admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 10:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-07T13:00:37.772845+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-07 13:04:02 +00:00
parent 63618adc4c
commit bab5de3c22
93 changed files with 5221 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2017/CVE-2017-90xx/CVE-2017-9003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-9003",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2018-08-06T20:29:01.383",
"lastModified": "2024-11-21T03:35:08.987",
"lastModified": "2025-01-07T11:22:47.030",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -85,8 +85,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:arubaos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF0A755-F7BC-4EF5-AFB8-124614B1F172"
"criteria": "cpe:2.3:o:hpe:arubaos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BA5DC7-B863-44B9-AB3A-2BBEFB02563F"
}
]
}

60
CVE-2024/CVE-2024-118xx/CVE-2024-11826.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-11826",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T12:15:23.200",
"lastModified": "2025-01-07T12:15:23.200",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quillforms-popup' shortcode in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3214019/quillforms/trunk/includes/class-shortcode.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d59a4d69-cf51-44c1-90bf-19be04774c27?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-120xx/CVE-2024-12033.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12033",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T12:15:23.900",
"lastModified": "2025-01-07T12:15:23.900",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sync_libraries() function in all versions up to, and including, 4.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to sync libraries"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3214798/jupiterx-core/trunk/includes/extensions/raven/includes/plugin.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e452aa0-bfb9-4805-b2ed-53464a4b5308?source=cve",
"source": "security@wordfence.com"
}
]
}

64
CVE-2024/CVE-2024-123xx/CVE-2024-12316.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2024-12316",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T12:15:24.040",
"lastModified": "2025-01-07T12:15:24.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_popup_action() function in all versions up to, and including, 4.8.5. This makes it possible for unauthenticated attackers to export popup templates."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/jupiterx-core/trunk/includes/popups/class.php#L475",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3214798/jupiterx-core/trunk/includes/popups/class.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5db195c1-8917-4465-a5ca-21089afb0bc7?source=cve",
"source": "security@wordfence.com"
}
]
}

78
CVE-2024/CVE-2024-124xx/CVE-2024-12425.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-12425",
"sourceIdentifier": "security@documentfoundation.org",
"published": "2025-01-07T12:15:24.183",
"lastModified": "2025-01-07T12:15:24.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal.\n\n\n\n\nAn attacker can write to arbitrary locations, albeit suffixed with \".ttf\", by supplying a file in a format that supports embedded font files.\n\n\nThis issue affects LibreOffice: from 24.8 before < 24.8.4."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@documentfoundation.org",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security@documentfoundation.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425",
"source": "security@documentfoundation.org"
}
]
}

60
CVE-2024/CVE-2024-125xx/CVE-2024-12532.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12532",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T12:15:24.363",
"lastModified": "2025-01-07T12:15:24.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BWD Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.18 in widgets/bwdeb-content-switcher.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3211460/bwd-elementor-addons",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8bdf6a52-7316-440b-9d36-d405a672dce1?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-127xx/CVE-2024-12711.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-12711",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-01-07T12:15:24.503",
"lastModified": "2025-01-07T12:15:24.503",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questions() in all versions up to, and including, 2.7.13. This makes it possible for unauthenticated attackers to delete questions and attendees and for authenticated users to update question menu orders."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3216473%40rsvp&new=3216473%40rsvp&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d234212a-2019-477d-81d1-b2acc2321055?source=cve",
"source": "security@wordfence.com"
}
]
}

4
CVE-2024/CVE-2024-127xx/CVE-2024-12719.json
View File

@ -9,6 +9,10 @@
{
"lang": "en",
"value": "The WordPress File Upload plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wfu_ajax_action_read_subfolders' function in all versions up to, and including, 4.24.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform limited path traversal to view directories and subdirectories in WordPress. Files cannot be viewed."
},
{
"lang": "es",
"value": "El complemento WordPress File Upload para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'wfu_ajax_action_read_subfolders' en todas las versiones hasta la 4.24.15 inclusive. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, realicen un recorrido de ruta limitado para ver directorios y subdirectorios en WordPress. No se pueden ver los archivos."
}
],
"metrics": {

56
CVE-2024/CVE-2024-432xx/CVE-2024-43243.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-43243",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:06.023",
"lastModified": "2025-01-07T11:15:06.023",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGlow JobBoard Job listing allows Upload a Web Shell to a Web Server.This issue affects JobBoard Job listing: from n/a through 1.2.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/job-board-light/vulnerability/wordpress-jobboard-job-listing-plugin-1-2-6-arbitrary-file-upload-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-492xx/CVE-2024-49222.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49222",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:07.080",
"lastModified": "2025-01-07T11:15:07.080",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object Injection.This issue affects WPGuppy: from n/a through 1.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpguppy-lite/vulnerability/wordpress-wpguppy-plugin-1-1-0-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-492xx/CVE-2024-49249.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49249",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:07.243",
"lastModified": "2025-01-07T11:15:07.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue affects SMSA Shipping: from n/a through 2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-35"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/smsa-shipping-official/vulnerability/wordpress-smsa-shipping-plugin-2-3-arbitrary-file-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-492xx/CVE-2024-49294.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49294",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:07.400",
"lastModified": "2025-01-07T11:15:07.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.4.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/bus-ticket-booking-with-seat-reservation/vulnerability/wordpress-wpbusticketly-plugin-5-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49633.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49633",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:07.570",
"lastModified": "2025-01-07T11:15:07.570",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.19."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/directorypress/vulnerability/wordpress-directorypress-plugin-3-6-19-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49644.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49644",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:07.740",
"lastModified": "2025-01-07T11:15:07.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Privilege Assignment vulnerability in AllAccessible Team Accessibility by AllAccessible allows Privilege Escalation.This issue affects Accessibility by AllAccessible: from n/a through 1.3.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/allaccessible/vulnerability/wordpress-accessibility-by-allaccessible-plugin-1-3-4-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-496xx/CVE-2024-49649.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-49649",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:07.897",
"lastModified": "2025-01-07T11:15:07.897",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/build-app-online/vulnerability/wordpress-build-app-online-plugin-1-0-23-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-516xx/CVE-2024-51651.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-51651",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:08.113",
"lastModified": "2025-01-07T11:15:08.113",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in CubeWP CubeWP Forms \u2013 All-in-One Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms \u2013 All-in-One Form Builder: from n/a through 1.1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/cubewp-forms/vulnerability/wordpress-cubewp-forms-plugin-1-1-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-517xx/CVE-2024-51700.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-51700",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:08.283",
"lastModified": "2025-01-07T11:15:08.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in \uae40 \ubbfc\uc900 (Minjun Kim) NAVER Analytics allows Stored XSS.This issue affects NAVER Analytics: from n/a through 0.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/naver-analytics/vulnerability/wordpress-naver-analytics-plugin-0-9-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-517xx/CVE-2024-51715.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-51715",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:08.460",
"lastModified": "2025-01-07T11:15:08.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWhale \u2013 Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages allows Blind SQL Injection.This issue affects ClickWhale \u2013 Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages: from n/a through 2.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/clickwhale/vulnerability/wordpress-clickwhale-plugin-2-4-1-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-523xx/CVE-2024-52366.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52366",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-07T12:15:24.680",
"lastModified": "2025-01-07T12:15:24.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3\u00a0could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7180303",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-523xx/CVE-2024-52367.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52367",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-07T12:15:24.847",
"lastModified": "2025-01-07T12:15:24.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-497"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7180303",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-528xx/CVE-2024-52891.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52891",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-07T12:15:25.010",
"lastModified": "2025-01-07T12:15:25.010",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 \n\ncould allow an authenticated user to inject malicious information or obtain information from log files due to improper log neutralization."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-117"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7180303",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-528xx/CVE-2024-52893.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-52893",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2025-01-07T12:15:25.153",
"lastModified": "2025-01-07T12:15:25.153",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3\u00a0\n\ncould allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7180303",
"source": "psirt@us.ibm.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56271.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56271",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:08.633",
"lastModified": "2025-01-07T11:15:08.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in SecureSubmit WP SecureSubmit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SecureSubmit: from n/a through 1.5.16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/securesubmit/vulnerability/wordpress-wp-securesubmit-plugin-1-5-16-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56273.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56273",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:08.800",
"lastModified": "2025-01-07T11:15:08.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WPvivid Backup & Migration WPvivid Backup and Migration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPvivid Backup and Migration: from n/a through 0.9.106."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpvivid-backuprestore/vulnerability/wordpress-wpvivid-backup-plugin-0-9-106-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56274.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56274",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:08.960",
"lastModified": "2025-01-07T11:15:08.960",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through 1.2.15."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/astra-widgets/vulnerability/wordpress-astra-widgets-plugin-1-2-15-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56275.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56275",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:09.130",
"lastModified": "2025-01-07T11:15:09.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/envato-elements/vulnerability/wordpress-envato-elements-plugin-2-0-14-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56276.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56276",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:09.293",
"lastModified": "2025-01-07T11:15:09.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WPForms Contact Form by WPForms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through 1.9.2.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpforms-lite/vulnerability/wordpress-wpforms-lite-plugin-1-9-2-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56278.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56278",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:09.460",
"lastModified": "2025-01-07T11:15:09.460",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through 2.9.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-ultimate-exporter/vulnerability/wordpress-wp-ultimate-exporter-plugin-2-9-1-remote-code-execution-rce-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56279.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56279",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:09.633",
"lastModified": "2025-01-07T11:15:09.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Tips and Tricks HQ Compact WP Audio Player allows Server Side Request Forgery.This issue affects Compact WP Audio Player: from n/a through 1.9.14."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/compact-wp-audio-player/vulnerability/wordpress-compact-wp-audio-player-plugin-1-9-14-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56280.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56280",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:09.820",
"lastModified": "2025-01-07T11:15:09.820",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Privilege Assignment vulnerability in Amento Tech Pvt ltd WPGuppy allows Privilege Escalation.This issue affects WPGuppy: from n/a through 1.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpguppy-lite/vulnerability/wordpress-wpguppy-plugin-1-1-0-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56281.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56281",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:10.003",
"lastModified": "2025-01-07T11:15:10.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodeMShop \uc6cc\ub4dc\ud504\ub808\uc2a4 \uacb0\uc81c \uc2ec\ud50c\ud398\uc774 allows PHP Local File Inclusion.This issue affects \uc6cc\ub4dc\ud504\ub808\uc2a4 \uacb0\uc81c \uc2ec\ud50c\ud398\uc774: from n/a through 5.2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/pgall-for-woocommerce/vulnerability/wordpress-plugin-5-2-0-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56282.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56282",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:10.177",
"lastModified": "2025-01-07T11:15:10.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elicus WPMozo Addons Lite for Elementor allows PHP Local File Inclusion.This issue affects WPMozo Addons Lite for Elementor: from n/a through 1.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpmozo-addons-lite-for-elementor/vulnerability/wordpress-wpmozo-addons-lite-for-elementor-plugin-1-1-0-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56283.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56283",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:10.357",
"lastModified": "2025-01-07T11:15:10.357",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through 3.9.50."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/locatoraid/vulnerability/wordpress-locatoraid-store-locator-plugin-3-9-50-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56284.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56284",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:10.537",
"lastModified": "2025-01-07T11:15:10.537",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SSL Wireless SSL Wireless SMS Notification allows SQL Injection.This issue affects SSL Wireless SMS Notification: from n/a through 3.5.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/ssl-wireless-sms-notification/vulnerability/wordpress-ssl-wireless-sms-notification-plugin-3-5-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56285.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56285",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:10.707",
"lastModified": "2025-01-07T11:15:10.707",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpbits-addons-for-elementor/vulnerability/wordpress-wpbits-addons-for-elementor-page-builder-plugin-1-5-1-cross-site-scripting-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56286.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56286",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:10.883",
"lastModified": "2025-01-07T11:15:10.883",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Classic Addons Classic Addons \u2013 WPBakery Page Builder allows PHP Local File Inclusion.This issue affects Classic Addons \u2013 WPBakery Page Builder: from n/a through 3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/classic-addons-wpbakery-page-builder-addons/vulnerability/wordpress-classic-addons-wpbakery-page-builder-plugin-3-0-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56287.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56287",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:11.060",
"lastModified": "2025-01-07T11:15:11.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biztechc WP jQuery DataTable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through 4.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-jquery-datatable/vulnerability/wordpress-wp-jquery-datatable-plugin-4-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56288.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56288",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:11.247",
"lastModified": "2025-01-07T11:15:11.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-docs/vulnerability/wordpress-wp-docs-plugin-2-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56289.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56289",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:11.417",
"lastModified": "2025-01-07T11:15:11.417",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Groundhogg Inc. Groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through 3.7.3.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/groundhogg/vulnerability/wordpress-groundhogg-plugin-3-7-3-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56290.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56290",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:11.587",
"lastModified": "2025-01-07T11:15:11.587",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/different-shipping-and-billing-address-for-woocommerce/vulnerability/wordpress-multiple-shipping-and-billing-address-for-woocommerce-plugin-1-2-unauthenticated-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56291.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56291",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:11.760",
"lastModified": "2025-01-07T11:15:11.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in plainware.com PlainInventory allows Object Injection.This issue affects PlainInventory: from n/a through 3.1.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/z-inventory-manager/vulnerability/wordpress-plaininventory-inventory-management-plugin-plugin-3-1-6-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56292.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56292",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:11.943",
"lastModified": "2025-01-07T11:15:11.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop, oplugins Email Reminders allows Stored XSS.This issue affects Email Reminders: from n/a through 2.0.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/email-reminders/vulnerability/wordpress-email-reminders-plugin-2-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56293.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56293",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:12.100",
"lastModified": "2025-01-07T11:15:12.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nasirahmed Advanced Form Integration allows Stored XSS.This issue affects Advanced Form Integration: from n/a through 1.95.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/advanced-form-integration/vulnerability/wordpress-afi-the-easiest-integration-plugin-1-95-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56294.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56294",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:12.270",
"lastModified": "2025-01-07T11:15:12.270",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through 4.0.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/the-plus-addons-for-block-editor/vulnerability/wordpress-nexter-blocks-plugin-4-0-7-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56296.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56296",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:12.467",
"lastModified": "2025-01-07T11:15:12.467",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Reflected XSS.This issue affects Mang Board WP: from n/a through 1.8.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/mangboard/vulnerability/wordpress-mang-board-wp-plugin-1-8-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56297.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56297",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:12.643",
"lastModified": "2025-01-07T11:15:12.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dn88 Highlight allows Stored XSS.This issue affects Highlight: from n/a through 2.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/highlight/vulnerability/wordpress-highlight-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56298.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56298",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:12.807",
"lastModified": "2025-01-07T11:15:12.807",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 5 Star Plugins Pretty Simple Popup Builder allows Stored XSS.This issue affects Pretty Simple Popup Builder: from n/a through 1.0.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/pretty-simple-popup-builder/vulnerability/wordpress-pretty-simple-popup-builder-plugin-1-0-9-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-562xx/CVE-2024-56299.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56299",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:12.960",
"lastModified": "2025-01-07T11:15:12.960",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pektsekye Notify Odoo allows Stored XSS.This issue affects Notify Odoo: from n/a through 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/notify-odoo/vulnerability/wordpress-notify-odoo-plugin-1-0-0-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-563xx/CVE-2024-56300.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-56300",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:13.117",
"lastModified": "2025-01-07T11:15:13.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insertion of Sensitive Information Into Sent Data vulnerability in WPSpins Post/Page Copying Tool allows Retrieve Embedded Sensitive Data.This issue affects Post/Page Copying Tool: from n/a through 2.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-201"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/postpage-import-export-with-custom-fields-taxonomies/vulnerability/wordpress-post-page-copying-tool-plugin-2-0-0-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-222xx/CVE-2025-22261.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22261",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:13.290",
"lastModified": "2025-01-07T11:15:13.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixelite WP FullCalendar allows Stored XSS.This issue affects WP FullCalendar: from n/a through 1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-fullcalendar/vulnerability/wordpress-wp-fullcalendar-plugin-1-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-222xx/CVE-2025-22293.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22293",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:13.473",
"lastModified": "2025-01-07T11:15:13.473",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gutentor Gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through 3.4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/gutentor/vulnerability/wordpress-gutentor-plugin-3-4-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-222xx/CVE-2025-22297.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22297",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:13.630",
"lastModified": "2025-01-07T11:15:13.630",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in AIpost AI WP Writer allows Cross Site Request Forgery.This issue affects AI WP Writer: from n/a through 3.8.4.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/ai-wp-writer/vulnerability/wordpress-ai-wp-writer-plugin-3-8-4-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-222xx/CVE-2025-22298.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22298",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:13.783",
"lastModified": "2025-01-07T11:15:13.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Hive Support Hive Support \u2013 WordPress Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hive Support \u2013 WordPress Help Desk: from n/a through 1.1.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/hive-support/vulnerability/wordpress-hive-support-plugin-1-1-6-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-222xx/CVE-2025-22299.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22299",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:13.943",
"lastModified": "2025-01-07T11:15:13.943",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in spacecodes AI for SEO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI for SEO: from n/a through 1.2.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/ai-for-seo/vulnerability/wordpress-ai-for-seo-plugin-1-2-9-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22300.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22300",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:14.100",
"lastModified": "2025-01-07T11:15:14.100",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite \u2013 Your smart PIXEL (TAG) Manager allows Cross Site Request Forgery.This issue affects PixelYourSite \u2013 Your smart PIXEL (TAG) Manager: from n/a through 10.0.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/pixelyoursite/vulnerability/wordpress-pixelyoursite-plugin-10-0-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22301.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22301",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:14.240",
"lastModified": "2025-01-07T11:15:14.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows Cross Site Request Forgery.This issue affects MyBookTable Bookstore: from n/a through 3.5.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/mybooktable/vulnerability/wordpress-mybooktable-bookstore-by-stormhill-media-plugin-3-5-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22302.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22302",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:14.387",
"lastModified": "2025-01-07T11:15:14.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in WP Wand WP Wand allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through 1.2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/ai-content-generation/vulnerability/wordpress-wp-wand-plugin-1-2-5-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22303.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22303",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:14.563",
"lastModified": "2025-01-07T11:15:14.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.17.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-201"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-17-0-sensitive-data-exposure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22304.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22304",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:14.740",
"lastModified": "2025-01-07T11:15:14.740",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in osamaesh WP Visitor Statistics (Real Time Traffic) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-stats-manager/vulnerability/wordpress-wp-visitor-statistics-plugin-7-2-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22305.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22305",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:14.907",
"lastModified": "2025-01-07T11:15:14.907",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP OnlineSupport, Essential Plugin Hero Banner Ultimate allows PHP Local File Inclusion.This issue affects Hero Banner Ultimate: from n/a through 1.4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/hero-banner-ultimate/vulnerability/wordpress-hero-banner-ultimate-plugin-1-4-2-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22308.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22308",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.043",
"lastModified": "2025-01-07T11:15:15.043",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inc2734 Smart Custom Fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through 5.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/smart-custom-fields/vulnerability/wordpress-smart-custom-fields-plugin-5-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22309.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22309",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.190",
"lastModified": "2025-01-07T11:15:15.190",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve D SpeakOut! Email Petitions allows DOM-Based XSS.This issue affects SpeakOut! Email Petitions: from n/a through 4.4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/speakout/vulnerability/wordpress-speakout-email-petitions-plugin-4-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22310.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22310",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.320",
"lastModified": "2025-01-07T11:15:15.320",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TemplatesNext TemplatesNext ToolKit allows Stored XSS.This issue affects TemplatesNext ToolKit: from n/a through 3.2.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/templatesnext-toolkit/vulnerability/wordpress-templatesnext-toolkit-plugin-3-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22312.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22312",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.480",
"lastModified": "2025-01-07T11:15:15.480",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit allows DOM-Based XSS.This issue affects Thim Elementor Kit: from n/a through 1.2.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/thim-elementor-kit/vulnerability/wordpress-thim-elementor-kit-plugin-1-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22315.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22315",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.627",
"lastModified": "2025-01-07T11:15:15.627",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through 1.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/typing-text/vulnerability/wordpress-typing-text-plugin-1-2-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22316.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22316",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.763",
"lastModified": "2025-01-07T11:15:15.763",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpbits-addons-for-elementor/vulnerability/wordpress-wpbits-addons-for-elementor-page-builder-plugin-1-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22320.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22320",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:15.910",
"lastModified": "2025-01-07T11:15:15.910",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProductDyno ProductDyno allows Reflected XSS.This issue affects ProductDyno: from n/a through 1.0.24."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/productdyno/vulnerability/wordpress-productdyno-plugin-1-0-24-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22321.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22321",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:16.073",
"lastModified": "2025-01-07T11:15:16.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TheInnovs ElementsCSS Addons for Elementor allows Stored XSS.This issue affects ElementsCSS Addons for Elementor: from n/a through 1.0.8.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/css-for-elementor/vulnerability/wordpress-elementscss-addons-for-elementor-plugin-1-0-8-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22323.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22323",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:16.297",
"lastModified": "2025-01-07T11:15:16.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Image Hover Effects for Elementor allows Stored XSS.This issue affects Image Hover Effects for Elementor: from n/a through 1.0.2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/image-hover-effects-elementor-addon/vulnerability/wordpress-image-hover-effects-for-elementor-plugin-1-0-2-3-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22324.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22324",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:16.437",
"lastModified": "2025-01-07T11:15:16.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andon Ivanov OZ Canonical allows Reflected XSS.This issue affects OZ Canonical: from n/a through 0.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/oz-canonical/vulnerability/wordpress-oz-canonical-plugin-0-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22325.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22325",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:16.577",
"lastModified": "2025-01-07T11:15:16.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Nik Chankov Autocompleter allows Stored XSS.This issue affects Autocompleter: from n/a through 1.3.5.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/autocompleter/vulnerability/wordpress-autocompleter-plugin-1-3-5-2-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22326.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22326",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:16.730",
"lastModified": "2025-01-07T11:15:16.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 5centsCDN 5centsCDN allows Reflected XSS.This issue affects 5centsCDN: from n/a through 24.8.16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/5centscdn/vulnerability/wordpress-5centscdn-wordpress-cdn-plugin-plugin-24-8-16-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22327.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22327",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:16.870",
"lastModified": "2025-01-07T11:15:16.870",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olaf Lederer EO4WP allows Stored XSS.This issue affects EO4WP: from n/a through 1.0.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/fw-integration-for-emailoctopus/vulnerability/wordpress-eo4wp-plugin-1-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22328.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22328",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.020",
"lastModified": "2025-01-07T11:15:17.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Elevio Elevio allows Stored XSS.This issue affects Elevio: from n/a through 4.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/elevio/vulnerability/wordpress-elevio-plugin-4-4-1-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22333.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22333",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.160",
"lastModified": "2025-01-07T11:15:17.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.31."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/piotnet-addons-for-elementor/vulnerability/wordpress-piotnet-addons-for-elementor-plugin-2-4-31-cross-site-scripting-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22336.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22336",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.313",
"lastModified": "2025-01-07T11:15:17.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WordPress \u667a\u5e93 Wizhi Multi Filters by Wenprise allows Stored XSS.This issue affects Wizhi Multi Filters by Wenprise: from n/a through 1.8.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wizhi-multi-filters/vulnerability/wordpress-wizhi-multi-filters-by-wenprise-plugin-1-8-6-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22339.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22339",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.463",
"lastModified": "2025-01-07T11:15:17.463",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemeArt Store Commerce allows DOM-Based XSS.This issue affects Store Commerce: from n/a through 1.2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/theme/store-commerce/vulnerability/wordpress-store-commerce-theme-1-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2025/CVE-2025-223xx/CVE-2025-22342.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-22342",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.610",
"lastModified": "2025-01-07T11:15:17.610",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Jens T\u00f6rnell WP Simple Sitemap allows Stored XSS.This issue affects WP Simple Sitemap: from n/a through 0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-simple-sitemap/vulnerability/wordpress-wp-simple-sitemap-plugin-0-2-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22343.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22343",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.743",
"lastModified": "2025-01-07T11:15:17.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Dennis Koot wpSOL allows Stored XSS.This issue affects wpSOL: from n/a through 1.2.0."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en Dennis Koot wpSOL permite XSS almacenado. Este problema afecta a wpSOL: desde n/a hasta 1.2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpsol/vulnerability/wordpress-wpsol-plugin-1-2-0-csrf-to-stored-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22347.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22347",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:17.897",
"lastModified": "2025-01-07T11:15:17.897",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in BannerSky.com BSK Forms Blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through 3.9."
},
{
"lang": "es",
"value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en BannerSky.com BSK Forms Blacklist permite la inyecci\u00f3n SQL ciega. Este problema afecta a BSK Forms Blacklist: desde n/a hasta 3.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:L",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/bsk-gravityforms-blacklist/vulnerability/wordpress-bsk-forms-blacklist-plugin-3-9-csrf-to-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22348.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22348",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:18.037",
"lastModified": "2025-01-07T11:15:18.037",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTO GmbH DynamicTags allows Blind SQL Injection.This issue affects DynamicTags: from n/a through 1.4.0."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en RTO GmbH DynamicTags permite la inyecci\u00f3n SQL ciega. Este problema afecta a DynamicTags: desde n/a hasta 1.4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/dynamictags/vulnerability/wordpress-dynamictags-plugin-1-4-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22349.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22349",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:18.183",
"lastModified": "2025-01-07T11:15:18.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through 3.7."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en Owen Cutajar y Hyder Jaffari WordPress Auction Plugin permite la inyecci\u00f3n SQL. Este problema afecta a WordPress Auction Plugin: desde n/a hasta 3.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wp-auctions/vulnerability/wordpress-wordpress-auction-plugin-plugin-3-7-sql-injection-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22351.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22351",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:18.330",
"lastModified": "2025-01-07T11:15:18.330",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenguinArts Contact Form 7 Database \u2013 CFDB7 allows SQL Injection.This issue affects Contact Form 7 Database \u2013 CFDB7: from n/a through 1.0.0."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en PenguinArts Contact Form 7 Database \u2013 CFDB7 permite la inyecci\u00f3n SQL. Este problema afecta a PenguinArts Contact Form 7 Database \u2013 CFDB7: desde n/a hasta 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/advanced-cf7-database/vulnerability/wordpress-contact-form-7-database-cfdb7-plugin-1-0-0-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22352.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22352",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:18.527",
"lastModified": "2025-01-07T11:15:18.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through 1.4.8."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de elementos especiales utilizados en un comando SQL ('Inyecci\u00f3n SQL') en ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices y Attributes permite la inyecci\u00f3n SQL ciega. Este problema afecta a ELEX WooCommerce Advanced Bulk Edit Products, Prices y Attributes: desde n/a hasta 1.4.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/elex-bulk-edit-products-prices-attributes-for-woocommerce-basic/vulnerability/wordpress-elex-woocommerce-advanced-bulk-edit-products-prices-attributes-plugin-1-4-8-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22353.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22353",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:18.693",
"lastModified": "2025-01-07T11:15:18.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Balcom-Vetillo Design, Inc. BVD Easy Gallery Manager allows Reflected XSS.This issue affects BVD Easy Gallery Manager: from n/a through 1.0.6."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Balcom-Vetillo Design, Inc. BVD Easy Gallery Manager permite XSS reflejado. Este problema afecta a BVD Easy Gallery Manager: desde n/a hasta 1.0.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/bvd-easy-gallery-manager/vulnerability/wordpress-bvd-easy-gallery-manager-plugin-1-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22355.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22355",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:18.857",
"lastModified": "2025-01-07T11:15:18.857",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kiKx Kikx Simple Post Author Filter allows Reflected XSS.This issue affects Kikx Simple Post Author Filter: from n/a through 1.0."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en kiKx Kikx Simple Post Author Filter permite XSS reflejado. Este problema afecta a Kikx Simple Post Author Filter: desde n/a hasta 1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/sa-post-author-filter/vulnerability/wordpress-kikx-simple-post-author-filter-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22357.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22357",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:19.013",
"lastModified": "2025-01-07T11:15:19.013",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Plugins Target Notifications allows Reflected XSS.This issue affects Target Notifications: from n/a through 1.1.1."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Simple Plugins Target Notifications permite XSS reflejado. Este problema afecta a Target Notifications: desde n/a hasta 1.1.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/target-notifications/vulnerability/wordpress-target-notifications-plugin-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22358.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22358",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:19.167",
"lastModified": "2025-01-07T11:15:19.167",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcon Simone Wp advertising management allows Reflected XSS.This issue affects Wp advertising management: from n/a through 1.0.3."
},
{
"lang": "es",
"value": " Vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en lMarcon Simone Wp advertising management permite XSS reflejado. Este problema afecta a la gesti\u00f3n de publicidad de Wp: desde n/a hasta 1.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/advertising-management/vulnerability/wordpress-wp-advertising-management-plugin-1-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22359.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22359",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:19.310",
"lastModified": "2025-01-07T11:15:19.310",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PJFC SyncFields allows Reflected XSS.This issue affects SyncFields: from n/a through 2.1."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en PJFC SyncFields permite XSS reflejado. Este problema afecta a SyncFields: desde n/a hasta 2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/syncfields/vulnerability/wordpress-syncfields-plugin-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22362.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22362",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:19.453",
"lastModified": "2025-01-07T11:15:19.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Powerfusion WPAchievements Free allows Stored XSS.This issue affects WPAchievements Free: from n/a through 1.2.0."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web ('Cross-site Scripting') en Powerfusion WPAchievements Free permite XSS almacenado. Este problema afecta a WPAchievements Free: desde n/a hasta 1.2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/wpachievements-free/vulnerability/wordpress-wpachievements-free-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2025/CVE-2025-223xx/CVE-2025-22364.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-22364",
"sourceIdentifier": "audit@patchstack.com",
"published": "2025-01-07T11:15:19.600",
"lastModified": "2025-01-07T11:15:19.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App allows PHP Local File Inclusion.This issue affects Ach Invoice App: from n/a through 1.0.1."
},
{
"lang": "es",
"value": "Vulnerabilidad de control inadecuado del nombre de archivo para la declaraci\u00f3n Include/Require en PHP Program ('Inclusi\u00f3n de archivo remoto PHP') en Service Shogun Ach Invoice App permite la inclusi\u00f3n de archivos locales PHP. Este problema afecta a Ach Invoice App: desde n/a hasta 1.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/wordpress/plugin/ach-invoice-app/vulnerability/wordpress-ach-invoice-app-plugin-1-0-1-local-file-inclusion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

47
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-07T11:00:29.963167+00:00
2025-01-07T13:00:37.772845+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-07T10:15:07.323000+00:00
2025-01-07T12:15:25.153000+00:00
```
### Last Data Feed Release
@ -33,29 +33,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
275969
276058
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `89`
- [CVE-2024-12152](CVE-2024/CVE-2024-121xx/CVE-2024-12152.json) (`2025-01-07T10:15:06.577`)
- [CVE-2024-12699](CVE-2024/CVE-2024-126xx/CVE-2024-12699.json) (`2025-01-07T10:15:07.143`)
- [CVE-2024-12719](CVE-2024/CVE-2024-127xx/CVE-2024-12719.json) (`2025-01-07T10:15:07.323`)
- [CVE-2025-22320](CVE-2025/CVE-2025-223xx/CVE-2025-22320.json) (`2025-01-07T11:15:15.910`)
- [CVE-2025-22321](CVE-2025/CVE-2025-223xx/CVE-2025-22321.json) (`2025-01-07T11:15:16.073`)
- [CVE-2025-22323](CVE-2025/CVE-2025-223xx/CVE-2025-22323.json) (`2025-01-07T11:15:16.297`)
- [CVE-2025-22324](CVE-2025/CVE-2025-223xx/CVE-2025-22324.json) (`2025-01-07T11:15:16.437`)
- [CVE-2025-22325](CVE-2025/CVE-2025-223xx/CVE-2025-22325.json) (`2025-01-07T11:15:16.577`)
- [CVE-2025-22326](CVE-2025/CVE-2025-223xx/CVE-2025-22326.json) (`2025-01-07T11:15:16.730`)
- [CVE-2025-22327](CVE-2025/CVE-2025-223xx/CVE-2025-22327.json) (`2025-01-07T11:15:16.870`)
- [CVE-2025-22328](CVE-2025/CVE-2025-223xx/CVE-2025-22328.json) (`2025-01-07T11:15:17.020`)
- [CVE-2025-22333](CVE-2025/CVE-2025-223xx/CVE-2025-22333.json) (`2025-01-07T11:15:17.160`)
- [CVE-2025-22336](CVE-2025/CVE-2025-223xx/CVE-2025-22336.json) (`2025-01-07T11:15:17.313`)
- [CVE-2025-22339](CVE-2025/CVE-2025-223xx/CVE-2025-22339.json) (`2025-01-07T11:15:17.463`)
- [CVE-2025-22342](CVE-2025/CVE-2025-223xx/CVE-2025-22342.json) (`2025-01-07T11:15:17.610`)
- [CVE-2025-22343](CVE-2025/CVE-2025-223xx/CVE-2025-22343.json) (`2025-01-07T11:15:17.743`)
- [CVE-2025-22347](CVE-2025/CVE-2025-223xx/CVE-2025-22347.json) (`2025-01-07T11:15:17.897`)
- [CVE-2025-22348](CVE-2025/CVE-2025-223xx/CVE-2025-22348.json) (`2025-01-07T11:15:18.037`)
- [CVE-2025-22349](CVE-2025/CVE-2025-223xx/CVE-2025-22349.json) (`2025-01-07T11:15:18.183`)
- [CVE-2025-22351](CVE-2025/CVE-2025-223xx/CVE-2025-22351.json) (`2025-01-07T11:15:18.330`)
- [CVE-2025-22352](CVE-2025/CVE-2025-223xx/CVE-2025-22352.json) (`2025-01-07T11:15:18.527`)
- [CVE-2025-22353](CVE-2025/CVE-2025-223xx/CVE-2025-22353.json) (`2025-01-07T11:15:18.693`)
- [CVE-2025-22355](CVE-2025/CVE-2025-223xx/CVE-2025-22355.json) (`2025-01-07T11:15:18.857`)
- [CVE-2025-22357](CVE-2025/CVE-2025-223xx/CVE-2025-22357.json) (`2025-01-07T11:15:19.013`)
- [CVE-2025-22358](CVE-2025/CVE-2025-223xx/CVE-2025-22358.json) (`2025-01-07T11:15:19.167`)
- [CVE-2025-22359](CVE-2025/CVE-2025-223xx/CVE-2025-22359.json) (`2025-01-07T11:15:19.310`)
- [CVE-2025-22362](CVE-2025/CVE-2025-223xx/CVE-2025-22362.json) (`2025-01-07T11:15:19.453`)
- [CVE-2025-22364](CVE-2025/CVE-2025-223xx/CVE-2025-22364.json) (`2025-01-07T11:15:19.600`)
### CVEs modified in the last Commit
Recently modified CVEs: `7`
Recently modified CVEs: `2`
- [CVE-2024-11625](CVE-2024/CVE-2024-116xx/CVE-2024-11625.json) (`2025-01-07T09:15:06.560`)
- [CVE-2024-11626](CVE-2024/CVE-2024-116xx/CVE-2024-11626.json) (`2025-01-07T09:15:07.533`)
- [CVE-2024-11627](CVE-2024/CVE-2024-116xx/CVE-2024-11627.json) (`2025-01-07T09:15:07.633`)
- [CVE-2024-12569](CVE-2024/CVE-2024-125xx/CVE-2024-12569.json) (`2025-01-07T10:15:06.757`)
- [CVE-2024-49967](CVE-2024/CVE-2024-499xx/CVE-2024-49967.json) (`2025-01-07T09:15:07.743`)
- [CVE-2024-56686](CVE-2024/CVE-2024-566xx/CVE-2024-56686.json) (`2025-01-07T09:15:16.897`)
- [CVE-2024-56762](CVE-2024/CVE-2024-567xx/CVE-2024-56762.json) (`2025-01-07T09:15:16.973`)
- [CVE-2017-9003](CVE-2017/CVE-2017-90xx/CVE-2017-9003.json) (`2025-01-07T11:22:47.030`)
- [CVE-2024-12719](CVE-2024/CVE-2024-127xx/CVE-2024-12719.json) (`2025-01-07T10:15:07.323`)
## Download and Usage

111
_state.csv
View File

@ -108882,7 +108882,7 @@ CVE-2017-8999,0,0,d423b169fb9150ddeb5e4bc04616601def0558dbe828022af95911b1dc8ab1
CVE-2017-9000,0,0,5d42b00441358723ed9203a66cafc1c5b3a54f4af34267404a87e269a5fcef2e,2024-11-21T03:35:08.633000
CVE-2017-9001,0,0,88fe83869f5f8ebf95f80d4108a502f04ecbf7f0840d922b177b34168bf541b7,2024-11-21T03:35:08.760000
CVE-2017-9002,0,0,912f0bc88c0df570c913e8ecf17cb8902d4f9ef496f23526ea96f1ec9f4e460c,2024-11-21T03:35:08.880000
CVE-2017-9003,0,0,d6890e506a2f33a524a3b2850ae593e9dfc3b20d8166283bc0b7ae4ed33fd0b5,2024-11-21T03:35:08.987000
CVE-2017-9003,0,1,d6727bf6ab50a0da525d9ddd07bc91dea341d4754a7307df74ee768dbf0acb32,2025-01-07T11:22:47.030000
CVE-2017-9004,0,0,394f2aac4486033035a1c8611848f841a14d2d1430e0d07939eb619f15c7a4ca,2023-11-07T02:50:31.460000
CVE-2017-9005,0,0,6f6ccd30fa41269bcafe8d794722af502b75276eb14786ad74c005222e2dd28a,2023-11-07T02:50:31.690000
CVE-2017-9006,0,0,c79556a5f0bb64377ae9eb4c56a8727fc03d599a61d84ebe76d1f52c86ab4c2d,2023-11-07T02:50:31.940000
@ -244532,9 +244532,9 @@ CVE-2024-1162,0,0,3088f9ddfe31234409eeca0c6733f6625e00a303f5f7e9ffe94fe1a6782630
CVE-2024-11620,0,0,ead70690aa114308aae0c5f2f4d204a542be8af8676c2ad1b4207bb367ac689c,2024-11-28T11:15:48.533000
CVE-2024-11622,0,0,28607ca43edf19c5b150264789340f2f339c16fe9934fd58cd66cc9c45bc71df,2024-12-12T19:52:24.527000
CVE-2024-11624,0,0,2fbadf82b86c601ba5e3c164ddb11cdb07fbf96914b2d5fb97e205c966153970,2025-01-03T23:15:06.157000
CVE-2024-11625,0,1,68cf79a54f3e4f0c646567605ae0759bceb8120ef2fb6b3ee07291aeb85b1df4,2025-01-07T09:15:06.560000
CVE-2024-11626,0,1,c705e444dfcef14aa92dcbc52fbd5d78b61056f9e74c6883c659c916e8a56210,2025-01-07T09:15:07.533000
CVE-2024-11627,0,1,7fb031f44b4246cafcebf80341155b1da0744ba2ecd87aaea3c1fc7835af75eb,2025-01-07T09:15:07.633000
CVE-2024-11625,0,0,68cf79a54f3e4f0c646567605ae0759bceb8120ef2fb6b3ee07291aeb85b1df4,2025-01-07T09:15:06.560000
CVE-2024-11626,0,0,c705e444dfcef14aa92dcbc52fbd5d78b61056f9e74c6883c659c916e8a56210,2025-01-07T09:15:07.533000
CVE-2024-11627,0,0,7fb031f44b4246cafcebf80341155b1da0744ba2ecd87aaea3c1fc7835af75eb,2025-01-07T09:15:07.633000
CVE-2024-1163,0,0,3534cb0564ba7e08015dfddf52a975a19f7b672cf09e3f78e469f84e669f2cea,2024-11-21T08:49:56.403000
CVE-2024-11630,0,0,602de6590967350fd7f3827b1a11ce4a1c578a1994d3c132149d73cf61dca0eb,2024-11-22T22:15:13.637000
CVE-2024-11631,0,0,ec063b412cc8e1fc69f64e54e806f8de997f3af353f8bd5c4b78d65e3cccfe32,2024-11-25T16:54:46.333000
@ -244720,6 +244720,7 @@ CVE-2024-11819,0,0,4ad555b58c0b6ae087a0e197e14f318c0818cf9ebf662c2c2b44a9340719c
CVE-2024-1182,0,0,3f29301d892b117e83ef161f22ec91ec635f3f594205a460782ee4e3d4d8572d,2024-11-21T08:49:58.813000
CVE-2024-11820,0,0,851b7a45884f50f3792038cee6a0dd94b1414d7c7c3cad4aa15d26efb61c7827,2024-12-03T14:54:20.297000
CVE-2024-11823,0,0,c06b322c55c56e39da841e24dcfc245d4bbf700dd82f0350363e4100fb063133,2024-12-06T09:15:07.463000
CVE-2024-11826,1,1,978742b568a878385fd8a9b641ea4d38722fc9aee92a4048f75713c88b655976,2025-01-07T12:15:23.200000
CVE-2024-11827,0,0,56fd4585b95b5b001b477bafaf482165d34a68f8e4c23484879244ef8898da04,2024-12-13T12:15:19.050000
CVE-2024-11828,0,0,2182fcc94d5c2924b387611eabcc64629aff0d6ea201e85bc92b19a7228cc503,2024-12-12T21:07:04.270000
CVE-2024-1183,0,0,65ecfa5c3d2b221c19281f6b798c6cc7087d171223e10f3dd191314d09620aec,2024-11-21T08:49:58.950000
@ -244880,6 +244881,7 @@ CVE-2024-12028,0,0,1e73c6e2445828811f3920b16dca38e7a1768853994affcbd716568d4e1eb
CVE-2024-1203,0,0,d1f896c2674b7d8b8ac7ccf181e7d9a7e598afaaabec693045eb0f85d52368c5,2024-11-21T08:50:01.913000
CVE-2024-12031,0,0,d30b745c703c186af9776c88e8d0d222bab220bbc78efc5ddb772b6e524ac88f,2024-12-24T10:15:05.580000
CVE-2024-12032,0,0,d28549d87ab7a1da8c8e60b219695b8c0bac78074e1f07aa186ddc87bdbbdb60,2024-12-25T04:15:05.497000
CVE-2024-12033,1,1,54825cf5b8066f27193c477b2f79dabfe72cf6e17be404638cb6d9b3454d4164,2025-01-07T12:15:23.900000
CVE-2024-12034,0,0,9c507f78158cc030dfd314ae6dde1db490ceaf3d6dfd0f8120e54566524e4e3e,2024-12-24T06:15:32.553000
CVE-2024-1204,0,0,52c83c0f4289636bc1afd18cb37875b782729e90167239cc1a53f532e5633e12,2024-11-21T08:50:02.033000
CVE-2024-12040,0,0,82ff661fdb988bbdc555297e0b0d4a5a42a6c3fde3cb51373bdf40b4e4dd0633,2024-12-12T06:15:22.947000
@ -244941,7 +244943,7 @@ CVE-2024-12148,0,0,2d82ecdcd1ae8b06b2bbc4387f4ec8d5588d3a1672ec54422fedc0a9fcb34
CVE-2024-12149,0,0,6cea541fb8390eb73924fcce3986b6c54a0134049e02ebc343dd9227319eb6b2,2024-12-05T19:15:07.627000
CVE-2024-1215,0,0,4329416f300d2c475797311e08de13347ae9dc69f951944050207e3d4abf36b5,2024-11-21T08:50:03.560000
CVE-2024-12151,0,0,958cd3e076f1ea17ca0ad827def723dfad6dc87ee6b3f8172337cf6f1994be20,2024-12-05T19:15:07.773000
CVE-2024-12152,1,1,1dc4d714d933a7ec7cbc53e21622c2f5d4baa2b340656239841d653772077f96,2025-01-07T10:15:06.577000
CVE-2024-12152,0,0,1dc4d714d933a7ec7cbc53e21622c2f5d4baa2b340656239841d653772077f96,2025-01-07T10:15:06.577000
CVE-2024-12153,0,0,22e2967fc47cf53b1f6950bbe994a9df52e94c829c300fca48f8d4054f6ee1bf,2025-01-07T05:15:14.927000
CVE-2024-12155,0,0,a9bad28298e0ff298ba13b998a693d2b1a968d7ec52abbb9a976f5fdc4810431,2024-12-06T09:15:08.417000
CVE-2024-12156,0,0,2e2ae1d329cdc90aba56d374ee329c37f84e6225dfe0fbd4afb09b6a3021715e,2024-12-12T05:15:11.163000
@ -245060,6 +245062,7 @@ CVE-2024-1231,0,0,b14e8b0a07bc5ec367647c5978c3a1256f30a8a16700580e77b0e0e8d9654f
CVE-2024-12311,0,0,815e3491f6c1f7b3abc4a4d287cec4a5fe89f53db46c7d87ecfb8135e71ecf12,2025-01-06T14:15:08.153000
CVE-2024-12312,0,0,81d22bd123230bacbdc2896ec02614f9266db15df91f1b6305d0718b6052467b,2024-12-12T07:15:10.090000
CVE-2024-12313,0,0,f95ad1b7ee5c9c8b1e6156101adb575b7211cb88ceaf5c60bae6d522015943ba,2025-01-07T05:15:17.853000
CVE-2024-12316,1,1,cbec86e916287ea4351d5d169721a153ddf032af635bffa2f7ccbd542a7bbd96,2025-01-07T12:15:24.040000
CVE-2024-1232,0,0,0724dcbb02c95ade7614aaa3e49113b53bf4da94f0e9ec3c91efd2f39f26e0e2,2024-11-21T08:50:07.030000
CVE-2024-12322,0,0,d1d1ba99e3248373db00660e43bd83c74463e7aba267c41381ae292bf15ed01a,2025-01-07T05:15:18.063000
CVE-2024-12323,0,0,06bea100acdfcead34fe4d931dfd21a64a280c25bd363945a1e09f063078f508,2024-12-10T15:15:07.300000
@ -245130,6 +245133,7 @@ CVE-2024-1242,0,0,d730388eb7530fa29fb11ce649456e01cfb020c8a1d70e87c977d44dc13140
CVE-2024-12420,0,0,ae8d110f5efef295dc5d542d71461638a083f9c010e00a24758178ab1b247bfd,2024-12-13T09:15:08.627000
CVE-2024-12421,0,0,d0800edd844bf37ccee00fc76da3ec64bb2b51e717430e725122892ee39e78eb,2024-12-13T09:15:08.870000
CVE-2024-12422,0,0,27a2b7b5579aea6b626e898353e29adaf77dce7f7392fa2cdcdfb4f6d55292dc,2024-12-14T06:15:19.357000
CVE-2024-12425,1,1,eea15e7971a0067182f0f87cd0809df360664c0ea5db3b792659192d954300c4,2025-01-07T12:15:24.183000
CVE-2024-12428,0,0,0dc42c82097510dcd67ba200f4a63250bd059d1ff61bcff7d39f7b5f34a5af10,2024-12-25T05:15:06.920000
CVE-2024-12432,0,0,3d67b932349f6253a91fa970f1501aba586896a462aba17731bbe90a2499433d,2024-12-18T04:15:07.947000
CVE-2024-12435,0,0,0b924907debc21d874056d540a36b4cd28d4a499f8792c113a5d9122f40bd903,2025-01-07T05:15:18.887000
@ -245199,6 +245203,7 @@ CVE-2024-12523,0,0,185a41d328f0e130d8ed17ada12f64a855433449910369cbbb025fff8ce0f
CVE-2024-12526,0,0,b192d6e45212a3c6d09a8a6cd2198d071bb3ba4da94a4e2bf151be7ad2c18324,2024-12-12T05:15:13.577000
CVE-2024-12528,0,0,b542d57e01c0c48ad9564b0890e0d12d29edb2156a8c53246e86bf7139add551,2025-01-07T04:15:08.543000
CVE-2024-1253,0,0,a598e10fa6d530af6148de164d99995412d597f7142ead42d62b85e905a98949,2024-11-21T08:50:09.843000
CVE-2024-12532,1,1,9ca157cc408917cff34071ccec5f6a565d9704ba7df388f3088985d6d80c9ea4,2025-01-07T12:15:24.363000
CVE-2024-12535,0,0,b0034002c69bb854c515c85f47eb566bda639381994e791864e14498ccfc66d2,2025-01-07T06:15:17.220000
CVE-2024-12536,0,0,a925f1a48eff74b537962fd623796390384e9d276d37e7a9cb0d9ba10f9464b0,2024-12-13T17:14:44.007000
CVE-2024-12538,0,0,b01ad61b9334acc7635ec3132a042fbc3171b4976dc799538cae1899a313c7bf,2025-01-07T04:15:08.720000
@ -245218,7 +245223,7 @@ CVE-2024-12559,0,0,f54cf3f9991327e38603b9f68b85ad1beb15e578526394c2a7bc1915ca253
CVE-2024-1256,0,0,ea8829298a5ced036094d7fead955f33827bc36bbc0a7f87a81ee1f95b95b282,2024-11-21T08:50:10.293000
CVE-2024-12560,0,0,d33290fc3e54f51dd78cb0afaf9a18e8538f72db9dd0f598ab5a68b55bfe89a1,2024-12-19T07:15:13.507000
CVE-2024-12564,0,0,0abcb221861e5fc99f1edf43c59fea9ce50a3b4bd68b4b9a5961d76741772172,2024-12-12T15:15:12.097000
CVE-2024-12569,0,1,67ea80dfc8a7f09d76679f52a4f2989d2d078497f3a52d4649742fe2554674aa,2025-01-07T10:15:06.757000
CVE-2024-12569,0,0,67ea80dfc8a7f09d76679f52a4f2989d2d078497f3a52d4649742fe2554674aa,2025-01-07T10:15:06.757000
CVE-2024-1257,0,0,7cc030c8f0ebfb33a80da788a5513945114551aaaa2999db4fa614a5f6b08a9b,2024-11-21T08:50:10.443000
CVE-2024-12570,0,0,be94920192af405ec932f38181a462713be2ef7292a21e90f93bf4238cc63d84,2024-12-12T12:15:22.660000
CVE-2024-12571,0,0,4f61ab2b24612e0b1a75d43cf9d9be2b77f4416d126de6e970d9338abb76a3be,2024-12-20T07:15:12.380000
@ -245296,12 +245301,13 @@ CVE-2024-12694,0,0,9800fbc5ca389434bdda7fa0de83799fcd1088c52cf84f2bdcf95dc149b6c
CVE-2024-12695,0,0,c12cc3a1c005ac4ce33f9efb358fc8de53ca6da21a9008edd22e7d591fcee580,2025-01-06T15:15:10.753000
CVE-2024-12697,0,0,2459466c74ec5bec9acd976593eaf1864bd447490d29e2029863b77f5d045147,2024-12-21T07:15:09.587000
CVE-2024-12698,0,0,3d9cdcbe538ab50d5f6959e4225d81bf3f0e9f88aa4025e53f307853d2e0961c,2024-12-18T05:15:07.840000
CVE-2024-12699,1,1,5774e482bd57d5f0f13ef8ed6e7359c67875b728e81561c5eb79fe6c92f6ed3b,2025-01-07T10:15:07.143000
CVE-2024-12699,0,0,5774e482bd57d5f0f13ef8ed6e7359c67875b728e81561c5eb79fe6c92f6ed3b,2025-01-07T10:15:07.143000
CVE-2024-12700,0,0,c161ba4e53ce97164ad141dae69781306c514830255596765fa43a667338faaa,2024-12-19T23:15:05.860000
CVE-2024-12701,0,0,093eca66809c85a1226724feb10b7be584059ad49ddb4511295af9293417b489,2025-01-04T08:15:06.670000
CVE-2024-1271,0,0,d5b27a7a2ae180d57194d51f3421939a6fa1fd034c14866b136beeb3b91200c4,2024-11-19T20:15:30.007000
CVE-2024-12710,0,0,47453914e1b74979b7cb104fe22d1ae9255e40512305ca5e5237f17f98821657,2024-12-24T05:15:07.193000
CVE-2024-12719,1,1,ca757e894b8bdd7da9bf992d42b81e6ab17247d45419c76d8527cce64819ff3c,2025-01-07T10:15:07.323000
CVE-2024-12711,1,1,af63df0fc664529f876fb1b7e42d9f7f11e38264d63e374c64c561e006838c50,2025-01-07T12:15:24.503000
CVE-2024-12719,0,1,f1c1e2dd855d248bd97d2bae5f7baeccac20810feec3cd62c70cf667fd59aed5,2025-01-07T10:15:07.323000
CVE-2024-1272,0,0,6fe2ae3dbf4ac28af0ee3734ec3f1128a5e90306284fb984019a39811655512d,2024-11-21T08:50:12.417000
CVE-2024-12721,0,0,602b63fd821f3e12d745be832faac963714770e5a5cf419d7f91dc50f0276cf3,2024-12-21T07:15:09.793000
CVE-2024-12727,0,0,b783145694badccf248249bee0c82f1aff0f923b8a3e56851318776364e6e057,2024-12-19T21:15:07.740000
@ -263695,6 +263701,7 @@ CVE-2024-4324,0,0,0867d2dc87ac41925909e9579e3f687280379bde75b7d9508bf2c182bb9292
CVE-2024-43240,0,0,f3755187b1079dddd9aa39a2d6d1353be078e947656c0be39217f4c14918c166,2024-09-06T16:57:58.130000
CVE-2024-43241,0,0,8b7ebfeaa0cfaa5a2780863f1bab1b606ddc09afa140e94cd2bc0f10d4850fd4,2024-08-19T12:59:59.177000
CVE-2024-43242,0,0,5158271e91371a51365371ec1823e76cd71c2739fb8c021ac2fef7a9066b0092,2024-09-06T16:57:46.497000
CVE-2024-43243,1,1,75182b4823e6ba419cf53f3113ff046e04f7af9dfb5026fddc36109ffb04dc06,2025-01-07T11:15:06.023000
CVE-2024-43244,0,0,3e98cfb635eda3f4b8988337f238f5959caa7185154536861e79784e7a10cdb6,2024-08-19T12:59:59.177000
CVE-2024-43245,0,0,469b68939f3c87b1a0d6fb606b56eedd74ee37e5416adec04704d1a576f70460,2024-08-19T18:36:07.297000
CVE-2024-43246,0,0,da490659311d5f9529b46dd59c7241bb03b455ff3410df4a5c90861e305cded5,2024-08-19T12:59:59.177000
@ -267713,6 +267720,7 @@ CVE-2024-49219,0,0,f1d68eec1c9ab3e09b8cbb145b6b08a53ad6423a21f950f984e7cee76ad18
CVE-2024-4922,0,0,bb9a0aa233bf80c6bc7dce5e0ab23357e07cb196c0e6896cf35d102b17579ad3,2024-11-21T09:43:52.600000
CVE-2024-49220,0,0,faf07abbc3d041986f9dd5add34f86ec4149aba235d59cb64d0e41accd37e636,2024-11-06T20:41:13.367000
CVE-2024-49221,0,0,d2fb02495e07f2419889499bb8b5df57c5f20f0042cb9376e70fe86de15e4577,2024-11-06T20:54:50.527000
CVE-2024-49222,1,1,d60a32b594cb99ce5a4273de2f0263717b96905c6a8df2bd184dd56f9a9081d3,2025-01-07T11:15:07.080000
CVE-2024-49223,0,0,a7d176a598c283de56521e3b710f4184e7490e998a47d606d989d0c6c315905c,2024-11-06T20:55:37.613000
CVE-2024-49224,0,0,75840cb7ce6f3bb64fdc7339d09a00a40cf89f51439ca3235d36e0b239d0e9dc,2024-10-21T16:31:21.593000
CVE-2024-49225,0,0,90650671372b1f8039d786d35158c69ffea32c9f90c78144024b2dea1bb85078,2024-10-21T16:33:00.403000
@ -267741,6 +267749,7 @@ CVE-2024-49245,0,0,e8e8d148ba2622c6de7907cb96750bb4941a87354e433710a753f01ebd1fe
CVE-2024-49246,0,0,28e5162107791ffb37238aa3ac873351ab857b8f3ab6fa2ad94faf103ac85423,2024-10-18T12:52:33.507000
CVE-2024-49247,0,0,d2ac676e81ce462e72e2813cda8fbe63034693433b246cc39508427218855573,2024-10-16T16:38:14.557000
CVE-2024-49248,0,0,f291e52f81f78f3237f2d2191f793b757979f653d407498c9c343b86e2c909c3,2024-10-18T12:52:33.507000
CVE-2024-49249,1,1,d05f86b34e3155a9d70dff4c1e7fd1eb4d8e81d7f18a9b5d78af4b87bfa4550c,2025-01-07T11:15:07.243000
CVE-2024-4925,0,0,e0c35c24ae94fe6f5c3ab83c42fc1a3e6327502f935d5eebb867dcc0eafe594c,2024-11-21T09:43:53.060000
CVE-2024-49250,0,0,43e64ea5aa7f096ad91e13517936d197d803fc23a811330d0cad77bbf1cbd01e,2024-10-22T18:44:20.297000
CVE-2024-49251,0,0,c2064b8e0d36ff12817e191223dd1318e55cb1f4fe3be4332ab398f5a6dad8e3,2024-10-16T16:38:14.557000
@ -267789,6 +267798,7 @@ CVE-2024-49290,0,0,96e76b27a181dc096cfd832ba5b2be4d826e178057417e0d837c9408f6a4c
CVE-2024-49291,0,0,249dc671b72ac546a6c5c29c6da882835446fe95844bab5700ec27796ce85169,2024-10-18T12:52:33.507000
CVE-2024-49292,0,0,4d7f035bdbc17c54c66913bbb4437e27e133be56065732023f8dac91223c3b43,2024-10-18T12:52:33.507000
CVE-2024-49293,0,0,2d53402d532cd283b635562c0a1d47cc207eea6245a05010c9022145b2413c0d,2024-10-29T15:07:39.407000
CVE-2024-49294,1,1,4db861ceda8892c163391392bd056e4d157099f65b9e650f49b7871acf4315b9,2025-01-07T11:15:07.400000
CVE-2024-49295,0,0,93cf95834b6245279ffc7131566626d99288891705acd63ad80fc783ba87c120,2024-10-18T12:52:33.507000
CVE-2024-49296,0,0,f284461b2c629099a66bbc96fd2d4da6cf3b98ef4116d3463b0ca9af7265634a,2024-10-18T12:52:33.507000
CVE-2024-49297,0,0,f192074d26b33e0d5f10cc1f854aa454ad790ff37de6ee072448709786ed06dd,2024-10-18T12:52:33.507000
@ -268014,6 +268024,7 @@ CVE-2024-4963,0,0,67dca6c290c51e1f929d7f3dfe0d3ba90537d5b271cac6a81972486d8287b5
CVE-2024-49630,0,0,5d5212a4fd00a4480462df1c38eaafc5b22d0dc97c9520d614d873afc7d0c32d,2024-10-23T20:44:41.857000
CVE-2024-49631,0,0,45a5e9d1057a3cd6c6ba6f2dc4f5984c91f22b07b3b9e1857d79de0901c3fd83,2024-10-24T14:12:59.600000
CVE-2024-49632,0,0,e5b03a135dc094c1402ff0134987cbfd694e41138079093acfca549c8329b68a,2024-10-31T16:31:51.467000
CVE-2024-49633,1,1,00a061be0a48c4614726083d9d5c55dc3f72a4983fc45f14a59137e8b5feab10,2025-01-07T11:15:07.570000
CVE-2024-49634,0,0,cb7ee19cf65dddead09be1c930a4fd93461242ccf257a4be3d49b56c45adfb5b,2024-10-31T16:30:35.667000
CVE-2024-49635,0,0,102de38d0812458f9f1fa982d39e2d1f0a5efb2957fbe85ad59acb8ccb675690,2024-10-31T15:27:24.033000
CVE-2024-49636,0,0,dd794c9b19923ed176790bc43ce11d5d0ecabc98357844277c9ed12de654e3d4,2024-10-31T14:51:06.170000
@ -268025,10 +268036,12 @@ CVE-2024-49640,0,0,4c180b38360d895b5529c0cacd80ee0efdc50a74016f2ac30c77a9804d51d
CVE-2024-49641,0,0,dd5f63553226575656eaee9a4082903c9d17af8bd8e4a3679997712e65a5699d,2024-10-31T16:05:44.353000
CVE-2024-49642,0,0,d468295557b49fcd0885ad53f4d4a9e1b94d606c40e4bf5757f7b7c473c0095e,2024-11-07T20:59:18.593000
CVE-2024-49643,0,0,ed3b1be7c4b1861c3a8d1896b7e215b84bac778f41b48aa929c6b742a8d02889,2024-10-31T18:48:20.883000
CVE-2024-49644,1,1,2727f04955d4a6e732b3b9da581941a731d807ba5bb670e6b1eed421e447cbb7,2025-01-07T11:15:07.740000
CVE-2024-49645,0,0,225bbc01d1af09c9b0cd04013457b91bb7bf182d8b2faf2ed65f9008d687df32,2024-10-31T17:59:25.867000
CVE-2024-49646,0,0,5ae2cf77cf761a2408e25a9079b81f0c710751cca666465e6c546ad44f9d9669,2024-10-29T14:34:04.427000
CVE-2024-49647,0,0,728c1c9e03d4c2bc3debb0722129144c88b82a7f2fd74481d492b7a7939dcdda,2024-10-29T14:34:04.427000
CVE-2024-49648,0,0,2d0290252441f267498bcb004235c498b429b43c6ed6a20da0adf8a057fb4505,2024-10-29T14:34:04.427000
CVE-2024-49649,1,1,14abf7cb0affda2bbce3fb806c5b49faa37727206b711f6e68daff65bfbaa9cb,2025-01-07T11:15:07.897000
CVE-2024-4965,0,0,3e9f3a5683542d0f872185bb7cd9d74f67d4aad7a54eb5c75ee0939651d20c21,2024-11-21T09:43:57.867000
CVE-2024-49650,0,0,957bb63482c3b8d31b833ced44fc3b066a055f77165a90d58e6b148446915af5,2024-10-29T14:34:04.427000
CVE-2024-49651,0,0,eff1cce374eeb20a6db75a05fbc6ce94258af07964e7154f22db427d876203b3,2024-11-01T16:39:52.677000
@ -268258,7 +268271,7 @@ CVE-2024-49963,0,0,caa2dbe270cd653cb5941c078e180516aa11a3d1d549d780a5e95562f8df7
CVE-2024-49964,0,0,bc6cb8135303f64feec76935b163a4670ca88e385e4de1089a7c3cd46cb57f5c,2024-11-07T19:20:04.357000
CVE-2024-49965,0,0,bc716ee71c882c2f0692b5d4e20fa1c022dcd5ff59afd87608180daaeedfcc95,2024-11-08T16:15:36.353000
CVE-2024-49966,0,0,8fa5bb154dd7e0cf455a09a24b145c1117246744c3b5e81704d3d89545f3e605,2024-11-08T16:15:38.823000
CVE-2024-49967,0,1,447c4501a84f79fcb0d2a9fd06e0db96134b9a0cbf881c77074171543852b5ad,2025-01-07T09:15:07.743000
CVE-2024-49967,0,0,447c4501a84f79fcb0d2a9fd06e0db96134b9a0cbf881c77074171543852b5ad,2025-01-07T09:15:07.743000
CVE-2024-49968,0,0,0205e4b7942a657ac03b4e6a351ea41779067505764d1b20d2efb7d0fd1b7b02,2024-11-07T19:28:02.937000
CVE-2024-49969,0,0,0f3e23ac11a3d2b8c80edd3cf8d3a1de4ae6abad88f32bf1a4d20a936c6c20ca,2024-10-25T20:15:51.520000
CVE-2024-4997,0,0,47864fbd7aa3f4a3952b40228409952486afd63ba69ace1cb5d30eed3f8be478,2024-11-21T09:44:01.020000
@ -269426,6 +269439,7 @@ CVE-2024-51648,0,0,dbb0968afe4034eda92af49d97342dc91c1ea36f66d8dfaf80e8afd706de0
CVE-2024-51649,0,0,c81969392142cf30b442ca2488ba5a508853d5d91fdf922f672d341833d4b7a4,2024-11-19T21:57:32.967000
CVE-2024-5165,0,0,bdb54bdc8b0d6f572d2785be548dcdb1e79f91fcf53f5df7d21dd9b71f61f720,2024-11-21T09:47:06.567000
CVE-2024-51650,0,0,04ef9455e8937238fe000c9cf2db59bb61cb5e35b0918868474c600631188fd1,2024-11-19T21:57:32.967000
CVE-2024-51651,1,1,4ed5686615a39204286566da6f539f64e71587e745925bfaa19147e2468e0e61,2025-01-07T11:15:08.113000
CVE-2024-51652,0,0,73549f75abf3f3baf03afe523dcecfd729118fe687d340792e7f45a9660fb08b,2024-11-19T21:57:32.967000
CVE-2024-51653,0,0,862ff379316a4c395b2836334692d81d6ac14ebcc80990d3f9ca902be8895e5d,2024-11-19T21:57:32.967000
CVE-2024-51654,0,0,944fa9733345027a554681013fbbfaeb37ba19b59e9d7e3b6f3cbc540f2b1869,2024-11-19T21:57:32.967000
@ -269478,6 +269492,7 @@ CVE-2024-51697,0,0,d54df5fedd22b880ecf7b5505c933519f4cb3fe586f40d120910516b3b20b
CVE-2024-51698,0,0,e71f0bbbd2c67c2df44e03f32b2229fc75aee8b458322a41a2e73201af7b63d8,2024-11-12T13:56:24.513000
CVE-2024-51699,0,0,517928539be8e07fa45441ad2fd33e98e8f06595c479d81c3630d7b5287e8aa4,2024-11-12T13:56:24.513000
CVE-2024-5170,0,0,bf5475eb7b56b589bcee149e45ce9522b71501d6f03b4c8aa2dacaf5ca700f3d,2024-09-27T18:23:43.833000
CVE-2024-51700,1,1,89a3477e0df3a4d9bb2bf88dcb2daee9cb0cef6b2698ebde14970d5a6adf1fc5,2025-01-07T11:15:08.283000
CVE-2024-51701,0,0,216549ae029fa1ca3c9662e015fe05c8ef90e5b3b611554788cb2fe2c1b49f6e,2024-11-12T13:56:24.513000
CVE-2024-51702,0,0,d8fd7c941d3344d6564f26739ba74ebc55e733635a0adc64132b1ee1f7cb0b69,2024-11-12T13:56:24.513000
CVE-2024-51703,0,0,89eb8a36a7d5c7c5a5141291669786ff7d04f102f9535e7b0f5f860d4887de26,2024-11-12T13:56:24.513000
@ -269493,6 +269508,7 @@ CVE-2024-51711,0,0,b5026417d96a88d7b586c42ce248704eddfbd5e8bebc8b219b8d4db3121d4
CVE-2024-51712,0,0,4776afd887df3d65067949479d4a5a33236c2cc62d78d8b38f6866df8f937180,2024-11-12T13:56:24.513000
CVE-2024-51713,0,0,f4c7f9e094a3a238ed3834f5e19a6901f0195d4ea9bb6a7a802da3f40b2d1a9e,2024-11-12T13:56:24.513000
CVE-2024-51714,0,0,9a45c79b06ce9520b2fbf85a624e3fb37b1d1fc6188ebdf5ee9af84a8c5ae139,2024-11-12T13:56:24.513000
CVE-2024-51715,1,1,6ef416fd37ef7ade2ecd9c456ca0f461172504cf31f584b91bddef125801aef7,2025-01-07T11:15:08.460000
CVE-2024-51716,0,0,1a7f478b63075a02d5dd114a22c494695394051a70a7a5a06777a5fb5656fa5a,2024-11-12T13:56:24.513000
CVE-2024-51717,0,0,e5a369baf84f0d855eda597ff3ea4e6d1166f77ec3152cdc4565d34cc9b28394,2024-11-12T13:56:24.513000
CVE-2024-51718,0,0,38d72c82e95a529daac12ce377d940e9806a7a6c19b7ba10406352fc292dedb6,2024-11-12T13:56:24.513000
@ -269890,6 +269906,8 @@ CVE-2024-52359,0,0,509efcb95ef880ccde43fccb440c416e0525cc864ec20eeb05761e61ccf2a
CVE-2024-5236,0,0,2567479af261d5b21b924e08416f98f775dfb54600e5bcd680efa9c7d4ca6153,2024-11-21T09:47:14.757000
CVE-2024-52360,0,0,bdf752aab28a84a7b3de79826a68d96a66c86dd4dcfd4d6f09f0c3b534e4dfec,2024-11-19T21:56:45.533000
CVE-2024-52361,0,0,0f590da84310a3a70b1ce4708563ee9a1181dbd1f95752797a9808951be26140,2024-12-18T16:15:13.967000
CVE-2024-52366,1,1,bb8e256858935f8814ddfe3bdf0e66cb6e5c370120e357e7af76eb242a6ca3ff,2025-01-07T12:15:24.680000
CVE-2024-52367,1,1,f9cc4215a4354a7f10b90d4d04066cfbf874b411d0562128954bdb058284e1a8,2025-01-07T12:15:24.847000
CVE-2024-52369,0,0,e081cda06af085b69b5cce5744190264c91cd87aef2aa4d459e7fe8f2ad5e6bb,2024-11-15T13:58:08.913000
CVE-2024-5237,0,0,850239c5226c0c64e0e8de715a204a907770a544458b3a79e6f4fcfb6446a2ec,2024-11-21T09:47:14.890000
CVE-2024-52370,0,0,d2931a84b2cf7b14e018c99dc708ce275e6f773b3432c9c5f476dcff0fb41c95,2024-11-15T13:58:08.913000
@ -270256,6 +270274,8 @@ CVE-2024-52872,0,0,d5c137691ac8affde2eb9f0d98f11a2242b42b7ed558ce4003950a4392704
CVE-2024-52876,0,0,6fd21241a1a4f5f736d93e368fdcf08c204bdebd19eb249ace2fceb507212592,2024-11-18T17:35:08.900000
CVE-2024-5288,0,0,35888db4a5e323e6a29faa7e47d2416858cbeb598a42c21aa0c323691cd3d86c,2024-08-28T12:57:39.090000
CVE-2024-5289,0,0,45ad6e1c3a8134226122bea6b70bcd4aeb55721ddc7a695e24fb24c5dc173e1b,2024-11-21T09:47:21.990000
CVE-2024-52891,1,1,c0501cc1266a2bd619aecd0020292b22c7b56165101d569b54e2d4a5e5ed8b8c,2025-01-07T12:15:25.010000
CVE-2024-52893,1,1,e0fd53ac8e3d776423f9e5092c3b49410d4b7ed0ec40ab9bbf4f1350907f4a9a,2025-01-07T12:15:25.153000
CVE-2024-52896,0,0,e4fbb864f7848e639fc1924ff6e3f9dbd32543077984aeb4db567e289d87688a,2024-12-19T17:15:09.797000
CVE-2024-52897,0,0,a95c21b621375142334fe37fe01c64626d608c334ccb17049cec65f4899cb6db,2024-12-19T18:15:23.357000
CVE-2024-52899,0,0,fd381e4ffbd82c5c3ae3119791a451a008b2780104bd8e38b6962694cf0bd562,2024-11-26T01:15:07.153000
@ -271868,9 +271888,36 @@ CVE-2024-56266,0,0,265a3e77ffeab76fe861882c5717b3b9f7e42687ff2745ec11b3fa63a202e
CVE-2024-56267,0,0,1a857d7bf07f7bdad7247fe75bbc7603553ef3ae2a1cef53f9569ee0b2c25d2f,2025-01-02T12:15:28.617000
CVE-2024-56268,0,0,6c5e42fafa8d0d431aa18ee0814c13c9e3020d74b57b5ddd14fbebc4b330873e,2025-01-02T13:15:08.120000
CVE-2024-5627,0,0,4f3ee87aef2fc9763c8caa5864c6f83c1e8820b485bf86b137197706dbea80f8,2024-11-21T09:48:02.683000
CVE-2024-56271,1,1,df93b7b8c223fda7db8cbb4a8cc54558145247fb67ea138a0710e62e8e911ccd,2025-01-07T11:15:08.633000
CVE-2024-56273,1,1,70a23a8ba1d0ad54c61e3bfa45bff3ffe0599c3be68f5ed823651c9ddf17a51a,2025-01-07T11:15:08.800000
CVE-2024-56274,1,1,91313746e73dee537f4f972ba62324c78971b1a73469f61e949c7f1c2409fe09,2025-01-07T11:15:08.960000
CVE-2024-56275,1,1,2793727a8fefb5fd80a40f3d275862084bc0f436c8be3b4ff920f614e5ec8751,2025-01-07T11:15:09.130000
CVE-2024-56276,1,1,edf3d6bd28c3bcb1c663cd9ff9c00515c0a41e8cd2eab0ccd5d51e7cdedec0f4,2025-01-07T11:15:09.293000
CVE-2024-56278,1,1,4537d7db0492733c0f7571c5e2cb3a2ab6f2be630bbe898e32e301103b454a03,2025-01-07T11:15:09.460000
CVE-2024-56279,1,1,fb08963287913155bbcf6e02d9560bcfc33a049d8f984ebd98ae337db0c7d0b2,2025-01-07T11:15:09.633000
CVE-2024-5628,0,0,755412ba03c7f502c54c635c9705b96a4154da09bb9bfca64f93d1d41d08cf6a,2024-09-26T15:14:26.547000
CVE-2024-56280,1,1,fdf350681a90dcecdfd57085a9bb526181655783e9da07940194562211312dc0,2025-01-07T11:15:09.820000
CVE-2024-56281,1,1,787668d40c31d955a6eada5097fa8520eb1e912fbe7063c421d93ac4d330c9b5,2025-01-07T11:15:10.003000
CVE-2024-56282,1,1,1ed2d7bce7c332f5f9b50e5d473e3717027690bc48b7c9bbbd2e1757ae2e54c0,2025-01-07T11:15:10.177000
CVE-2024-56283,1,1,7d0efc49fd4dd9e0d9d9182be7327446bde5a6f404f99d78c94e746efbb1aaf4,2025-01-07T11:15:10.357000
CVE-2024-56284,1,1,6c9d1d893e48b3fc757033f00523e9d52bbef21a08335a55572373f5e50b0cc9,2025-01-07T11:15:10.537000
CVE-2024-56285,1,1,53dcbb7aac120308c48afbdf0d789a4b52206114dd7e9c6752189cfdfd994b7c,2025-01-07T11:15:10.707000
CVE-2024-56286,1,1,f1240a345a1863c243d12ad848883f08a37ca5506ab053788b7d9eb2f4380750,2025-01-07T11:15:10.883000
CVE-2024-56287,1,1,8a46d37184d8b991e6147853f9feefcac6bcc6a00fe2d15db8863ccdaf0b0e9e,2025-01-07T11:15:11.060000
CVE-2024-56288,1,1,b9362d682c5550d7eb30dea55bb97b59b3a2da3b13a57a0372cc3cbf0c647e6e,2025-01-07T11:15:11.247000
CVE-2024-56289,1,1,9fd377c183708c6d7dd6c1a0655e6959fca682baf2fcdac96c68cd04aa35e3b8,2025-01-07T11:15:11.417000
CVE-2024-5629,0,0,f9daa1fe2950a7ccef0838fb6e6cae4a7319a3ab1da6174da12e5faf2c955f5a,2024-11-21T09:48:02.860000
CVE-2024-56290,1,1,e804845dcea0c7022f0312849d911d19b5f92ee017663329f4adf6c266928e62,2025-01-07T11:15:11.587000
CVE-2024-56291,1,1,1e89e99736007130072d6c2209d311906f24c7b697bc98702b8f36dcad17a249,2025-01-07T11:15:11.760000
CVE-2024-56292,1,1,c51f2fffee4e29f60b2b0d1d189c2341713abc23a1487d0cd7fdcdb1fcf4122c,2025-01-07T11:15:11.943000
CVE-2024-56293,1,1,b8ba7b42dbe37b16f05ba1b61e44f82d739a9fcf66077d2bccae329cbac3ee18,2025-01-07T11:15:12.100000
CVE-2024-56294,1,1,d94a6b5c80bef08f0aec07c3d76865d6fafb9641eb5afcdd2320b78b94a65505,2025-01-07T11:15:12.270000
CVE-2024-56296,1,1,727e5ea5c0e35a0c7ef78dac3be486a88ea4e18748f08f5e17f93dc62a555a12,2025-01-07T11:15:12.467000
CVE-2024-56297,1,1,beff089bce91d497c127a4695752299bf34729349cbe8bf9bd55f5d443a1d6b6,2025-01-07T11:15:12.643000
CVE-2024-56298,1,1,224a1683a7d2c9bc1d94e6f791ca81d5534b4b5a190efb516c0a9e3a594a97e0,2025-01-07T11:15:12.807000
CVE-2024-56299,1,1,81a883077652b91119a3cfe78b721fe30774c375ab9713ea1642fa0b9af8b16a,2025-01-07T11:15:12.960000
CVE-2024-5630,0,0,50874e31f2d6c9403bb3dbaf933b8b3f439196ea7c18b531eba9bc061324fe0f,2024-11-21T09:48:03.020000
CVE-2024-56300,1,1,6531f60bb6fc7d50575450a241ba60ed46e028300b5a029de0cff1df022f04a0,2025-01-07T11:15:13.117000
CVE-2024-56302,0,0,3cc2e63549a8e725e4b4c7af568502951e05c6a235ad3d0ca614770a8ee20a50,2025-01-02T12:15:28.753000
CVE-2024-5631,0,0,2a74e658158bae900a85436e92fd017c375ea2371e9ccb7b5a67e7bbd481f6b3,2024-11-21T09:48:03.210000
CVE-2024-56310,0,0,52fb9787ce6d270fefb09f2575978be0fb95a84a154a0887a6718d274c54ad79,2024-12-24T03:15:07.440000
@ -272128,7 +272175,7 @@ CVE-2024-56682,0,0,53beaf160720f9f5afdbf9e7ba50b4e778d1c8fb7caa7a79ed8bfa4a29feb
CVE-2024-56683,0,0,5168b6c07160d0479880d20439c4ddfd8e5d0835ecd512af83a2b92af2172947,2024-12-28T10:15:10.773000
CVE-2024-56684,0,0,1985fcc273ba4140fb204ccdde539644ed1c07bf1b25168f5fedc516042d8472,2024-12-28T10:15:11.267000
CVE-2024-56685,0,0,8004cd7f5551d83f0a296fb637efd38d0f7cfc910e138f911d41944c6e4bcd83,2024-12-28T10:15:11.593000
CVE-2024-56686,0,1,2bbdea7ee4d0bece808400f8f6b47a4a8890f61065b7e70bed4dc9d78ff78344,2025-01-07T09:15:16.897000
CVE-2024-56686,0,0,2bbdea7ee4d0bece808400f8f6b47a4a8890f61065b7e70bed4dc9d78ff78344,2025-01-07T09:15:16.897000
CVE-2024-56687,0,0,4db0f31fe9918baff8b88fec7f981f5bce223a69e6b5f0650ad08be1200eb53f,2024-12-28T10:15:12.153000
CVE-2024-56688,0,0,b5afb935f0cf7c8c0f833925106338d02c3d2154cdac3a6fd6b70b2e90f52dc5,2024-12-28T10:15:12.643000
CVE-2024-56689,0,0,874255f4fa9036b199d11600554cdbc9c345dee9e0c424980f47e9e74d82ba66,2024-12-28T10:15:13.130000
@ -272209,7 +272256,7 @@ CVE-2024-56759,0,0,51a4d69e473c95c2503d056afe5ba878b3c1df07567e3048365baf01598b1
CVE-2024-5676,0,0,42e21ca7cdab0bdccf25cf6637d45fef7f036494b6d014c88b5835e6e4847379,2024-11-21T09:48:08.420000
CVE-2024-56760,0,0,2125177c83e1cff8a660b64e56488eda9a1564eb230e3213cd7e7d6e709ec7af,2025-01-06T17:15:41.173000
CVE-2024-56761,0,0,2268c1312e9c768eeece5beab02482c4e7cc29ca6d6a7425791d414b0fae63ad,2025-01-06T17:15:41.480000
CVE-2024-56762,0,1,60cbcc45f06c16ba0161fce9430eab44b47458e705e9b29759993ec95842a560,2025-01-07T09:15:16.973000
CVE-2024-56762,0,0,60cbcc45f06c16ba0161fce9430eab44b47458e705e9b29759993ec95842a560,2025-01-07T09:15:16.973000
CVE-2024-56763,0,0,5a5e00ab0150e4c9f23d35d9c1a4efb51410e8b448d4cbf3a876661bb5e810ab,2025-01-06T17:15:42.150000
CVE-2024-56764,0,0,91b72a2ccbced4a7c9f79beaf4b327a4d43d7e0f7fa40f1c959b20a384ea4c3d,2025-01-06T17:15:42.483000
CVE-2024-56765,0,0,2f958432f7b5e0953f9bb292214ab20c0363a79c8806ec0afc9fc2b493a5e4c0,2025-01-06T17:15:42.800000
@ -275957,7 +276004,49 @@ CVE-2025-21617,0,0,1b5674c17538c133c12a05d0a22a69c96dc39356013d3a7f6803ed6735194
CVE-2025-21618,0,0,4c20ae4fc5c8b4aacd9f26687daa5f4af9af83a3837718673c9fc7ecd24be6c6,2025-01-06T17:15:47.660000
CVE-2025-21620,0,0,66289b3b3f28df54a495a49470b309f007a7b7fd72e39a3c6fd58a9e688ab03c,2025-01-06T23:15:07.770000
CVE-2025-22214,0,0,9f9cbba758088c6fe54f3b7aba457fa8b68f7e0bf397744585451dc526c7cea3,2025-01-02T04:15:06.277000
CVE-2025-22261,1,1,b64f32ab7c14edb8b70371073baa276f94f41977fffad6128d5b8c7f32ae4fb7,2025-01-07T11:15:13.290000
CVE-2025-22275,0,0,dc0905974c721b278910237158fbbf2db7a66a5bd4b529c9d9744ba0c53260f3,2025-01-03T07:15:25.297000
CVE-2025-22293,1,1,bd03641f797a3639dbea19e70261d5f3ef47716330e1253c8622562a786a5f2c,2025-01-07T11:15:13.473000
CVE-2025-22297,1,1,9977305a0d6e75d824a101b4298426a66f5e4c76cfe0c4871bbf38350398707d,2025-01-07T11:15:13.630000
CVE-2025-22298,1,1,8bc5151a6942224b93d58d09b54219f124b26cf650100c5c624298b6e94661bd,2025-01-07T11:15:13.783000
CVE-2025-22299,1,1,c413e7372a98636798485d615adbccdf818206e57405b9ae93b2ac23848684e5,2025-01-07T11:15:13.943000
CVE-2025-22300,1,1,2f4f93a07fc49820875d3175d80e5708296bdd9f14a938c96de7efad275710f9,2025-01-07T11:15:14.100000
CVE-2025-22301,1,1,30bab3717a7a0bca741d690c1479e62f819cd2155656ec44d78c982d84d75ff6,2025-01-07T11:15:14.240000
CVE-2025-22302,1,1,9b40c40d15063e6cb76e8e33a9f975cd91b38be16047944b37a967c977abfd7a,2025-01-07T11:15:14.387000
CVE-2025-22303,1,1,7f3990123a03c4c027b93344f96b18488d25683c34566288a5ac2e49799c51c3,2025-01-07T11:15:14.563000
CVE-2025-22304,1,1,dc86decb897d8dcb17d6736b8050d3d147c3f346bb65a4bf4381bfc3ce627059,2025-01-07T11:15:14.740000
CVE-2025-22305,1,1,f80b09c32552f5e5a6f1c3abe88e565f14882f9a6fcd2231897d49d487ea9c83,2025-01-07T11:15:14.907000
CVE-2025-22308,1,1,3082a330a5c2f55a8195387df80671bf625d85613ddf1f7720a63d796beb37c1,2025-01-07T11:15:15.043000
CVE-2025-22309,1,1,1d83d809e311c9f86146142b11ab3c2ee137d4e51c296bdf1e9908e49bfd5e64,2025-01-07T11:15:15.190000
CVE-2025-22310,1,1,611b8cef352c958ab385e33339cb21ae50588ba907bd8686700e8a0f08828219,2025-01-07T11:15:15.320000
CVE-2025-22312,1,1,864b53e49a0caf0c7477fbc1a622314be233df9866c8bc743a5d17b3ab7c6f47,2025-01-07T11:15:15.480000
CVE-2025-22315,1,1,88d7cb14e835cbfb35184951d4d2a01276f091d2cdaf1e147fca6e420a388c7e,2025-01-07T11:15:15.627000
CVE-2025-22316,1,1,1d4f03291501adc4e7db2e57a09c519ced1e62121cc59f1dd048002a13f21c3d,2025-01-07T11:15:15.763000
CVE-2025-22320,1,1,39971b0eba2ae0a7960757327aa5a1f311a765451f9b5f47f1b68ee3273616b0,2025-01-07T11:15:15.910000
CVE-2025-22321,1,1,4c47cbd5a81bbeb1a3ce3278f8eed6d123ea975216894c1911cb3a468c9f05d5,2025-01-07T11:15:16.073000
CVE-2025-22323,1,1,cdedb294b6295dcc011f80ea22408485a3314d32d768478ea6a9ed25cd479083,2025-01-07T11:15:16.297000
CVE-2025-22324,1,1,d3ca2c0e753301edd7488c1b4b5c806f3a8d662d685588b06f654cf6d7c2ae95,2025-01-07T11:15:16.437000
CVE-2025-22325,1,1,a26ebf3d09a104491cb845816a20513441b646d7a59c3b551b7343f54bb7eaf6,2025-01-07T11:15:16.577000
CVE-2025-22326,1,1,55fcc2ec90ca2a48f1ecf2e7ef15d685d0e234288e1450bdf5945ada1cab975d,2025-01-07T11:15:16.730000
CVE-2025-22327,1,1,94ae0a0af4015641e039cb88bbf4a5342f924e137904074a584ea13bae54ad53,2025-01-07T11:15:16.870000
CVE-2025-22328,1,1,85e6710d10db6ae0f5bd4808efdfb16540414aacd5b21f737702fea8c3f3f3b6,2025-01-07T11:15:17.020000
CVE-2025-22333,1,1,9076c8d41b6efd0e0fd9421ac7e36825af266ebb1d92a228e7e9cdde0a09d000,2025-01-07T11:15:17.160000
CVE-2025-22336,1,1,d1d30c72fb6e01dc20afc043a552806c00e06e487af20ad9dfbaf9607a442c8a,2025-01-07T11:15:17.313000
CVE-2025-22339,1,1,771cfd61a8b5d752aa38f63f03d13ecf4a4d9126ac8095ef4007c48756aefabd,2025-01-07T11:15:17.463000
CVE-2025-22342,1,1,063a12927989c01da7ad06ed778a17254bdc2f246dbbcfb9d1a331dab7385b47,2025-01-07T11:15:17.610000
CVE-2025-22343,1,1,a01cb6c83acf422bb85038c7e3d12905550105cbaa3bde139d47adcc60f7e94e,2025-01-07T11:15:17.743000
CVE-2025-22347,1,1,b23f9601774be508b95375b043d031713941d78a35e42f0b11cd23293672f811,2025-01-07T11:15:17.897000
CVE-2025-22348,1,1,86e2244a5ffc25b4844fe28b25003a18e5b493a92b7075a4184650958446241b,2025-01-07T11:15:18.037000
CVE-2025-22349,1,1,1aac443b538c01953d14a1490dcb4b090d3357b772a15bb29d022c3f9880c993,2025-01-07T11:15:18.183000
CVE-2025-22351,1,1,850cf70aa8b27015ce532cecc7f0819503b3dd39321b8093c7d78fe3fb290254,2025-01-07T11:15:18.330000
CVE-2025-22352,1,1,77c72d08304a1f4a828a4db852ee618f0ac94237ad547f3fa3c67bb38390eea4,2025-01-07T11:15:18.527000
CVE-2025-22353,1,1,bb13d32958cb020a5d38b41c167cac622c401d6dd92bed3b5262ff1ec4b962d5,2025-01-07T11:15:18.693000
CVE-2025-22355,1,1,7fb49003033f48622ee177ed3064a841afeb8f3b7923595e3ceb552e3c7193b9,2025-01-07T11:15:18.857000
CVE-2025-22357,1,1,147c0fa518b43fbbeedf81bdce042c347d77b134bf6606621324ad2a82888239,2025-01-07T11:15:19.013000
CVE-2025-22358,1,1,dc1be20fb09e74a2611eb7051b2d21fd1f1d91ae5c82de9f69ea7f312ec9287e,2025-01-07T11:15:19.167000
CVE-2025-22359,1,1,11db53ae6023dbca41854e1a04c18ab114bd8d0c5c79981bba4090ad1735197c,2025-01-07T11:15:19.310000
CVE-2025-22362,1,1,f2c1c84b7d03553f8071ba09037dd1ff504eab870b6dc98d49037cbeeba451a7,2025-01-07T11:15:19.453000
CVE-2025-22364,1,1,30da29bd1c8315e53dffcf2832952f80fef5aba5790c2ba343b9edf8659a4437,2025-01-07T11:15:19.600000
CVE-2025-22376,0,0,5718c706cab54399c824e81247fa8725e0b2da3334acc9f4e812565255340de1,2025-01-03T23:15:08.897000
CVE-2025-22383,0,0,5d92cf5968d0b3cb8c32ffddbb5f9d0fa05899712bf08a80edc7535b9d1dfdd0,2025-01-06T15:15:16.103000
CVE-2025-22384,0,0,c3eb3907c8203007a185e0b56ba50453f7625b9e4c3e243d711609914b16742e,2025-01-06T17:15:47.820000

Can't render this file because it is too large.