admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-10T11:00:24.428277+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-10 11:00:28 +00:00
parent f3a5cee14b
commit c5d1158df4
11 changed files with 564 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-514xx/CVE-2023-51404.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51404",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:07.480",
"lastModified": "2024-02-10T09:15:07.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyAgilePrivacy My Agile Privacy \u2013 The only GDPR solution for WordPress that you can truly trust allows Stored XSS.This issue affects My Agile Privacy \u2013 The only GDPR solution for WordPress that you can truly trust: from n/a through 2.1.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/myagileprivacy/wordpress-my-agile-privacy-plugin-2-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51415.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51415",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:07.740",
"lastModified": "2024-02-10T09:15:07.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GiveWP GiveWP \u2013 Donation Plugin and Fundraising Platform allows Stored XSS.This issue affects GiveWP \u2013 Donation Plugin and Fundraising Platform: from n/a through 3.2.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-3-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51480.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51480",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:07.990",
"lastModified": "2024-02-10T09:15:07.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store allows Stored XSS.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/profit-products-tables-for-woocommerce/wordpress-active-products-tables-for-woocommerce-plugin-1-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51485.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51485",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:08.183",
"lastModified": "2024-02-10T09:15:08.183",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through 1.14.13.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-vipps/wordpress-pay-with-vipps-for-woocommerce-plugin-1-14-13-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51488.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51488",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:08.390",
"lastModified": "2024-02-10T09:15:08.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. Crowdsignal Dashboard \u2013 Polls, Surveys & more allows Reflected XSS.This issue affects Crowdsignal Dashboard \u2013 Polls, Surveys & more: from n/a through 3.0.11.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/polldaddy/wordpress-crowdsignal-polls-ratings-plugin-3-0-11-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51492.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51492",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:08.597",
"lastModified": "2024-02-10T09:15:08.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/if-so/wordpress-if-so-dynamic-content-personalization-plugin-1-6-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51493.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51493",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:08.803",
"lastModified": "2024-02-10T09:15:08.803",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Howard Ehrenberg Custom Post Carousels with Owl allows Stored XSS.This issue affects Custom Post Carousels with Owl: from n/a through 1.4.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dd-post-carousel/wordpress-custom-post-carousels-with-owl-plugin-1-4-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-235xx/CVE-2024-23514.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23514",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:09.010",
"lastModified": "2024-02-10T09:15:09.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ClickToTweet.Com Click To Tweet allows Stored XSS.This issue affects Click To Tweet: from n/a through 2.0.14.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/click-to-tweet/wordpress-click-to-tweet-plugin-2-0-14-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-235xx/CVE-2024-23516.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23516",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:09.203",
"lastModified": "2024-02-10T09:15:09.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Calculators World CC BMI Calculator allows Stored XSS.This issue affects CC BMI Calculator: from n/a through 2.0.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cc-bmi-calculator/wordpress-cc-bmi-calculator-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-235xx/CVE-2024-23517.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23517",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-10T09:15:09.393",
"lastModified": "2024-02-10T09:15:09.393",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Start Booking Scheduling Plugin \u2013 Online Booking for WordPress allows Stored XSS.This issue affects Scheduling Plugin \u2013 Online Booking for WordPress: from n/a through 3.5.10.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/calendar-booking/wordpress-scheduling-plugin-online-booking-for-wordpress-plugin-3-5-10-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

29
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-02-10T09:00:23.981779+00:00
2024-02-10T11:00:24.428277+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-02-10T08:15:09.333000+00:00
2024-02-10T09:15:09.393000+00:00
```
### Last Data Feed Release
@ -29,24 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
238094
238104
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `10`
* [CVE-2024-0594](CVE-2024/CVE-2024-05xx/CVE-2024-0594.json) (`2024-02-10T07:15:07.600`)
* [CVE-2024-0595](CVE-2024/CVE-2024-05xx/CVE-2024-0595.json) (`2024-02-10T07:15:08.220`)
* [CVE-2024-0596](CVE-2024/CVE-2024-05xx/CVE-2024-0596.json) (`2024-02-10T07:15:08.700`)
* [CVE-2024-1406](CVE-2024/CVE-2024-14xx/CVE-2024-1406.json) (`2024-02-10T08:15:07.170`)
* [CVE-2024-24712](CVE-2024/CVE-2024-247xx/CVE-2024-24712.json) (`2024-02-10T08:15:07.570`)
* [CVE-2024-24713](CVE-2024/CVE-2024-247xx/CVE-2024-24713.json) (`2024-02-10T08:15:07.860`)
* [CVE-2024-24717](CVE-2024/CVE-2024-247xx/CVE-2024-24717.json) (`2024-02-10T08:15:08.223`)
* [CVE-2024-24801](CVE-2024/CVE-2024-248xx/CVE-2024-24801.json) (`2024-02-10T08:15:08.463`)
* [CVE-2024-24803](CVE-2024/CVE-2024-248xx/CVE-2024-24803.json) (`2024-02-10T08:15:08.743`)
* [CVE-2024-24804](CVE-2024/CVE-2024-248xx/CVE-2024-24804.json) (`2024-02-10T08:15:08.983`)
* [CVE-2024-24831](CVE-2024/CVE-2024-248xx/CVE-2024-24831.json) (`2024-02-10T08:15:09.333`)
* [CVE-2023-51404](CVE-2023/CVE-2023-514xx/CVE-2023-51404.json) (`2024-02-10T09:15:07.480`)
* [CVE-2023-51415](CVE-2023/CVE-2023-514xx/CVE-2023-51415.json) (`2024-02-10T09:15:07.740`)
* [CVE-2023-51480](CVE-2023/CVE-2023-514xx/CVE-2023-51480.json) (`2024-02-10T09:15:07.990`)
* [CVE-2023-51485](CVE-2023/CVE-2023-514xx/CVE-2023-51485.json) (`2024-02-10T09:15:08.183`)
* [CVE-2023-51488](CVE-2023/CVE-2023-514xx/CVE-2023-51488.json) (`2024-02-10T09:15:08.390`)
* [CVE-2023-51492](CVE-2023/CVE-2023-514xx/CVE-2023-51492.json) (`2024-02-10T09:15:08.597`)
* [CVE-2023-51493](CVE-2023/CVE-2023-514xx/CVE-2023-51493.json) (`2024-02-10T09:15:08.803`)
* [CVE-2024-23514](CVE-2024/CVE-2024-235xx/CVE-2024-23514.json) (`2024-02-10T09:15:09.010`)
* [CVE-2024-23516](CVE-2024/CVE-2024-235xx/CVE-2024-23516.json) (`2024-02-10T09:15:09.203`)
* [CVE-2024-23517](CVE-2024/CVE-2024-235xx/CVE-2024-23517.json) (`2024-02-10T09:15:09.393`)
### CVEs modified in the last Commit