Auto-Update: 2024-06-05T04:00:37.950058+00:00

This commit is contained in:
cad-safe-bot 2024-06-05 04:03:32 +00:00
parent 32d5e60dfa
commit c77518d25b
4 changed files with 108 additions and 16 deletions

View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-5317",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-05T02:15:10.163",
"lastModified": "2024-06-05T02:15:10.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'np1' parameter in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3095002/newsletter",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4876e05e-efa6-46c6-832b-9ecc42934998?source=cve",
"source": "security@wordfence.com"
}
]
}

View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-5483",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-06-05T03:15:08.810",
"lastModified": "2024-06-05T03:15:08.810",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_permissions_check function. This makes it possible for unauthenticated attackers to extract basic information about website users, including their emails"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/learnpress/tags/4.2.6.8/inc/jwt/rest-api/version1/class-lp-rest-users-v1-controller.php#L130",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/122b75d2-e882-45b9-baf1-acf847f8d60a?source=cve",
"source": "security@wordfence.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-06-05T02:00:29.942309+00:00 2024-06-05T04:00:37.950058+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-06-05T01:15:11.470000+00:00 2024-06-05T03:15:08.810000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,19 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
252678 252680
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `6` Recently added CVEs: `2`
- [CVE-2020-27354](CVE-2020/CVE-2020-273xx/CVE-2020-27354.json) (`2024-06-05T00:15:09.547`) - [CVE-2024-5317](CVE-2024/CVE-2024-53xx/CVE-2024-5317.json) (`2024-06-05T02:15:10.163`)
- [CVE-2020-27355](CVE-2020/CVE-2020-273xx/CVE-2020-27355.json) (`2024-06-05T00:15:09.617`) - [CVE-2024-5483](CVE-2024/CVE-2024-54xx/CVE-2024-5483.json) (`2024-06-05T03:15:08.810`)
- [CVE-2020-35153](CVE-2020/CVE-2020-351xx/CVE-2020-35153.json) (`2024-06-05T00:15:09.680`)
- [CVE-2020-35154](CVE-2020/CVE-2020-351xx/CVE-2020-35154.json) (`2024-06-05T00:15:09.740`)
- [CVE-2024-4084](CVE-2024/CVE-2024-40xx/CVE-2024-4084.json) (`2024-06-05T00:15:09.840`)
- [CVE-2024-5636](CVE-2024/CVE-2024-56xx/CVE-2024-5636.json) (`2024-06-05T01:15:11.470`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

View File

@ -156049,8 +156049,8 @@ CVE-2020-2735,0,0,5ed2dcc843c2aa0f70c01b3b04a7d2d4a91ff944b2732397fc6241efa2aaec
CVE-2020-27350,0,0,af17d465acd51bc162bfc23e932ea96c98e49e911a17cd3c85b21ce58f1c65ff,2022-10-29T02:41:36.810000 CVE-2020-27350,0,0,af17d465acd51bc162bfc23e932ea96c98e49e911a17cd3c85b21ce58f1c65ff,2022-10-29T02:41:36.810000
CVE-2020-27351,0,0,23ce876d0cc9cd7447f4adbd408d27289c1b3011c303be7d699e76c691aa1761,2020-12-14T19:56:18.940000 CVE-2020-27351,0,0,23ce876d0cc9cd7447f4adbd408d27289c1b3011c303be7d699e76c691aa1761,2020-12-14T19:56:18.940000
CVE-2020-27353,0,0,dc1a7f42a9a4f966e49a5b6386fd9687eba1eac037e40cb29822574f6ad4b163,2024-06-04T23:15:09.320000 CVE-2020-27353,0,0,dc1a7f42a9a4f966e49a5b6386fd9687eba1eac037e40cb29822574f6ad4b163,2024-06-04T23:15:09.320000
CVE-2020-27354,1,1,45dbf196c098dca554d5a1355d73bf4a1e889b5e4842af65035d79e289fb9b14,2024-06-05T00:15:09.547000 CVE-2020-27354,0,0,45dbf196c098dca554d5a1355d73bf4a1e889b5e4842af65035d79e289fb9b14,2024-06-05T00:15:09.547000
CVE-2020-27355,1,1,a2f55d973e1e8b65f87c5f3fb63316f566dec73ca1e0dd417dfb723f7fe99ad0,2024-06-05T00:15:09.617000 CVE-2020-27355,0,0,a2f55d973e1e8b65f87c5f3fb63316f566dec73ca1e0dd417dfb723f7fe99ad0,2024-06-05T00:15:09.617000
CVE-2020-27356,0,0,089f01c399a236bad80d4090623c0fa328c5cf5907b8a912ffebef424b4740dd,2021-12-08T16:57:12.960000 CVE-2020-27356,0,0,089f01c399a236bad80d4090623c0fa328c5cf5907b8a912ffebef424b4740dd,2021-12-08T16:57:12.960000
CVE-2020-27358,0,0,6d0391d06fa8e5f5e96d7f74c2ec950d58c943804da0f8b70b35f9a21e18d415,2021-07-01T16:55:07.650000 CVE-2020-27358,0,0,6d0391d06fa8e5f5e96d7f74c2ec950d58c943804da0f8b70b35f9a21e18d415,2021-07-01T16:55:07.650000
CVE-2020-27359,0,0,1b672b1aa2a4941a9463e7878574188197e630869b0f92eb03b2c42c42b6327c,2020-11-04T16:31:32.460000 CVE-2020-27359,0,0,1b672b1aa2a4941a9463e7878574188197e630869b0f92eb03b2c42c42b6327c,2020-11-04T16:31:32.460000
@ -157971,8 +157971,8 @@ CVE-2020-35149,0,0,b43e9665044c9fefe2cb3d7554a766c9c42acc393317f1558fd074f373470
CVE-2020-3515,0,0,0ecdadecdd82558497998d8d228dc614794fd97c4c2bfd11ad814c8a3a2eab3a,2020-10-28T20:20:34.327000 CVE-2020-3515,0,0,0ecdadecdd82558497998d8d228dc614794fd97c4c2bfd11ad814c8a3a2eab3a,2020-10-28T20:20:34.327000
CVE-2020-35151,0,0,70df8b9d712911f1b568a0db54919373c3d8deb3bf1c92e8f272ed04a80ae49e,2023-11-14T21:00:16.900000 CVE-2020-35151,0,0,70df8b9d712911f1b568a0db54919373c3d8deb3bf1c92e8f272ed04a80ae49e,2023-11-14T21:00:16.900000
CVE-2020-35152,0,0,96609e9bab102143668a6a3fb965303a7f5167a9507f8dece796a38e70b9f42d,2021-02-05T19:49:54.400000 CVE-2020-35152,0,0,96609e9bab102143668a6a3fb965303a7f5167a9507f8dece796a38e70b9f42d,2021-02-05T19:49:54.400000
CVE-2020-35153,1,1,5f1ea9e878e03059181ba41a9e4996fd1f32142ecd048ab59938c090d2dc67fe,2024-06-05T00:15:09.680000 CVE-2020-35153,0,0,5f1ea9e878e03059181ba41a9e4996fd1f32142ecd048ab59938c090d2dc67fe,2024-06-05T00:15:09.680000
CVE-2020-35154,1,1,ffb8f19eb914943ee930f02ccbc51936248f7ee6589f29dc672b6f16876f241b,2024-06-05T00:15:09.740000 CVE-2020-35154,0,0,ffb8f19eb914943ee930f02ccbc51936248f7ee6589f29dc672b6f16876f241b,2024-06-05T00:15:09.740000
CVE-2020-3516,0,0,572bfb3bb99b31729dbd9c30f5e709d971039855f09a180b0403cbbb2a0ab442,2020-10-08T13:36:56.253000 CVE-2020-3516,0,0,572bfb3bb99b31729dbd9c30f5e709d971039855f09a180b0403cbbb2a0ab442,2020-10-08T13:36:56.253000
CVE-2020-35163,0,0,a96c99555aa4c39a8a0aa9e59dc61dbe3e3682075529b3bbd48690fc3489bd93,2022-11-29T02:49:41.470000 CVE-2020-35163,0,0,a96c99555aa4c39a8a0aa9e59dc61dbe3e3682075529b3bbd48690fc3489bd93,2022-11-29T02:49:41.470000
CVE-2020-35164,0,0,9d1075995aa8f3aeffd7f912cf5aba1330bd29582626a23afa3bf5bd0680c241,2022-10-06T16:07:35.737000 CVE-2020-35164,0,0,9d1075995aa8f3aeffd7f912cf5aba1330bd29582626a23afa3bf5bd0680c241,2022-10-06T16:07:35.737000
@ -251819,7 +251819,7 @@ CVE-2024-4077,0,0,88c9fb35aec8dbee15c3169eb34c083d7cc8d7a290cdea9208a3041187ada8
CVE-2024-4078,0,0,f02a6c29d80f944755bef4fcac2904ebf0cf2a727c904e067874e25c2b43b0a2,2024-05-16T13:03:05.353000 CVE-2024-4078,0,0,f02a6c29d80f944755bef4fcac2904ebf0cf2a727c904e067874e25c2b43b0a2,2024-05-16T13:03:05.353000
CVE-2024-4082,0,0,9bcc679f7514b7d071aa621d11dbe3b6578d11cf65d1c2f18fedd0888ce997fc,2024-05-14T16:11:39.510000 CVE-2024-4082,0,0,9bcc679f7514b7d071aa621d11dbe3b6578d11cf65d1c2f18fedd0888ce997fc,2024-05-14T16:11:39.510000
CVE-2024-4083,0,0,90b3f0c23e53e5107774f39811ea28166caf07e02a51ec5c595625bec75a4f5e,2024-05-02T18:00:37.360000 CVE-2024-4083,0,0,90b3f0c23e53e5107774f39811ea28166caf07e02a51ec5c595625bec75a4f5e,2024-05-02T18:00:37.360000
CVE-2024-4084,1,1,cdd0df7919c28f881bd53cf1deb5b03087820977803cb8c9e5d4d4b8259a386f,2024-06-05T00:15:09.840000 CVE-2024-4084,0,0,cdd0df7919c28f881bd53cf1deb5b03087820977803cb8c9e5d4d4b8259a386f,2024-06-05T00:15:09.840000
CVE-2024-4085,0,0,18b49aedef154a5f78284d7ff3699691fe3b4904260085a931cc6d08f4fb7ca8,2024-05-02T18:00:37.360000 CVE-2024-4085,0,0,18b49aedef154a5f78284d7ff3699691fe3b4904260085a931cc6d08f4fb7ca8,2024-05-02T18:00:37.360000
CVE-2024-4086,0,0,c06eb3f0c2fbe1c42ce58a59441202866280214c07091170b4fb53c94814c994,2024-05-02T18:00:37.360000 CVE-2024-4086,0,0,c06eb3f0c2fbe1c42ce58a59441202866280214c07091170b4fb53c94814c994,2024-05-02T18:00:37.360000
CVE-2024-4087,0,0,c042d2a1de26e6b1fe0621a6edcac1fb8cab9f866d13a8bc2e77c06eafe2f2ff,2024-06-03T14:46:24.250000 CVE-2024-4087,0,0,c042d2a1de26e6b1fe0621a6edcac1fb8cab9f866d13a8bc2e77c06eafe2f2ff,2024-06-03T14:46:24.250000
@ -252564,6 +252564,7 @@ CVE-2024-5311,0,0,254582b6f9bf67f7974ecb2d947c8ea8261db1fbcce62f651ad1dbc864d7bc
CVE-2024-5312,0,0,3a9d8301087c1d7edb8976207e286d0d247ebf6ccf4b5edb4137e81b02e5ec2b,2024-05-24T13:03:05.093000 CVE-2024-5312,0,0,3a9d8301087c1d7edb8976207e286d0d247ebf6ccf4b5edb4137e81b02e5ec2b,2024-05-24T13:03:05.093000
CVE-2024-5314,0,0,fb6304ffb5d50ce8724d643a46fad25ba80695f7c0c0eb4ec33a07d41bc4980a,2024-05-24T13:03:05.093000 CVE-2024-5314,0,0,fb6304ffb5d50ce8724d643a46fad25ba80695f7c0c0eb4ec33a07d41bc4980a,2024-05-24T13:03:05.093000
CVE-2024-5315,0,0,e1b0baaf93d62cf125eea53091da57c404cdf61d625ae810529ebef84e73357d,2024-05-24T13:03:05.093000 CVE-2024-5315,0,0,e1b0baaf93d62cf125eea53091da57c404cdf61d625ae810529ebef84e73357d,2024-05-24T13:03:05.093000
CVE-2024-5317,1,1,f1fa6ba8aaa2a89d1570b4f611a0322abd09601428c027c481c7e3f9fe671a30,2024-06-05T02:15:10.163000
CVE-2024-5318,0,0,812431b83287688611dc496217ea25ba5560744235da04dca7a35239cac1fe9a,2024-05-24T18:09:20.027000 CVE-2024-5318,0,0,812431b83287688611dc496217ea25ba5560744235da04dca7a35239cac1fe9a,2024-05-24T18:09:20.027000
CVE-2024-5326,0,0,9beaa1147d54b3ae536a6eb0023672ae377946ef8aec317bd58c5324df5850c7,2024-05-30T13:15:41.297000 CVE-2024-5326,0,0,9beaa1147d54b3ae536a6eb0023672ae377946ef8aec317bd58c5324df5850c7,2024-05-30T13:15:41.297000
CVE-2024-5327,0,0,84b1605ed9f8fbbcd152a70275bed021ec8172a393ec025e57c9733c6898763a,2024-05-30T13:15:41.297000 CVE-2024-5327,0,0,84b1605ed9f8fbbcd152a70275bed021ec8172a393ec025e57c9733c6898763a,2024-05-30T13:15:41.297000
@ -252646,6 +252647,7 @@ CVE-2024-5434,0,0,dc2716eb218edba725ac85c17a2930de7a00b6563d0ca53040574106ea0b92
CVE-2024-5436,0,0,95eba267f429de080e9b35fcd14e1e1840b0308e404c32773ec35c18106c7cbc,2024-05-31T13:01:46.727000 CVE-2024-5436,0,0,95eba267f429de080e9b35fcd14e1e1840b0308e404c32773ec35c18106c7cbc,2024-05-31T13:01:46.727000
CVE-2024-5437,0,0,551b020f0044e3ab584c14f08f0984900b4bc26534c92382eb6ac2bb660708ea,2024-06-04T19:21:09.363000 CVE-2024-5437,0,0,551b020f0044e3ab584c14f08f0984900b4bc26534c92382eb6ac2bb660708ea,2024-06-04T19:21:09.363000
CVE-2024-5463,0,0,a83ead02d534db419d64d9a246adc999062f3a690f2d2cbba14bffeb9debf0f5,2024-06-04T16:57:41.053000 CVE-2024-5463,0,0,a83ead02d534db419d64d9a246adc999062f3a690f2d2cbba14bffeb9debf0f5,2024-06-04T16:57:41.053000
CVE-2024-5483,1,1,5529c97278d3f25108282683906a92383dd2ca1a9ba0be070cd04ea84d856791,2024-06-05T03:15:08.810000
CVE-2024-5484,0,0,7de35f8eee9232651ed147ec3168f6740617b1737ec3ff6913988b98b84f6ef1,2024-05-31T11:15:09.783000 CVE-2024-5484,0,0,7de35f8eee9232651ed147ec3168f6740617b1737ec3ff6913988b98b84f6ef1,2024-05-31T11:15:09.783000
CVE-2024-5485,0,0,dca0cc3d797ec50003ec75de23195400e6c002137c330b8a6fe7501d852f23b7,2024-06-04T16:57:41.053000 CVE-2024-5485,0,0,dca0cc3d797ec50003ec75de23195400e6c002137c330b8a6fe7501d852f23b7,2024-06-04T16:57:41.053000
CVE-2024-5493,0,0,8180f9c7c83a7ebab82ac7c00536ed64f553bc96cb8ba2cddb06ad7e2d969883,2024-05-31T13:01:46.727000 CVE-2024-5493,0,0,8180f9c7c83a7ebab82ac7c00536ed64f553bc96cb8ba2cddb06ad7e2d969883,2024-05-31T13:01:46.727000
@ -252676,4 +252678,4 @@ CVE-2024-5588,0,0,21589c4423d1fee081cb695dd8009f3bd5a36bd74dae1713c28449f0da1cd8
CVE-2024-5589,0,0,dc63c38434ce5bb089af0d0f8aa09f6a46f1fae34dd45c15f4542741dea047b7,2024-06-03T14:46:24.250000 CVE-2024-5589,0,0,dc63c38434ce5bb089af0d0f8aa09f6a46f1fae34dd45c15f4542741dea047b7,2024-06-03T14:46:24.250000
CVE-2024-5590,0,0,ca60332ff9933405c7b9b37e93d2404b53274b9ec741b4065c0c1eadbd60da94,2024-06-03T14:46:24.250000 CVE-2024-5590,0,0,ca60332ff9933405c7b9b37e93d2404b53274b9ec741b4065c0c1eadbd60da94,2024-06-03T14:46:24.250000
CVE-2024-5635,0,0,d955bff05988108c4df31c650616da32aaf5ecbaf2b998d24bf49ab092bac321,2024-06-04T22:15:10.833000 CVE-2024-5635,0,0,d955bff05988108c4df31c650616da32aaf5ecbaf2b998d24bf49ab092bac321,2024-06-04T22:15:10.833000
CVE-2024-5636,1,1,5d0061b5ccc5b5cfaf69adce0bc201a464e1b4fa63384366df6d42f47c2a1a4a,2024-06-05T01:15:11.470000 CVE-2024-5636,0,0,5d0061b5ccc5b5cfaf69adce0bc201a464e1b4fa63384366df6d42f47c2a1a4a,2024-06-05T01:15:11.470000

Can't render this file because it is too large.