09:23:58.413000 CVE-2024-37513,0,0,d0bdc814a11e9a23902da654b5838b30392488394721377007e11c4ae0194a9b,2024-11-21T09:23:58.577000 CVE-2024-37514,0,0,fe2ffa44d7d18f72b116c084c5c19179a8d350b5a958692e6fdf1436e7c5cf82,2024-11-21T09:23:58.753000 CVE-2024-37515,0,0,582164ec1fd25d4ba342bab313332ca8898667a47350909b25f12fec1c53277c,2024-11-21T09:23:58.913000 CVE-2024-37516,0,0,8c4832eee7b3c11fff61b00c167dc198dfe7dae4dc8bdde45e8fcb3088425590,2024-11-01T20:24:53.730000 CVE-2024-37517,0,0,6218450bfa9cb70b8555c05d9370529c7e4cc62f6754e52b70acf9e14d0040e2,2024-11-01T20:24:53.730000 +CVE-2024-37518,1,1,b360bfae3d30001112c1e2213b1455670d6325e14c8c92b7fa6092a09c86ec56,2025-01-02T12:15:21.910000 CVE-2024-37519,0,0,0c54d2d985a28e4dc95e6d58ab1b69c81bb80ba8fec548888f5876dbc59874a5,2024-11-21T09:23:59.260000 CVE-2024-3752,0,0,e88ebf8ccceb210daae1e9d6482672b0fa2cb8af7aea3e8caf75e1d55ab2e9c9,2024-11-21T09:30:19.150000 CVE-2024-37520,0,0,c2601772804e1cfee195894ab6b7cf60b06b0ebb1999f0d1b12743ce6abf164a,2024-11-21T09:23:59.690000 @@ -259381,8 +259482,10 @@ CVE-2024-37537,0,0,eca643d38932d765fd7ecf45a569994c559994e6edeabd07b2c2cd42d5223 CVE-2024-37538,0,0,907b7fe356efc61ad02c2d5ac461247b78effb9dfc3dfcd8e72cab9023a8e3ff,2024-11-21T09:24:01.930000 CVE-2024-37539,0,0,b489e1b4cc43f952aac6d4f83d9f577a94a1a6ab61aef89092f1aa848181088d,2024-11-21T09:24:02.063000 CVE-2024-3754,0,0,7f80ca59388ebf076145ca3e7febe8eb4f140fd50eea26ee3bf8879f3d57de82,2024-11-21T09:30:19.537000 +CVE-2024-37540,1,1,93a908a15332e373ba2d2932e0ca1ffb8ddfc2ebc9e031e398149590f249fbd5,2025-01-02T12:15:22.040000 CVE-2024-37541,0,0,ccb3a00607b7743262418408c529171d5c2c25a071c03023b8f7afe654882adc,2024-11-21T09:24:02.210000 CVE-2024-37542,0,0,288698e6f24853a24b9df0e775a2a8b084fd38106e49e42cdee70b5381e34c82,2024-11-21T09:24:02.360000 +CVE-2024-37543,1,1,580d9d92e40c1d39fca46c0ce3d934eafa62455fd71a6361850e92aa0199a7e1,2025-01-02T12:15:22.170000 CVE-2024-37544,0,0,d805f40352bd0ff1b6f963f4eb4e1e40a583869d3bf84385d8889e3a8fe75f70,2024-11-21T09:24:02.510000 CVE-2024-37545,0,0,fb90924d38457d1dd3980d6196d7b7d50a9cba7f79a772178a977ff07aba98d9,2024-11-21T09:24:02.653000 CVE-2024-37546,0,0,94cba47491c6527d0c496367312fafbcf43143c4bc5b99da55566f99264fe5a7,2024-11-21T09:24:02.800000 @@ -259608,6 +259711,7 @@ CVE-2024-37933,0,0,e9282c5d904554a04bf14fad5af2bfd706f0a4e8b3be10d16be330ab53f57 CVE-2024-37934,0,0,ba163b7fcae520a317bd695823de0775cd35f156c835e82b924f583ee6dfad84,2024-11-21T09:24:32.513000 CVE-2024-37935,0,0,d8df3ce21537a0faf07d3924a94ca6a0aad2e4ae4a1b678124cf314cd715186c,2024-08-13T12:58:25.437000 CVE-2024-37936,0,0,d25ba5c67c0db6d849ac88ca33248eff1760cbcf37d4757d2cbfdae21efc0eed,2024-11-21T09:24:32.773000 +CVE-2024-37937,1,1,4dd20e9730b00cf1b0ad2ff27e604b8ee6c2c60be1b2484dee682d5e520e0857,2025-01-02T12:15:22.297000 CVE-2024-37938,0,0,e3c1c3aa70fbb988b2f75a9eb0b74fa4e3d6b23dcc0eeef07caa3d2df84907d0,2024-11-21T09:24:32.900000 CVE-2024-37939,0,0,7d78b13316567066ec29ff62b340c009cf9861fc6bbdb739181963e7eed92f9f,2024-11-21T09:24:33.030000 CVE-2024-3794,0,0,b99e0638ae6d64a4952a006e0c982ae6b521173babc0ec8536874ade6e188da5,2024-11-21T09:30:24.920000 @@ -260330,6 +260434,7 @@ CVE-2024-38688,0,0,c5b30a411c671b0fd64a758fbbc25ac95f365e054aa5766ce55f55714b200 CVE-2024-38689,0,0,d3cfe121c75d04c62d411dc78570e6cff30ffbfd7916d881eaeb0ffadd59cccb,2024-11-21T09:26:38.243000 CVE-2024-3869,0,0,f1a50da7f9e7f3e76dbec38f10b38fbdbcde1ee7dfd1e228bd624433f4a8c6a2,2024-11-21T09:30:35.820000 CVE-2024-38690,0,0,70914b4ab49716a13535437843abf6a44c18215a114c6e2c3408bf0943582650,2024-11-01T20:24:53.730000 +CVE-2024-38691,1,1,f6f2b0d374521e3c5eee5906804c6f0167bfbf594d1e523a6b2fc64817b75c14,2025-01-02T12:15:22.423000 CVE-2024-38692,0,0,f7131c70baaa801d230e1c518d3d7557b1026cefa4f16b21994c0453533b226a,2024-11-21T09:26:38.480000 CVE-2024-38693,0,0,0985eb2740db05e080ef65894272e0270d9a9dcf773be8deec52e0b9e8284d20,2024-09-13T20:35:41.127000 CVE-2024-38694,0,0,4f44c8572906963844e78da3eb333051b011ba2ec84a54e4a2fa58a6ca40756d,2024-11-21T09:26:38.690000 @@ -260370,6 +260475,7 @@ CVE-2024-38725,0,0,e0d4c12b2bb4d9ee38191b46efb3d38da214ac82efd66acb8c86bbcf9172d CVE-2024-38726,0,0,2385f70ae229e6f55914d92128464b7935d78d34f3e1fd57430abbbfe7991c2e,2024-11-01T20:24:53.730000 CVE-2024-38727,0,0,ec4f63d552710b6690e263a553d6f46315846bb04cb948be60b585385b9d3bb9,2024-11-01T20:24:53.730000 CVE-2024-38728,0,0,10d8861c0637bdecd5b1295b14d6a4349b5fabf4d58baec6ef22a354ebde3f93,2024-11-21T09:26:42.600000 +CVE-2024-38729,1,1,746a9b26451ba310c098642010082cb8c3081a79cf2a026c078ac5476662d8a1,2025-01-02T12:15:22.553000 CVE-2024-3873,0,0,ace225d8cecbbdd76240c077c47719bb3674297b2a8356f3c4a58f6da7a87c39,2024-11-21T09:30:36.307000 CVE-2024-38730,0,0,f124e83d4d721bb9a32f2914b07ebe36c973ea3fdcb5ebfa4fed7488906d9bb8,2024-11-21T09:26:42.747000 CVE-2024-38733,0,0,8448885a8639021c45a82a6eab6375ed5f50c7d40afc1b515176f7414fca2ca7,2024-11-01T20:24:53.730000 @@ -260392,7 +260498,10 @@ CVE-2024-38748,0,0,8b10e3d45b2d7841f932e18531ec0bbbbe52d9df2a25aff056fb44676ee59 CVE-2024-38749,0,0,9cac44bd60a189328f8a96d4e9a4cc173a1d715533e0c5ebcab85c3cf2df8979,2024-08-13T12:58:25.437000 CVE-2024-3875,0,0,fe434912d663e886f4e3e29cd1c0ee527a603c6292ee9db9f6bb0bfc495a0e4b,2024-11-21T09:30:36.597000 CVE-2024-38750,0,0,f3d180e8c9a537e3f35b0a267bb1076590b0494a5b3a159f9756f13046728710,2024-11-21T09:26:45.343000 +CVE-2024-38751,1,1,881c2377657f7199dc7869f1549431830d7acdfbb23861f0c63206f0614a3983,2025-01-02T12:15:22.680000 CVE-2024-38752,0,0,85fbe1960c245df4c649f4f347181dcc979c1ed8621bbf1b1fde834ce5b9452d,2024-08-13T12:58:25.437000 +CVE-2024-38753,1,1,883fbbb12ca49b997fd4d1f683397381b6d251b49baf0db9ec339d017451c589,2025-01-02T12:15:22.813000 +CVE-2024-38754,1,1,872bcd0b2e90f38b934d2024ffa6854391dcc3de31612604a92047916c617653,2025-01-02T12:15:22.943000 CVE-2024-38755,0,0,279e859ba1e7434f2b9e0f5d47254bdae95dd161fb44e8728a313a81def0a5b5,2024-11-21T09:26:45.557000 CVE-2024-38756,0,0,d19a94e70a964dc8bb4e73bba21106e200715bf0ed1ae07d6ced1b0e1d6e2b52,2024-08-13T12:58:25.437000 CVE-2024-38757,0,0,059ebf8661c5c12d820942a389fa1f209fd046537790c40bae7849abcf11ee8a,2024-11-21T09:26:45.803000 @@ -260401,6 +260510,10 @@ CVE-2024-38759,0,0,9ac9da36b88c559f8aba5bc282baa5303a4aada52f5c758604b65a4626a9c CVE-2024-3876,0,0,4a1ad585cd81213fcc981bd0b597c0609a60650bda6e5e61ecd897d6f0073798,2024-11-21T09:30:36.723000 CVE-2024-38760,0,0,0bdf6e1b54e81553a2be16eae0f92d6916d49f215e9ddf726505be76f65b5d22,2024-08-13T12:58:25.437000 CVE-2024-38761,0,0,b807f6ec3b4c1b73a62fb5ae540f930ff00fef0c3ea616b60a69805afd807996,2024-08-02T12:59:43.990000 +CVE-2024-38762,1,1,b1ccde7cea90a4337d25a388f30fead2e5f6b84407f13c744417b15bc6eff089,2025-01-02T12:15:23.073000 +CVE-2024-38763,1,1,6c5e2d895ce6ffab5975e846902ebc548a93bfd3fc93cca00828359c26042eed,2025-01-02T12:15:23.207000 +CVE-2024-38765,1,1,cd5e2451c26ec38ccbfe100a9b0e2dc3371f6f25d3b564ae6c9d866acdc4829b,2025-01-02T12:15:23.337000 +CVE-2024-38766,1,1,202866bf48f8ea9433fc70da9b9273f46878d461c2b3cc94e24f7a6cb153bb43,2025-01-02T12:15:23.487000 CVE-2024-38767,0,0,fbf72db56b2c3319d2ba5902f993c4818e7574fe761f64435b5a8fda9e194b17,2024-11-21T09:26:47.073000 CVE-2024-38768,0,0,ae32a1bedaf091cf7bb9f7bce8b2963b6d87ad140bab23589e746f49a4a50e4e,2024-08-02T12:59:43.990000 CVE-2024-38769,0,0,7453ef1008308d0d8eba420a2195f488ead7bd495afa2ace09b4382293c795f4,2024-11-01T20:24:53.730000 @@ -260423,7 +260536,9 @@ CVE-2024-38785,0,0,07037cb16ba94bd50736745d5c922040bc2ce584dc2d1b68e039c17ff796a CVE-2024-38786,0,0,a3945d26053fac2588fcb2b904e0a138f2d9f54dc61623305952d8af8bf018ef,2024-11-21T09:26:49.673000 CVE-2024-38787,0,0,ce7fa025b58714f14aacaeb7eb2f416bc7734c686cf55df8ca8a5a341cb30431,2024-08-13T12:58:25.437000 CVE-2024-38788,0,0,3b35408d3a24d65f413e2071d9e6ff186341b76a67f561c74fad26cddceb0418,2024-11-21T09:26:49.940000 +CVE-2024-38789,1,1,2dbfd8f0b43e8409e29cb5a9f4799066d2dea7df0606a624fe9181f65522f0c6,2025-01-02T12:15:23.633000 CVE-2024-3879,0,0,b3f62511bfdc726f0a4ad7ec2b72e4d548f75fa34f76b9097220affff929e03e,2024-11-21T09:30:37.120000 +CVE-2024-38790,1,1,9a664df916a0cc3fe09b78815c6ed969c9242dc8f10c23d0a0242c4ef1e37bba,2025-01-02T12:15:23.763000 CVE-2024-38791,0,0,7eb8f94e68bf3536fdb2800ab03bca013d555a84b835d5cdd5aafe7b3cf9aade,2024-08-02T12:59:43.990000 CVE-2024-38792,0,0,e62ad1d58d17db35f23147b02103d010f9465e0c2ed86e9d15a60072344a696f,2024-11-01T20:24:53.730000 CVE-2024-38793,0,0,3abb4fadd98983f9c8a3f71f42811284ca10c92d1b43b534ec7aa2558a41abe1,2024-09-13T20:57:16.150000 @@ -264018,6 +264133,7 @@ CVE-2024-43923,0,0,fb391e1d8ef80bf3eb533a195b9b984054220925de0e18cd44209da03c058 CVE-2024-43924,0,0,1590d11423e0809e2114f547264d5d87de5afccf03eb7a514c9f2e0091c79106,2024-11-06T17:03:52.480000 CVE-2024-43925,0,0,a182db0dcda627353f77f42897e620c96a437a7902a46919415d1796773e8a15,2024-11-13T01:23:41.317000 CVE-2024-43926,0,0,4227c1e2780a9c990afd2258a98fe8a8d94a1f0ea88ff49cb0d7549758010ed8,2024-09-03T15:15:45.160000 +CVE-2024-43927,1,1,fb6fa97ba335d81cf1ef9ee56ac1fae1714b717bad062c87266bd2239b2b12c4,2025-01-02T12:15:23.887000 CVE-2024-43928,0,0,e1f48db03875aade417e10087177b1e061f4d088e61cfc8961cbdcc99afc8ece,2024-11-12T20:49:01.817000 CVE-2024-43929,0,0,ca8944c591dc1497c545c64a871b380d7941aa6c8b1681913f822086a3440491,2024-11-12T20:49:57.193000 CVE-2024-4393,0,0,2d7de193471f9a7e8906673ce8b971b3d42c231a139f58d29f2e815390062ff6,2024-11-21T09:42:45.563000 @@ -271292,22 +271408,28 @@ CVE-2024-56013,0,0,66afe1219cf5092e0bf59ef7fb7049edb9487332252559e650d10503ecabd CVE-2024-56015,0,0,dfe5c22265c2efda8e516b0d8c875d07a90e2f08f73621c0911a45a6859c217d,2024-12-16T15:15:28.230000 CVE-2024-56016,0,0,72352c145c24e5c7235f05940e5baa008585f6941c1f5a0f55cd9079c6cdfebe,2024-12-18T12:15:11.940000 CVE-2024-56017,0,0,712e189d98a2fef52195f7721a474e0e74c8371658ef85b000d5f3fb7476b956,2024-12-16T23:15:06.923000 -CVE-2024-56019,1,1,83d70d32a9e0b9753a4adf96511f9ab1cd08229cf3cc76217d7a268e7cb8180f,2025-01-02T10:15:06.883000 +CVE-2024-56018,1,1,4d084b38665dcfde2df12f67a2c9a4365026088d043ba7451ef5853217c4b167,2025-01-02T12:15:24.023000 +CVE-2024-56019,0,0,83d70d32a9e0b9753a4adf96511f9ab1cd08229cf3cc76217d7a268e7cb8180f,2025-01-02T10:15:06.883000 CVE-2024-5602,0,0,f0b74b0cc64b84af5cc9e3e41d215e059dc6bc39d5e4f09c9ace9e8dd21b7bc5,2024-11-21T09:48:00.070000 CVE-2024-56020,0,0,476ea910e4a1da46b4225d74e2a20edb782c1228a8025cc0b5070e72f7bd5a1c,2025-01-01T00:15:57.060000 CVE-2024-56021,0,0,99781f5083f6468e16fe61404ce769cc146b4eb18990086f06e7d237942f8b02,2025-01-01T00:15:57.210000 -CVE-2024-56027,1,1,f49e978b73c98c17d51656924ff1c95e446e9787fb584947d45ab36d6e156275,2025-01-02T10:15:07.060000 -CVE-2024-56028,1,1,635b698693c8378a9c631d6f108e0e1473014fe138c27e1587204dfa9007bbea,2025-01-02T10:15:07.240000 -CVE-2024-56029,1,1,8a94f1e6b6ffe15f53d468e03ae9ba69528799910046679da9c47b161cfe9f47,2025-01-02T10:15:07.390000 -CVE-2024-56030,1,1,127aedd8156d2b0d472a6228889aac8f5f08eece4c201882a522f655a7afc12d,2025-01-02T10:15:07.523000 +CVE-2024-56022,1,1,929e1facdd60c42a5e6ea90805f1b44dc19ac43026be4423a986da8480d4a7c6,2025-01-02T12:15:24.157000 +CVE-2024-56023,1,1,0ded7f65ebaf8d0c0395f9f5659635f8286e4d61586228ba95d5888ea755123a,2025-01-02T12:15:24.297000 +CVE-2024-56024,1,1,5755b9087b2a1681cb3cee8610d96cf113fe1afbdbfd11697177658b9a070c42,2025-01-02T12:15:24.433000 +CVE-2024-56025,1,1,30c3da9b8d60bde026d896438d3b7c507c9dce1baf6a9ad2b588e1252c3c1fdb,2025-01-02T12:15:24.570000 +CVE-2024-56026,1,1,ef9f659551645a8bf26b8448ca781633d6c0d7f37e0f8b04fffa1c474b2326a1,2025-01-02T12:15:24.707000 +CVE-2024-56027,0,0,f49e978b73c98c17d51656924ff1c95e446e9787fb584947d45ab36d6e156275,2025-01-02T10:15:07.060000 +CVE-2024-56028,0,0,635b698693c8378a9c631d6f108e0e1473014fe138c27e1587204dfa9007bbea,2025-01-02T10:15:07.240000 +CVE-2024-56029,0,0,8a94f1e6b6ffe15f53d468e03ae9ba69528799910046679da9c47b161cfe9f47,2025-01-02T10:15:07.390000 +CVE-2024-56030,0,0,127aedd8156d2b0d472a6228889aac8f5f08eece4c201882a522f655a7afc12d,2025-01-02T10:15:07.523000 CVE-2024-56031,0,0,164d110e676e1c7a453ddbd792f4656e271b4b29a8622a61c1824848da1a39d7,2024-12-31T13:15:07.343000 -CVE-2024-56032,1,1,d649d7de18bfeb6e819b3c0781fa9b3d3b036893cbc30181e8b4dedeeb274901,2025-01-02T10:15:07.663000 -CVE-2024-56033,1,1,5a7984a643ca7531418a685934257f71dafcbc1468118a4389ee43aeadb5b04b,2025-01-02T10:15:07.803000 -CVE-2024-56034,1,1,17a5e6b24c7bdc8e90d24db699cb7a8b6ef5222f56d3370899c3e940b2192d22,2025-01-02T10:15:07.947000 -CVE-2024-56035,1,1,ed6b13950852a52252de96255e4ffbb50f9a80c57d4bdfdc2fcc61ca68905203,2025-01-02T10:15:08.080000 -CVE-2024-56036,1,1,0f0eff26aafb975c5efc160deab2028ae82681998e9fbae299af528f5b2df53c,2025-01-02T10:15:08.220000 -CVE-2024-56037,1,1,44b37e1007e64d0d862a4a135202f8e7d44384711a88f18e4fbba4a3d49469f6,2025-01-02T10:15:08.350000 -CVE-2024-56038,1,1,a23910183c06fa294826ec2028d6f11a5323f11af85e1b847c08eb1ddd860c18,2025-01-02T10:15:08.497000 +CVE-2024-56032,0,0,d649d7de18bfeb6e819b3c0781fa9b3d3b036893cbc30181e8b4dedeeb274901,2025-01-02T10:15:07.663000 +CVE-2024-56033,0,0,5a7984a643ca7531418a685934257f71dafcbc1468118a4389ee43aeadb5b04b,2025-01-02T10:15:07.803000 +CVE-2024-56034,0,0,17a5e6b24c7bdc8e90d24db699cb7a8b6ef5222f56d3370899c3e940b2192d22,2025-01-02T10:15:07.947000 +CVE-2024-56035,0,0,ed6b13950852a52252de96255e4ffbb50f9a80c57d4bdfdc2fcc61ca68905203,2025-01-02T10:15:08.080000 +CVE-2024-56036,0,0,0f0eff26aafb975c5efc160deab2028ae82681998e9fbae299af528f5b2df53c,2025-01-02T10:15:08.220000 +CVE-2024-56037,0,0,44b37e1007e64d0d862a4a135202f8e7d44384711a88f18e4fbba4a3d49469f6,2025-01-02T10:15:08.350000 +CVE-2024-56038,0,0,a23910183c06fa294826ec2028d6f11a5323f11af85e1b847c08eb1ddd860c18,2025-01-02T10:15:08.497000 CVE-2024-56039,0,0,b478b593c841086df3059cb687969d54e2e0fc84360d19ab1d6fab2484be0468,2024-12-31T13:15:07.517000 CVE-2024-5604,0,0,8891da3265bc2c375fdbcf484ffb602948ffb13c3bebcf06f381e67d81cf40c0,2024-11-21T09:48:00.187000 CVE-2024-56040,0,0,f74b3aa9cc0036aa1c48534068a22cf04f07572eb2bdb25711b867d8aa5ae75d,2024-12-31T14:15:24.333000 @@ -271331,7 +271453,7 @@ CVE-2024-56057,0,0,52ab628951e1d719b316ba7abe1325c61108c1e1b94190c530d208ac2916e CVE-2024-56058,0,0,acc256b72c6ddf178feafe627688e78f25a5d2961313a94b4eed1089cb116425,2024-12-18T12:15:12.087000 CVE-2024-56059,0,0,54cd8436a78994ce8bff57ca5e507720ff26093eb1124abb1e7cdd3e2c39fdfb,2024-12-18T12:15:12.237000 CVE-2024-5606,0,0,98eaf774fa1e05fbd39a41e5847ce28629e9cd607119c8a5d04808d521a366d5,2024-11-21T09:48:00.483000 -CVE-2024-56060,1,1,0f3312e9d6413a25aec1071a6e8c68261e755d32a80bf87275e580f1283739b4,2025-01-02T10:15:08.643000 +CVE-2024-56060,0,0,0f3312e9d6413a25aec1071a6e8c68261e755d32a80bf87275e580f1283739b4,2025-01-02T10:15:08.643000 CVE-2024-56061,0,0,a927c092dd0f95397e0b307c4e1af3e8d5bb91f2a179bdfbffe24b5ff58f5233,2024-12-31T14:15:24.970000 CVE-2024-56062,0,0,a68267c3d9f7064bb59fb4f28588d4e43254c3a9900c31578ce50b1e9a343671,2024-12-31T23:15:41.237000 CVE-2024-56063,0,0,dbf4087854748dcb677e5e6affa02148aa5f27de6a2f943cb60c909e35a2a408,2024-12-31T23:15:41.393000 @@ -271339,7 +271461,7 @@ CVE-2024-56064,0,0,c92953f604dbab61878ff679cbb2e798705688f7ee2ce65f0fa32fe474bb5 CVE-2024-56066,0,0,01aedb23e256a17287f4e2685f8a139aa0bf4d7c2cd9e70526b093041a5fc74c,2024-12-31T14:15:25.117000 CVE-2024-56067,0,0,5767ad166f2dc6b99e9b5333bee9e51f87f01f4372cdb6bfa1bf5c9bbf869a41,2024-12-31T13:15:08.323000 CVE-2024-56068,0,0,b15e0be15a5e6c7166470b5c00fff2521399d614dad3a6d77dcd89cfa369f5f9,2024-12-31T13:15:08.483000 -CVE-2024-56069,1,1,02d2bdc64561ffea3d46f8ad597175e62f6594ff91a8ea984c01b7f2ca93894c,2025-01-02T10:15:08.783000 +CVE-2024-56069,0,1,14c18c68fb7de13ca5519018b4ae8c686c3fccb8b8cca073c4b4d7f468ccdedd,2025-01-02T10:15:08.783000 CVE-2024-5607,0,0,2f2e883967a2421396c2c72ed671760bd1b0ce90e12a34d10be305825ec8d97f,2024-11-21T09:48:00.667000 CVE-2024-56070,0,0,cdda6b10584d633f8db0ff2915b492bb06809767c9f02d72ebcbfca8ba566624,2024-12-31T14:15:25.257000 CVE-2024-56071,0,0,ab621aad8232ade06424a85f2d8ed086951040fe7cf9a05e25eb8e2d8dbf5542,2024-12-31T13:15:08.633000 @@ -271414,15 +271536,45 @@ CVE-2024-56232,0,0,4348511b91bfb8c85a5dddc2c464ac42db20935e408a659d8e4959fa777a6 CVE-2024-56233,0,0,039dd907be96a71ba29e521ef56e08f0c4c68972de8e6f5808b697533895e699,2024-12-31T11:15:09.090000 CVE-2024-56234,0,0,b07c2ba8a34810e1dd5b90c17eea0c9bce20b99700c195869b0094b59d5024e9,2024-12-31T11:15:09.237000 CVE-2024-56235,0,0,660224e2b08dc2bf0dbf160a418fa525479dca1cb61789ac5cffe9b51cc958ca,2024-12-31T11:15:09.390000 +CVE-2024-56236,1,1,3375b9fa00c09c3a4ec5bb155f1ce20280481d5ba53bc4e2faad2eb89da0f515,2025-01-02T12:15:24.850000 +CVE-2024-56237,1,1,6f42e509671af4e7a37e747b3fb638781187c435ca908ee68425ac8cd5380118,2025-01-02T12:15:24.993000 +CVE-2024-56238,1,1,0b750e90a2ffd64683113ae635d69637dcdb79737722f2c4cf5e643497ecbe21,2025-01-02T12:15:25.120000 +CVE-2024-56239,1,1,700a3b426a30cc0089d27a37aafa1757ad22553ee5b7a29233233268c085a599,2025-01-02T12:15:25.250000 CVE-2024-5624,0,0,7f93c754c9c6e0a4611cd66d82be3519ca19fdbb2803818bcf7cbddb963f07b6,2024-09-13T20:23:28.787000 +CVE-2024-56240,1,1,c00dc13b6e6af00d09e5c6b9b4ace4ad362c5ba2c24512212b495e74503a2ba3,2025-01-02T12:15:25.380000 +CVE-2024-56241,1,1,ffc4f27e3d25bf676d94883fea69e8f95a7ec423306003a2df28942d364ec482,2025-01-02T12:15:25.510000 +CVE-2024-56242,1,1,3adbbed10f6e79bbe469808f3e8edd4ef86846ef24925777b12e790f7a094d59,2025-01-02T12:15:25.640000 +CVE-2024-56243,1,1,c2d9775ac5b8caceb66c8d3ad091ae6d30107819ea0cb8c12003b424bc7ac147,2025-01-02T12:15:25.773000 +CVE-2024-56244,1,1,c59011f11f381175db3b49860e70ba854a7c5151652215529549acc835e8560e,2025-01-02T12:15:25.900000 +CVE-2024-56245,1,1,9d71a381bda40a902954ff297f822606077ce0bcbc1ad90ec66f94bb0cd840fb,2025-01-02T12:15:26.033000 +CVE-2024-56246,1,1,ebe9b8696178d0ae6f5a7d7c5b56903a1ee01a0eb219b14f1206192314fe7eaa,2025-01-02T12:15:26.167000 +CVE-2024-56247,1,1,051a40de43c3f532722c700bcbfa31ec87bdb595cff729b0dce8c65daed187e3,2025-01-02T12:15:26.293000 +CVE-2024-56248,1,1,b0c07954c8a8527afda695c83f7b89d9bae367a90f3edd6234292ba5d58dd0ab,2025-01-02T12:15:26.433000 +CVE-2024-56249,1,1,846f436805b40ab89d12635e5613fcfa2816cb27db35fe89ef7de026947668b6,2025-01-02T12:15:26.573000 CVE-2024-5625,0,0,d3de3914e71e24c0640febb528961abd09321cf732dc235d08627199bf00a95c,2024-11-21T09:48:02.390000 +CVE-2024-56250,1,1,648bf2fa8f40ab8916620a8773cfb73dc79d8a0d0ec042791510c8e788065471,2025-01-02T12:15:26.703000 +CVE-2024-56251,1,1,4a0655b61bf65503ae605d1646e88ca0cc9cf8040e843b0862a5b43bf8bb832a,2025-01-02T12:15:26.840000 +CVE-2024-56252,1,1,ad8d15923e63fae367ba785c080df7eccaca09a46d8741800416a66ca7a9eb71,2025-01-02T12:15:26.973000 +CVE-2024-56253,1,1,cdb04f918b64a3e0fe1feddfce3871d3d3d89af738462ec4e10b6a348d58247a,2025-01-02T12:15:27.110000 +CVE-2024-56254,1,1,8cb4497e36712c76e4076ccb8dd81a0626dd7a009f77bb8c2b781b898726f8cf,2025-01-02T12:15:27.247000 +CVE-2024-56255,1,1,191fe995e1bb1093386ab30210db18b0136b730b35635f1e2fc6fdf18db2ddee,2025-01-02T12:15:27.373000 CVE-2024-56256,0,0,0539e9ac8f9d8a01c76e1f3d918e1acfed86cca46add33562786e27e02d1fc57,2024-12-31T11:15:09.543000 +CVE-2024-56258,1,1,101e6229c7829ba757af034e7f592e71e97f4517eeb1e9ac1b7c749614c8404d,2025-01-02T12:15:27.510000 +CVE-2024-56259,1,1,f621a58a0fc8ba5af10e56aa80418e98fc47cc4f2dbc3f9fe13de83dbd119510,2025-01-02T12:15:27.647000 CVE-2024-5626,0,0,93ceb7b86ba8ddeb56f02be4839062ac9cafc2abafa79ca42f7d116eca5e4c5a,2024-11-21T09:48:02.503000 +CVE-2024-56260,1,1,bdc517f0ecd10314b099b93edff47128f997f174c0d2072d3f7da89b07e3e61f,2025-01-02T12:15:27.780000 +CVE-2024-56261,1,1,812adb46902124594f6c80c039d8f94a984ff87c389d0b8316ecde678ed91ee1,2025-01-02T12:15:27.920000 +CVE-2024-56262,1,1,030298701ffaf57c87226158ec531042db64f71a135be4e8a2720ccaa4ebdb67,2025-01-02T12:15:28.053000 +CVE-2024-56263,1,1,689cecf4b42b8863bd096e069d42bf9ed46bead7af2e8118dda4c013b6440a87,2025-01-02T12:15:28.193000 +CVE-2024-56264,1,1,78e3540cff40941b5bd30d7d73f182cb0bf2f15223dafe4f91282d2c9d53d208,2025-01-02T12:15:28.327000 CVE-2024-56265,0,0,5bb6cbd19bd3cb72df53ec543462cc492be8008573f66d8a4a533f195e4791cd,2024-12-31T11:15:09.707000 +CVE-2024-56266,1,1,0f4e2f7186b3094aa64c26c3b4793db00d17992917f053998016a8fdfee2caba,2025-01-02T12:15:28.480000 +CVE-2024-56267,1,1,a921ca0ab2a1a199b83b0f4fdeec6e64b2583d8eb9127a0e5cbf55c342b40eec,2025-01-02T12:15:28.617000 CVE-2024-5627,0,0,4f3ee87aef2fc9763c8caa5864c6f83c1e8820b485bf86b137197706dbea80f8,2024-11-21T09:48:02.683000 CVE-2024-5628,0,0,755412ba03c7f502c54c635c9705b96a4154da09bb9bfca64f93d1d41d08cf6a,2024-09-26T15:14:26.547000 CVE-2024-5629,0,0,f9daa1fe2950a7ccef0838fb6e6cae4a7319a3ab1da6174da12e5faf2c955f5a,2024-11-21T09:48:02.860000 CVE-2024-5630,0,0,50874e31f2d6c9403bb3dbaf933b8b3f439196ea7c18b531eba9bc061324fe0f,2024-11-21T09:48:03.020000 +CVE-2024-56302,1,1,8173e6901dd2cfb8f4e3ed0d6735daae712b3f722e4abb7423005b636b7d13c9,2025-01-02T12:15:28.753000 CVE-2024-5631,0,0,2a74e658158bae900a85436e92fd017c375ea2371e9ccb7b5a67e7bbd481f6b3,2024-11-21T09:48:03.210000 CVE-2024-56310,0,0,52fb9787ce6d270fefb09f2575978be0fb95a84a154a0887a6718d274c54ad79,2024-12-24T03:15:07.440000 CVE-2024-56311,0,0,66e9c6fbb0050254b7557259672fd0233cf69bba8f8e828ea4035d56bf3a6933,2024-12-24T03:15:07.607000