admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-07-20T10:00:18.875747+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-07-20 10:03:14 +00:00
parent 4f616204ff
commit d1dd06ac59
71 changed files with 3988 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
CVE-2024/CVE-2024-375xx/CVE-2024-37563.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37563",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:03.410",
"lastModified": "2024-07-20T09:15:03.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TOCHAT.BE allows Stored XSS.This issue affects TOCHAT.BE: from n/a through 1.3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tochat-be/wordpress-tochat-be-plugin-1-3-0-unauthenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-375xx/CVE-2024-37565.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37565",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:03.780",
"lastModified": "2024-07-20T09:15:03.780",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gum-elementor-addon/wordpress-gum-elementor-addon-plugin-1-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37918.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37918",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:04.097",
"lastModified": "2024-07-20T09:15:04.097",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPCone.Com ConeBlog \u2013 WordPress Blog Widgets allows Stored XSS.This issue affects ConeBlog \u2013 WordPress Blog Widgets: from n/a through 1.4.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/coneblog-widgets/wordpress-coneblog-plugin-1-4-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37919.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37919",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:04.400",
"lastModified": "2024-07-20T09:15:04.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Timeline Module for Beaver Builder allows Stored XSS.This issue affects Timeline Module for Beaver Builder: from n/a through 1.1.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/timeline-for-beaver-builder/wordpress-timeline-module-for-beaver-builder-plugin-1-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37920.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37920",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:04.723",
"lastModified": "2024-07-20T09:15:04.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Repute InfoSystems ARForms Form Builder allows Reflected XSS.This issue affects ARForms Form Builder: from n/a through 1.6.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/arforms-form-builder/wordpress-arforms-form-builder-plugin-1-6-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37922.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37922",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:05.063",
"lastModified": "2024-07-20T09:15:05.063",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.34."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/premium-addons-for-elementor/wordpress-premium-addons-for-elementor-plugin-4-10-34-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37936.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37936",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:05.423",
"lastModified": "2024-07-20T09:15:05.423",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in labibahmed Tabs For WPBakery Page Builder allows Stored XSS.This issue affects Tabs For WPBakery Page Builder: from n/a through 1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tabs-for-visual-composer/wordpress-tabs-for-wpbakery-page-builder-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37943.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37943",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:05.720",
"lastModified": "2024-07-20T09:15:05.720",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Ajax Product Filter allows Reflected XSS.This issue affects YITH WooCommerce Ajax Product Filter: from n/a through 5.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/yith-woocommerce-ajax-navigation/wordpress-yith-woocommerce-ajax-product-filter-plugin-5-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37944.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37944",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:06.017",
"lastModified": "2024-07-20T09:15:06.017",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel Engine allows Stored XSS.This issue affects WP Travel Engine: from n/a through 5.9.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-travel-engine/wordpress-wp-travel-engine-tour-booking-plugin-tour-operator-software-plugin-5-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37946.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37946",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:06.327",
"lastModified": "2024-07-20T09:15:06.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs ReCaptcha Integration for WordPress allows Stored XSS.This issue affects ReCaptcha Integration for WordPress: from n/a through 1.2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-recaptcha-integration/wordpress-recaptcha-integration-for-wordpress-plugin-1-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37947.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37947",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:06.693",
"lastModified": "2024-07-20T09:15:06.693",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37948.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37948",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:07.000",
"lastModified": "2024-07-20T09:15:07.000",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PootlePress Caxton \u2013 Create Pro page layouts in Gutenberg allows Stored XSS.This issue affects Caxton \u2013 Create Pro page layouts in Gutenberg: from n/a through 1.30.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/caxton/wordpress-caxton-create-pro-page-layouts-in-gutenberg-plugin-1-30-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37949.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37949",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:07.277",
"lastModified": "2024-07-20T09:15:07.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/responsive-mobile/wordpress-responsive-mobile-theme-1-15-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37950.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37950",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:07.577",
"lastModified": "2024-07-20T09:15:07.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodexHelp Master Popups allows Stored XSS.This issue affects Master Popups: from n/a through 1.0.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/master-popups-lite/wordpress-master-popups-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37951.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37951",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:07.893",
"lastModified": "2024-07-20T09:15:07.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor alam Magical Posts Display \u2013 Elementor & Gutenberg Posts Blocks allows Stored XSS.This issue affects Magical Posts Display \u2013 Elementor & Gutenberg Posts Blocks: from n/a through 1.2.38."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/magical-posts-display/wordpress-magical-posts-display-plugin-1-2-38-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37953.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37953",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:08.197",
"lastModified": "2024-07-20T09:15:08.197",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MBE Worldwide S.P.A. MBE eShip allows Reflected XSS.This issue affects MBE eShip: from n/a through 2.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mail-boxes-etc/wordpress-mbe-eship-plugin-2-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37954.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37954",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:08.557",
"lastModified": "2024-07-20T09:15:08.557",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-responsive-slider/wordpress-simple-responsive-slider-plugin-0-2-2-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37955.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37955",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:08.917",
"lastModified": "2024-07-20T09:15:08.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zakaria Binsaifullah GutSlider \u2013 All in One Block Slider allows Stored XSS.This issue affects GutSlider \u2013 All in One Block Slider: from n/a through 2.7.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/slider-blocks/wordpress-gutslider-all-in-one-block-slider-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37956.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37956",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:09.247",
"lastModified": "2024-07-20T09:15:09.247",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.98.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vk-all-in-one-expansion-unit/wordpress-vk-all-in-one-expansion-unit-plugin-9-97-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37957.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37957",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:09.550",
"lastModified": "2024-07-20T09:15:09.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bradmax Bradmax Player allows Stored XSS.This issue affects Bradmax Player: from n/a through 1.1.27."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bradmax-player/wordpress-bradmax-player-plugin-1-1-27-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37958.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37958",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:09.860",
"lastModified": "2024-07-20T09:15:09.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/meks-smart-author-widget/wordpress-meks-smart-author-widget-plugin-1-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37959.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37959",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T09:15:10.187",
"lastModified": "2024-07-20T09:15:10.187",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/embed-power-bi/wordpress-power-bi-embedded-for-wordpress-plugin-1-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37960.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37960",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:02.737",
"lastModified": "2024-07-20T08:15:02.737",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/codepen-embedded-pen-shortcode/wordpress-codepen-embedded-pens-shortcode-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-379xx/CVE-2024-37961.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-37961",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:03.117",
"lastModified": "2024-07-20T08:15:03.117",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in codoc.Jp allows Stored XSS.This issue affects codoc: from n/a through 0.9.51.12."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/codoc/wordpress-codoc-plugin-0-9-51-12-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38669.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38669",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:03.493",
"lastModified": "2024-07-20T08:15:03.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in a3rev Software WooCommerce Predictive Search allows Reflected XSS.This issue affects WooCommerce Predictive Search: from n/a through 6.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-predictive-search/wordpress-predictive-search-for-woocommerce-plugin-6-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38670.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38670",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:03.800",
"lastModified": "2024-07-20T08:15:03.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Members allows Stored XSS.This issue affects Team Members: from n/a through 5.3.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/team-members/wordpress-team-members-plugin-5-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38671.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38671",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:04.133",
"lastModified": "2024-07-20T08:15:04.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson WP GoToWebinar allows Stored XSS.This issue affects WP GoToWebinar: from n/a through 15.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-gotowebinar/wordpress-wp-gotowebinar-plugin-15-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38672.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38672",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:04.387",
"lastModified": "2024-07-20T08:15:04.387",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in namithjawahar AdPush allows Reflected XSS.This issue affects AdPush: from n/a through 1.50."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/adsense-plugin/wordpress-adpush-plugin-1-50-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38673.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38673",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:04.700",
"lastModified": "2024-07-20T08:15:04.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Obtain Infotech Multisite Content Copier/Updater allows Reflected XSS.This issue affects Multisite Content Copier/Updater: from n/a through 1.5.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-multisite-content-copier/wordpress-multisite-content-copier-updater-plugin-1-5-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38674.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38674",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:04.980",
"lastModified": "2024-07-20T08:15:04.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/skt-addons-for-elementor/wordpress-skt-addons-for-elementor-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38675.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38675",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:05.297",
"lastModified": "2024-07-20T08:15:05.297",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LOOS,Inc. Arkhe Blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a through 2.22.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/arkhe-blocks/wordpress-arkhe-blocks-plugin-2-22-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38676.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38676",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:05.620",
"lastModified": "2024-07-20T08:15:05.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Booking Ultra Pro allows Stored XSS.This issue affects Booking Ultra Pro: from n/a through 1.1.13."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-appointments-booking-calendar-plugin-plugin-1-1-13-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38677.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38677",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:05.930",
"lastModified": "2024-07-20T08:15:05.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Reviews.Co.Uk REVIEWS.Io allows Stored XSS.This issue affects REVIEWS.Io: from n/a through 1.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/reviewscouk-for-woocommerce/wordpress-reviews-io-plugin-1-2-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38678.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38678",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:06.290",
"lastModified": "2024-07-20T08:15:06.290",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Calendar.Online Calendar.Online / Kalender.Digital allows Stored XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/kalender-digital/wordpress-calendar-online-kalender-digital-plugin-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38679.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38679",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:06.563",
"lastModified": "2024-07-20T08:15:06.563",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yongki Agustinus Animated Typed JS Shortcode allows Stored XSS.This issue affects Animated Typed JS Shortcode: from n/a through 2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/animated-typed-js-shortcode/wordpress-animated-typed-js-shortcode-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38680.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38680",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:06.840",
"lastModified": "2024-07-20T08:15:06.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Appmaker Appmaker \u2013 Convert WooCommerce to Android & iOS Native Mobile Apps allows Reflected XSS.This issue affects Appmaker \u2013 Convert WooCommerce to Android & iOS Native Mobile Apps: from n/a through 1.36.12."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/appmaker-woocommerce-mobile-app-manager/wordpress-appmaker-plugin-1-36-12-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38681.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38681",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:07.180",
"lastModified": "2024-07-20T08:15:07.180",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.41."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/magical-addons-for-elementor/wordpress-magical-addons-for-elementor-plugin-1-1-41-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38682.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38682",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:07.477",
"lastModified": "2024-07-20T08:15:07.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Techeshta Post Layouts for Gutenberg allows Stored XSS.This issue affects Post Layouts for Gutenberg: from n/a through 1.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/post-layouts/wordpress-post-layouts-for-gutenberg-plugin-1-2-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38683.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38683",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:07.800",
"lastModified": "2024-07-20T08:15:07.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in iThemelandCo WooCommerce Report allows Reflected XSS.This issue affects WooCommerce Report: from n/a through 1.4.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ithemelandco-woo-report/wordpress-woocommerce-report-plugin-1-4-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38684.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38684",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:08.060",
"lastModified": "2024-07-20T08:15:08.060",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FunnelKit SlingBlocks \u2013 Gutenberg Blocks by FunnelKit (Formerly WooFunnels) allows Stored XSS.This issue affects SlingBlocks \u2013 Gutenberg Blocks by FunnelKit (Formerly WooFunnels): from n/a through 1.4.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/slingblocks/wordpress-slingblocks-plugin-1-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38685.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38685",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:08.353",
"lastModified": "2024-07-20T08:15:08.353",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SubscriptionPro WP Announcement allows Stored XSS.This issue affects WP Announcement: from n/a through 2.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sp-announcement/wordpress-wp-announcement-plugin-2-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38686.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38686",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:08.650",
"lastModified": "2024-07-20T08:15:08.650",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pluginic FancyPost \u2013 Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor allows Stored XSS.This issue affects FancyPost \u2013 Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor: from n/a through 5.3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/post-block/wordpress-fancypost-plugin-5-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38687.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38687",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:08.950",
"lastModified": "2024-07-20T08:15:08.950",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Techfyd Sky Addons for Elementor allows Stored XSS.This issue affects Sky Addons for Elementor: from n/a through 2.5.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sky-elementor-addons/wordpress-sky-addons-for-elementor-plugin-2-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38689.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38689",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:09.287",
"lastModified": "2024-07-20T08:15:09.287",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Garrett Grimm Simple Popup allows Stored XSS.This issue affects Simple Popup: from n/a through 4.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-popup-plugin/wordpress-simple-popup-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38694.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38694",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:09.637",
"lastModified": "2024-07-20T08:15:09.637",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Moloni allows Reflected XSS.This issue affects Moloni: from n/a through 4.7.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/moloni/wordpress-moloni-plugin-4-7-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38696.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38696",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:10.003",
"lastModified": "2024-07-20T08:15:10.003",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows Reflected XSS.This issue affects Zoho CRM Lead Magnet: from n/a through 1.7.8.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/zoho-crm-forms/wordpress-zoho-crm-lead-magnet-plugin-1-7-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38697.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38697",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:10.293",
"lastModified": "2024-07-20T08:15:10.293",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Rahimi Goftino allows Stored XSS.This issue affects Goftino: from n/a through 1.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/goftino/wordpress-goftino-plugin-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-386xx/CVE-2024-38698.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38698",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:10.577",
"lastModified": "2024-07-20T08:15:10.577",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Skill Bar allows Stored XSS.This issue affects SKT Skill Bar: from n/a through 2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/skt-skill-bar/wordpress-skt-skill-bar-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38703.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38703",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:10.903",
"lastModified": "2024-07-20T08:15:10.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-event-aggregator/wordpress-wp-event-aggregator-plugin-1-7-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38705.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38705",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:11.243",
"lastModified": "2024-07-20T08:15:11.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/elementinvader-addons-for-elementor/wordpress-elementinvader-addons-for-elementor-plugin-1-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38710.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38710",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:11.600",
"lastModified": "2024-07-20T08:15:11.600",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/master-addons/wordpress-master-addons-free-widgets-hover-effects-toggle-conditions-animations-for-elementor-plugin-2-0-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38711.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38711",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:11.903",
"lastModified": "2024-07-20T08:15:11.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.7.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/link-library/wordpress-link-library-plugin-7-7-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38712.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38712",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:12.240",
"lastModified": "2024-07-20T08:15:12.240",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Qode Interactive Qi Blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through 1.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/qi-blocks/wordpress-qi-blocks-plugin-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38713.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38713",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:12.550",
"lastModified": "2024-07-20T08:15:12.550",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-8-01-007-authenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38718.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38718",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:12.840",
"lastModified": "2024-07-20T08:15:12.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in clicklabs\u00ae Medienagentur Download Button for Elementor allows Stored XSS.This issue affects Download Button for Elementor: from n/a through 1.2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/download-button-for-elementor/wordpress-download-button-for-elementor-plugin-1-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38720.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38720",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:13.110",
"lastModified": "2024-07-20T08:15:13.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EazyDocs eazydocs allows Stored XSS.This issue affects EazyDocs: from n/a through 2.5.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/eazydocs/wordpress-eazydocs-plugin-2-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38722.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38722",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:13.393",
"lastModified": "2024-07-20T08:15:13.393",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Stored XSS.This issue affects Job Board Manager: from n/a through 2.1.57."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/job-board-manager/wordpress-job-board-manager-plugin-2-1-57-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38725.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38725",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:13.660",
"lastModified": "2024-07-20T08:15:13.660",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webstix Admin Dashboard RSS Feed allows Stored XSS.This issue affects Admin Dashboard RSS Feed: from n/a through 3.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/admin-dashboard-rss-feed/wordpress-admin-dashboard-rss-feed-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38738.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38738",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:13.953",
"lastModified": "2024-07-20T08:15:13.953",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Marian Kadanka Change From Email allows Stored XSS.This issue affects Change From Email: from n/a through 1.2.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-from-email/wordpress-change-from-email-plugin-1-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38739.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38739",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:14.277",
"lastModified": "2024-07-20T08:15:14.277",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/onepress/wordpress-onepress-theme-2-3-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38741.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38741",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:14.643",
"lastModified": "2024-07-20T08:15:14.643",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor-E-Alam Amazing Hover Effects allows Stored XSS.This issue affects Amazing Hover Effects: from n/a through 2.4.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/amazing-hover-effects/wordpress-amazing-hover-effects-plugin-2-4-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38750.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38750",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:14.983",
"lastModified": "2024-07-20T08:15:14.983",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in digontoahsan Advanced post slider.This issue affects Advanced post slider: from n/a through 3.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-post-slider/wordpress-advanced-post-slider-plugin-3-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38757.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38757",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:15.283",
"lastModified": "2024-07-20T08:15:15.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Typebot allows Stored XSS.This issue affects Typebot: from n/a through 3.6.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/typebot/wordpress-typebot-plugin-3-6-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38758.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38758",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:15.590",
"lastModified": "2024-07-20T08:15:15.590",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 6.0.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wapppress-builds-android-app-for-website/wordpress-wapppress-plugin-6-0-4-blind-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

56
CVE-2024/CVE-2024-387xx/CVE-2024-38767.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38767",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-07-20T08:15:15.883",
"lastModified": "2024-07-20T08:15:15.883",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BannerSky.Com BSK PDF Manager allows Stored XSS.This issue affects BSK PDF Manager: from n/a through 3.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bsk-pdf-manager/wordpress-bsk-pdf-manager-plugin-3-6-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

68
CVE-2024/CVE-2024-64xx/CVE-2024-6497.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2024-6497",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-20T09:15:10.530",
"lastModified": "2024-07-20T09:15:10.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018url\u2019 parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/squirrly-seo/trunk/controllers/Api.php#L267",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3121853/",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/squirrly-seo/#developers",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb3aa613-8f34-4d96-8ddf-41fcdcf65c59?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-66xx/CVE-2024-6635.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6635",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-20T08:15:16.177",
"lastModified": "2024-07-20T08:15:16.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. This is due to insufficient controls in the 'woo_slg_login_email' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, excluding an administrator, if they know the email of user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin/8495883",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/37836722-eb25-4393-8cdf-91057642ba3f?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-66xx/CVE-2024-6636.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6636",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-20T08:15:16.510",
"lastModified": "2024-07-20T08:15:16.510",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'woo_slg_login_email' function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to change the default role to Administrator while registering for an account."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin/8495883",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77ea4ba8-6c13-494a-92e3-12643003635b?source=cve",
"source": "security@wordfence.com"
}
]
}

60
CVE-2024/CVE-2024-66xx/CVE-2024-6637.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2024-6637",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-07-20T08:15:16.840",
"lastModified": "2024-07-20T08:15:16.840",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. This is due to a lack of brute force controls on a weak one-time password. This makes it possible for unauthenticated attackers to brute force the one-time password for any user, except an Administrator, if they know the email of user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-305"
}
]
}
],
"references": [
{
"url": "https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin/8495883",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10d92d5e-1c23-4f6a-bfab-0756876190a5?source=cve",
"source": "security@wordfence.com"
}
]
}

35
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-07-20T08:00:17.882747+00:00 2024-07-20T10:00:18.875747+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-07-20T07:15:02.410000+00:00 2024-07-20T09:15:10.530000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,15 +33,38 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
257531 257600
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `2` Recently added CVEs: `69`
- [CVE-2024-6489](CVE-2024/CVE-2024-64xx/CVE-2024-6489.json) (`2024-07-20T07:15:01.963`) - [CVE-2024-38694](CVE-2024/CVE-2024-386xx/CVE-2024-38694.json) (`2024-07-20T08:15:09.637`)
- [CVE-2024-6491](CVE-2024/CVE-2024-64xx/CVE-2024-6491.json) (`2024-07-20T07:15:02.410`) - [CVE-2024-38696](CVE-2024/CVE-2024-386xx/CVE-2024-38696.json) (`2024-07-20T08:15:10.003`)
- [CVE-2024-38697](CVE-2024/CVE-2024-386xx/CVE-2024-38697.json) (`2024-07-20T08:15:10.293`)
- [CVE-2024-38698](CVE-2024/CVE-2024-386xx/CVE-2024-38698.json) (`2024-07-20T08:15:10.577`)
- [CVE-2024-38703](CVE-2024/CVE-2024-387xx/CVE-2024-38703.json) (`2024-07-20T08:15:10.903`)
- [CVE-2024-38705](CVE-2024/CVE-2024-387xx/CVE-2024-38705.json) (`2024-07-20T08:15:11.243`)
- [CVE-2024-38710](CVE-2024/CVE-2024-387xx/CVE-2024-38710.json) (`2024-07-20T08:15:11.600`)
- [CVE-2024-38711](CVE-2024/CVE-2024-387xx/CVE-2024-38711.json) (`2024-07-20T08:15:11.903`)
- [CVE-2024-38712](CVE-2024/CVE-2024-387xx/CVE-2024-38712.json) (`2024-07-20T08:15:12.240`)
- [CVE-2024-38713](CVE-2024/CVE-2024-387xx/CVE-2024-38713.json) (`2024-07-20T08:15:12.550`)
- [CVE-2024-38718](CVE-2024/CVE-2024-387xx/CVE-2024-38718.json) (`2024-07-20T08:15:12.840`)
- [CVE-2024-38720](CVE-2024/CVE-2024-387xx/CVE-2024-38720.json) (`2024-07-20T08:15:13.110`)
- [CVE-2024-38722](CVE-2024/CVE-2024-387xx/CVE-2024-38722.json) (`2024-07-20T08:15:13.393`)
- [CVE-2024-38725](CVE-2024/CVE-2024-387xx/CVE-2024-38725.json) (`2024-07-20T08:15:13.660`)
- [CVE-2024-38738](CVE-2024/CVE-2024-387xx/CVE-2024-38738.json) (`2024-07-20T08:15:13.953`)
- [CVE-2024-38739](CVE-2024/CVE-2024-387xx/CVE-2024-38739.json) (`2024-07-20T08:15:14.277`)
- [CVE-2024-38741](CVE-2024/CVE-2024-387xx/CVE-2024-38741.json) (`2024-07-20T08:15:14.643`)
- [CVE-2024-38750](CVE-2024/CVE-2024-387xx/CVE-2024-38750.json) (`2024-07-20T08:15:14.983`)
- [CVE-2024-38757](CVE-2024/CVE-2024-387xx/CVE-2024-38757.json) (`2024-07-20T08:15:15.283`)
- [CVE-2024-38758](CVE-2024/CVE-2024-387xx/CVE-2024-38758.json) (`2024-07-20T08:15:15.590`)
- [CVE-2024-38767](CVE-2024/CVE-2024-387xx/CVE-2024-38767.json) (`2024-07-20T08:15:15.883`)
- [CVE-2024-6497](CVE-2024/CVE-2024-64xx/CVE-2024-6497.json) (`2024-07-20T09:15:10.530`)
- [CVE-2024-6635](CVE-2024/CVE-2024-66xx/CVE-2024-6635.json) (`2024-07-20T08:15:16.177`)
- [CVE-2024-6636](CVE-2024/CVE-2024-66xx/CVE-2024-6636.json) (`2024-07-20T08:15:16.510`)
- [CVE-2024-6637](CVE-2024/CVE-2024-66xx/CVE-2024-6637.json) (`2024-07-20T08:15:16.840`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

73
_state.csv
View File

@ -254181,7 +254181,9 @@ CVE-2024-37554,0,0,f21873c8cc723d73a5be37e43f70a0cc0c9c1c460efddd02b4e8ae7999da0
CVE-2024-37555,0,0,1644327e39d431b11dca9e571309a66e1f1bfd16300400fc24b3c08e5496ae7a,2024-07-17T18:11:44.260000 CVE-2024-37555,0,0,1644327e39d431b11dca9e571309a66e1f1bfd16300400fc24b3c08e5496ae7a,2024-07-17T18:11:44.260000
CVE-2024-3756,0,0,9f6325e6bf8bb208b4e2ee6674c7d5cde657d33007cb72c8f23cf7232b49431b,2024-07-03T02:06:32.530000 CVE-2024-3756,0,0,9f6325e6bf8bb208b4e2ee6674c7d5cde657d33007cb72c8f23cf7232b49431b,2024-07-03T02:06:32.530000
CVE-2024-37560,0,0,6a6c51fd8ffab166572e38f12a64292826710da41d309700e65eba27d6039e12,2024-07-12T16:34:58.687000 CVE-2024-37560,0,0,6a6c51fd8ffab166572e38f12a64292826710da41d309700e65eba27d6039e12,2024-07-12T16:34:58.687000
CVE-2024-37563,1,1,a7bcd96a6802b29647c5e435ca1284679a741b47b6a577c5570f8fbd48279954,2024-07-20T09:15:03.410000
CVE-2024-37564,0,0,e7a776936a19636d3a76b462e4343d760a6a25be8bce1ad25bb7880ea2c1908a,2024-07-12T16:34:58.687000 CVE-2024-37564,0,0,e7a776936a19636d3a76b462e4343d760a6a25be8bce1ad25bb7880ea2c1908a,2024-07-12T16:34:58.687000
CVE-2024-37565,1,1,cd29cd59b4dcb71dc162aeacd38887a129251b9b27b2c600691182e5d9abdecb,2024-07-20T09:15:03.780000
CVE-2024-37568,0,0,fb5ce381c9f9e372e24500708a838fda77fe0bec0aaac1b460d65214b55c9ccf,2024-06-20T09:15:12.253000 CVE-2024-37568,0,0,fb5ce381c9f9e372e24500708a838fda77fe0bec0aaac1b460d65214b55c9ccf,2024-06-20T09:15:12.253000
CVE-2024-37569,0,0,d72ceb83b037eeec35f3e81abfdf503a49618e4aba004fb3f45e6970df347f2e,2024-07-03T02:04:20.517000 CVE-2024-37569,0,0,d72ceb83b037eeec35f3e81abfdf503a49618e4aba004fb3f45e6970df347f2e,2024-07-03T02:04:20.517000
CVE-2024-3757,0,0,d3e75f8205a45aeb6c1cb5b9efd4d99998e027f23a100dabf40ce218744ea3e8,2024-05-07T13:39:32.710000 CVE-2024-3757,0,0,d3e75f8205a45aeb6c1cb5b9efd4d99998e027f23a100dabf40ce218744ea3e8,2024-05-07T13:39:32.710000
@ -254326,7 +254328,11 @@ CVE-2024-37903,0,0,886576036d4d085b682af52548aacb4c341112369e14bf61e8ca80c2c202d
CVE-2024-37904,0,0,4a1838bfa872e93babcec91edc2a58b1f777ff60512a3a43aa04f02c821270dc,2024-06-20T12:44:01.637000 CVE-2024-37904,0,0,4a1838bfa872e93babcec91edc2a58b1f777ff60512a3a43aa04f02c821270dc,2024-06-20T12:44:01.637000
CVE-2024-37905,0,0,76667799c8b41a4c84b1440977b5297bf4074f7f71d64c5e6ed0abc93aad04a6,2024-07-01T12:37:24.220000 CVE-2024-37905,0,0,76667799c8b41a4c84b1440977b5297bf4074f7f71d64c5e6ed0abc93aad04a6,2024-07-01T12:37:24.220000
CVE-2024-3791,0,0,767a003f920bfca311025815b56da50ca1604fe6f1547763faa14f2481b1f8a4,2024-05-14T16:11:39.510000 CVE-2024-3791,0,0,767a003f920bfca311025815b56da50ca1604fe6f1547763faa14f2481b1f8a4,2024-05-14T16:11:39.510000
CVE-2024-37918,1,1,32fc6140ff59f194cab8b04bd04ec4f9840a13003bdb23779e98699158a5b546,2024-07-20T09:15:04.097000
CVE-2024-37919,1,1,3184b87b3a8974c161a6849553093964d31196ee1b40e5cb1c07c452147f5488,2024-07-20T09:15:04.400000
CVE-2024-3792,0,0,b2d7f7e579eff1bf3cc457c41f5782185342411a77aac1022f0e4393ef1fd163,2024-05-14T16:11:39.510000 CVE-2024-3792,0,0,b2d7f7e579eff1bf3cc457c41f5782185342411a77aac1022f0e4393ef1fd163,2024-05-14T16:11:39.510000
CVE-2024-37920,1,1,28a286751285c13150b5183cf8a09220e454cefe5981b3150d3dd230b3a32662,2024-07-20T09:15:04.723000
CVE-2024-37922,1,1,4eb196c3a938fc1f6159d9607039d2c19d4b17c6e47d7a16fae9ed22bce0a376,2024-07-20T09:15:05.063000
CVE-2024-37923,0,0,0f277f016f5fbeb4c94053f1c3c5921e348aa14bf063918224f804db2fff94d1,2024-07-09T18:19:14.047000 CVE-2024-37923,0,0,0f277f016f5fbeb4c94053f1c3c5921e348aa14bf063918224f804db2fff94d1,2024-07-09T18:19:14.047000
CVE-2024-37927,0,0,6e523e69f7c51373b280acd8113d97246ba05f65cbdcbcfc2f6c98d020f9522e,2024-07-12T16:34:58.687000 CVE-2024-37927,0,0,6e523e69f7c51373b280acd8113d97246ba05f65cbdcbcfc2f6c98d020f9522e,2024-07-12T16:34:58.687000
CVE-2024-37928,0,0,232529d3b572f04b7e3513c8e007b461ed8da07a2526f3a83d9072726dac3e46,2024-07-12T16:34:58.687000 CVE-2024-37928,0,0,232529d3b572f04b7e3513c8e007b461ed8da07a2526f3a83d9072726dac3e46,2024-07-12T16:34:58.687000
@ -254334,14 +254340,32 @@ CVE-2024-3793,0,0,45180ff35ea2c7285cdd371de1244c7a4424d1261f14c1bf7f3ac3169f3ba4
CVE-2024-37932,0,0,5186f998d9a20ac6689fba660a23d767e6b8122dd26478aa16c28fb3bf816f59,2024-07-12T16:34:58.687000 CVE-2024-37932,0,0,5186f998d9a20ac6689fba660a23d767e6b8122dd26478aa16c28fb3bf816f59,2024-07-12T16:34:58.687000
CVE-2024-37933,0,0,6cea39946c80320b897adc63858d22c978af7202b2ac51fc6671f69cbc85e40d,2024-07-12T16:34:58.687000 CVE-2024-37933,0,0,6cea39946c80320b897adc63858d22c978af7202b2ac51fc6671f69cbc85e40d,2024-07-12T16:34:58.687000
CVE-2024-37934,0,0,20d80f75e222e93cd8bf312483db42a7dd2efce13206dab8e3080dada5a4be9e,2024-07-09T18:19:14.047000 CVE-2024-37934,0,0,20d80f75e222e93cd8bf312483db42a7dd2efce13206dab8e3080dada5a4be9e,2024-07-09T18:19:14.047000
CVE-2024-37936,1,1,3ad1e3cbe3d283d108caa8644f307d12ee9ad276ddec8e08d925e4623eac3723,2024-07-20T09:15:05.423000
CVE-2024-37938,0,0,cc9a715411959a9adf0fa6b35e0c67459ba5daf3ae5695e02407868365da117b,2024-07-12T16:34:58.687000 CVE-2024-37938,0,0,cc9a715411959a9adf0fa6b35e0c67459ba5daf3ae5695e02407868365da117b,2024-07-12T16:34:58.687000
CVE-2024-37939,0,0,604cb2a00d25544d5799a7fe712ac053f6ec4e37643e0db1131b14ff154f8fac,2024-07-12T16:34:58.687000 CVE-2024-37939,0,0,604cb2a00d25544d5799a7fe712ac053f6ec4e37643e0db1131b14ff154f8fac,2024-07-12T16:34:58.687000
CVE-2024-3794,0,0,6e44f3f929dcd0d4adad15596c58f782c4fb31b92a4af005c9d6cedb10aa1f60,2024-05-14T16:11:39.510000 CVE-2024-3794,0,0,6e44f3f929dcd0d4adad15596c58f782c4fb31b92a4af005c9d6cedb10aa1f60,2024-05-14T16:11:39.510000
CVE-2024-37940,0,0,86f6fa66e03c77c09146bd7af3f4907ca21521918b8ff60678da4bea49847c4a,2024-07-12T16:34:58.687000 CVE-2024-37940,0,0,86f6fa66e03c77c09146bd7af3f4907ca21521918b8ff60678da4bea49847c4a,2024-07-12T16:34:58.687000
CVE-2024-37941,0,0,5b6280375406c2cec157d83fbd019a06cd4baabd2cd1a87c9eb05f8e903dacbf,2024-07-12T16:34:58.687000 CVE-2024-37941,0,0,5b6280375406c2cec157d83fbd019a06cd4baabd2cd1a87c9eb05f8e903dacbf,2024-07-12T16:34:58.687000
CVE-2024-37943,1,1,c1a034a3f6e2ae2fb3739bc9edb8bf8089fcf4ab859e7f6947bb8860c588391a,2024-07-20T09:15:05.720000
CVE-2024-37944,1,1,7bbf4d21b65d876d9b8ab99cfb04937ad172e1e582822b0c86e305fb9eb82b7e,2024-07-20T09:15:06.017000
CVE-2024-37946,1,1,7eb60472e4b75ae01a1c1c6ce01fd726bc4cb2aa2eb9ab906df9c51c624d223a,2024-07-20T09:15:06.327000
CVE-2024-37947,1,1,2b5b55ae377021c4e8000825642380ddf32c2548302faf02af9a894c62e0269e,2024-07-20T09:15:06.693000
CVE-2024-37948,1,1,a09c80634ab7f315b64ab8ff24d19e4f0a3484b4a0651dc777fdf62d8aa29235,2024-07-20T09:15:07
CVE-2024-37949,1,1,b6f1b64ef9c481d4aadc03b503350d5d73e7894ec09b7a462422a67bbc2e9b49,2024-07-20T09:15:07.277000
CVE-2024-3795,0,0,f16f2517dca7ca05b3c4907d5c002f230ac9e36a749d3bc6fea553bc4f317d0d,2024-05-14T16:11:39.510000 CVE-2024-3795,0,0,f16f2517dca7ca05b3c4907d5c002f230ac9e36a749d3bc6fea553bc4f317d0d,2024-05-14T16:11:39.510000
CVE-2024-37950,1,1,170d19bb320dca2bdb20f7401b2fb1caf585566da7456231d363df38db09b55d,2024-07-20T09:15:07.577000
CVE-2024-37951,1,1,3a7d607d72c29de2de38d3a852598b276eaa9d7269c02263ed37733ecd2d6fc1,2024-07-20T09:15:07.893000
CVE-2024-37952,0,0,07b8e150160469fa7f383cffb1cb86110c59692916e686f9bf6e4d8611de65a9,2024-07-09T18:19:14.047000 CVE-2024-37952,0,0,07b8e150160469fa7f383cffb1cb86110c59692916e686f9bf6e4d8611de65a9,2024-07-09T18:19:14.047000
CVE-2024-37953,1,1,3fe260bf8687975734722649faa30481d39a737c72037e426892887266db34b6,2024-07-20T09:15:08.197000
CVE-2024-37954,1,1,6356a75bde5af041662fc573d110cb839feacd00b7f51ad2271cb640e30ed899,2024-07-20T09:15:08.557000
CVE-2024-37955,1,1,e048b5d82cb847fc442ec6ad4924a7b5eaa3accc51f46f0bbd0c6d3c2225c6d4,2024-07-20T09:15:08.917000
CVE-2024-37956,1,1,c50bc98b7c5e14b046b1326dc47f3ad6a48e663e77e2b6de13b4d1e8d0afdefe,2024-07-20T09:15:09.247000
CVE-2024-37957,1,1,13a8567b5ff9088d8c7d8d368e6a3c609a3cc6f19fd489c9e0f730c7ac8c7651,2024-07-20T09:15:09.550000
CVE-2024-37958,1,1,eb3fe45952ed5a6c30ef19eb3f0748dfacdd09c514130c660384e103271cdb7b,2024-07-20T09:15:09.860000
CVE-2024-37959,1,1,53f8c3efa2aa1982d556a73b006e97dba81ba07d3b21a1fa34a8ea73edf73d24,2024-07-20T09:15:10.187000
CVE-2024-3796,0,0,5bae4d416035885a0192c05970d5fd8edbaa05fe9b0acf97b8394b245a69cda0,2024-05-14T16:11:39.510000 CVE-2024-3796,0,0,5bae4d416035885a0192c05970d5fd8edbaa05fe9b0acf97b8394b245a69cda0,2024-05-14T16:11:39.510000
CVE-2024-37960,1,1,e4ad7ebbd28fa70f9fe62f59c1a1bc42c331360a77900b35ea5cc8d3c50adf94,2024-07-20T08:15:02.737000
CVE-2024-37961,1,1,c18a96dfbd5bc9b21bbc9242b323a0b1ee5abf4ad30fd4350f265ffe36d7c03b,2024-07-20T08:15:03.117000
CVE-2024-37969,0,0,9cda862f222f06c0ea4271cea0b4c27a650f00d5454026fb1e3657b35f8e92c3,2024-07-16T16:33:58.220000 CVE-2024-37969,0,0,9cda862f222f06c0ea4271cea0b4c27a650f00d5454026fb1e3657b35f8e92c3,2024-07-16T16:33:58.220000
CVE-2024-3797,0,0,151890f4e5d8e0d5473cf065c3613433333b9f328648ba8da91d4cb5eb80d846,2024-05-17T02:40:08.123000 CVE-2024-3797,0,0,151890f4e5d8e0d5473cf065c3613433333b9f328648ba8da91d4cb5eb80d846,2024-05-17T02:40:08.123000
CVE-2024-37970,0,0,f961697c7788754c6ab5d8c03485408f8bcc3bb1a7cce532aa01297f6de9ca2b,2024-07-16T16:34:31.423000 CVE-2024-37970,0,0,f961697c7788754c6ab5d8c03485408f8bcc3bb1a7cce532aa01297f6de9ca2b,2024-07-16T16:34:31.423000
@ -254733,26 +254757,67 @@ CVE-2024-38662,0,0,587269b0aade9b66f2b27453b59929a1dd57dcfa88975eb87dd718f6e7386
CVE-2024-38663,0,0,76edf2df49fecd967d78d8fa91a81453e6903492924f9f2a65b88c7cc552bf4f,2024-06-24T19:26:47.037000 CVE-2024-38663,0,0,76edf2df49fecd967d78d8fa91a81453e6903492924f9f2a65b88c7cc552bf4f,2024-06-24T19:26:47.037000
CVE-2024-38664,0,0,418ee48bd44d13024e4f172458676dafa0328cf20a417e7f77e8ce1f228430db,2024-06-26T13:52:23.033000 CVE-2024-38664,0,0,418ee48bd44d13024e4f172458676dafa0328cf20a417e7f77e8ce1f228430db,2024-06-26T13:52:23.033000
CVE-2024-38667,0,0,4b5489473e44a31d8ebc57a7df1b1f90dd93f1295210f54d8df43808f9aac1bc,2024-06-26T13:53:56.883000 CVE-2024-38667,0,0,4b5489473e44a31d8ebc57a7df1b1f90dd93f1295210f54d8df43808f9aac1bc,2024-06-26T13:53:56.883000
CVE-2024-38669,1,1,6d1cf0a4e08f633bb312ab6a6d2f4737524581c5243bb1dc84d1f8e93e4fd7f3,2024-07-20T08:15:03.493000
CVE-2024-3867,0,0,3968b9e505102e62d9c9cd090501b1f1c2cd1651a087ff43068fc396f312a659,2024-04-16T17:15:11.113000 CVE-2024-3867,0,0,3968b9e505102e62d9c9cd090501b1f1c2cd1651a087ff43068fc396f312a659,2024-04-16T17:15:11.113000
CVE-2024-38670,1,1,6e1784dee87eb46dade5ed5aeb61f7291304b1369b60e0c57e6b6bd3ed8203d6,2024-07-20T08:15:03.800000
CVE-2024-38671,1,1,cd49fd54a57f4c7529793d98f11f6bbe9138c8ab74fe754574013551090c0dfb,2024-07-20T08:15:04.133000
CVE-2024-38672,1,1,59bfb33ebd239661dd586003b412eef12e64f72a3932e419d15cf36ed478ec24,2024-07-20T08:15:04.387000
CVE-2024-38673,1,1,c88edb7c6d630d51195ae975c606a67dbc35634d8c2ddf42e4ae78438c9566e7,2024-07-20T08:15:04.700000
CVE-2024-38674,1,1,11103e3a5714b92a1731ce14216f09cfb3a5357e4494ee49ddd09035fa56e63f,2024-07-20T08:15:04.980000
CVE-2024-38675,1,1,448879d4079b9d27cd0a49324bc7128d2a8014da36ca9e0c63fe61fef4193c09,2024-07-20T08:15:05.297000
CVE-2024-38676,1,1,09bb95ff6fbaf1a744d8f68ea360aa96c0275ff3c875880b1d0324005bb2decd,2024-07-20T08:15:05.620000
CVE-2024-38677,1,1,a79b6457dc9f64f4df2c0b6be6109b1a2bbbb8a11868ea37eaa9829a7af124f4,2024-07-20T08:15:05.930000
CVE-2024-38678,1,1,56f384f5e5e04b82c82e2e286d6208c9cbbf30d44cdd28b0b7cc89ea0e5cc34a,2024-07-20T08:15:06.290000
CVE-2024-38679,1,1,4bc59db4c0efa707263bf6ffff78406b339f475302a9167bebcd93a37acebc58,2024-07-20T08:15:06.563000
CVE-2024-3868,0,0,e1417c1283c9e85e54c2c04c3fd7a3ee8c9b3d4b862f81817923323186a93622,2024-05-06T12:44:56.377000 CVE-2024-3868,0,0,e1417c1283c9e85e54c2c04c3fd7a3ee8c9b3d4b862f81817923323186a93622,2024-05-06T12:44:56.377000
CVE-2024-38680,1,1,1add2744b16a587d14c3920e093a54a6a76d20c0a2d044aff0776ba551c2d67f,2024-07-20T08:15:06.840000
CVE-2024-38681,1,1,3e20c763e7368809baf7ead27f517708b1681c7c885224422880a03b411185e2,2024-07-20T08:15:07.180000
CVE-2024-38682,1,1,3fa297b14f714743095865990e3f7f3ad92162b583f21a105a333d9e68883198,2024-07-20T08:15:07.477000
CVE-2024-38683,1,1,1c4fa236f23339a7de6a94bed8cd9e6bdbc579d21e19a26548cbcfac8a9aa2a7,2024-07-20T08:15:07.800000
CVE-2024-38684,1,1,6346e7119c62a3770924e30552d9fb10d4bed34637ef3faaf2576fa56df8e906,2024-07-20T08:15:08.060000
CVE-2024-38685,1,1,8567c2f0ea2ce139eec25a133afc6a744a08e4664f67a21140add5c8ef505fb0,2024-07-20T08:15:08.353000
CVE-2024-38686,1,1,1fae0fd555fa9c757b2fd44bc0eb234d33a003ce85c49e96ce05adf2244bf14c,2024-07-20T08:15:08.650000
CVE-2024-38687,1,1,42bdede22aacfccdd53c47d48773cb7bcebebbcc1bf8ccf63d5277328ad4d5f0,2024-07-20T08:15:08.950000
CVE-2024-38689,1,1,6f222ef4d271601d91a6916b2983edbeb686bddec8e3bdfc40545302587f7364,2024-07-20T08:15:09.287000
CVE-2024-3869,0,0,48f9071a6f5d125b2c43fec069da722b087f824997b9c50ca7b95aad4aebfb77,2024-04-16T13:24:07.103000 CVE-2024-3869,0,0,48f9071a6f5d125b2c43fec069da722b087f824997b9c50ca7b95aad4aebfb77,2024-04-16T13:24:07.103000
CVE-2024-38694,1,1,06b8f3beefa0b63daf8012ecdfd194d36ac68482307ea69b62bb529f728d1c15,2024-07-20T08:15:09.637000
CVE-2024-38696,1,1,2421a2056350e158b045fdcfd5ee2cfc52b5364cb8fd12c5672666870c7a5e49,2024-07-20T08:15:10.003000
CVE-2024-38697,1,1,c7df9198c48e1b93404f78a553cbae9908fd9b64d91d615b0e6d2b628f1637b3,2024-07-20T08:15:10.293000
CVE-2024-38698,1,1,ae1f9f0670ebb125b44c9d5b572a52e491d8fc41585493253ce7e6c586730740,2024-07-20T08:15:10.577000
CVE-2024-3870,0,0,0a94fe58f68a2a55a9a615e303c503c3189a8068ab169c2fe45504536e49912a,2024-05-02T18:00:37.360000 CVE-2024-3870,0,0,0a94fe58f68a2a55a9a615e303c503c3189a8068ab169c2fe45504536e49912a,2024-05-02T18:00:37.360000
CVE-2024-38700,0,0,43fd3d54f79d64b4230345287e538238d15593a18aa5b741846028808bc939a5,2024-07-12T16:34:58.687000 CVE-2024-38700,0,0,43fd3d54f79d64b4230345287e538238d15593a18aa5b741846028808bc939a5,2024-07-12T16:34:58.687000
CVE-2024-38703,1,1,cbc31e160215b11d6c81665f2cfc90b19ca0afac478f0e73eeb7b06599db8ab5,2024-07-20T08:15:10.903000
CVE-2024-38704,0,0,363e78266ace452afe93531a2a31abf9a1c39cf725e102eae181c90d0e9f4ccc,2024-07-12T16:34:58.687000 CVE-2024-38704,0,0,363e78266ace452afe93531a2a31abf9a1c39cf725e102eae181c90d0e9f4ccc,2024-07-12T16:34:58.687000
CVE-2024-38705,1,1,e79580e8d482cfad7bb68041cc55807beed51f1c289ee5b22f4c2d6fa835df6c,2024-07-20T08:15:11.243000
CVE-2024-38706,0,0,c2d79b75813e1ae60084f66af8642c0ff2a146a3185a422c25f660bcab3514fe,2024-07-12T16:34:58.687000 CVE-2024-38706,0,0,c2d79b75813e1ae60084f66af8642c0ff2a146a3185a422c25f660bcab3514fe,2024-07-12T16:34:58.687000
CVE-2024-38709,0,0,54b6549207249cf38bb31dd8ffe60f8cf9f50c14dddbffdd004d04e2f71e7e86,2024-07-12T16:34:58.687000 CVE-2024-38709,0,0,54b6549207249cf38bb31dd8ffe60f8cf9f50c14dddbffdd004d04e2f71e7e86,2024-07-12T16:34:58.687000
CVE-2024-3871,0,0,90287ad4f5985e2858c6a2871acc4eb3b54c9c754d7a17300cf2ed0c74400b4f,2024-04-17T11:15:11.403000 CVE-2024-3871,0,0,90287ad4f5985e2858c6a2871acc4eb3b54c9c754d7a17300cf2ed0c74400b4f,2024-04-17T11:15:11.403000
CVE-2024-38710,1,1,4642ab85c2feaff498856ed54cf198eee6c77c6c0f302658d93c49736e14ee43,2024-07-20T08:15:11.600000
CVE-2024-38711,1,1,ede675991fbe77d70256dba4ab24c3764f032a713743fb994ddfcdbca2ae3ff4,2024-07-20T08:15:11.903000
CVE-2024-38712,1,1,7f460892ace3f2e985366d5441d9d2c350241b9fae180a9fe83b8ffea9216ba3,2024-07-20T08:15:12.240000
CVE-2024-38713,1,1,9dfb50b74cf6b3d4874c32a30caf1b13e63b73906421bea5d1cb23f72c79aa35,2024-07-20T08:15:12.550000
CVE-2024-38715,0,0,80664ed88537c5417585a28b4954b4d37833ab25f9b256630e91e16bab794a38,2024-07-12T16:34:58.687000 CVE-2024-38715,0,0,80664ed88537c5417585a28b4954b4d37833ab25f9b256630e91e16bab794a38,2024-07-12T16:34:58.687000
CVE-2024-38716,0,0,093825e0bcad59d1fcfa579b534812e6ad8becfdb497ac45fdd51395eafebb99,2024-07-12T16:34:58.687000 CVE-2024-38716,0,0,093825e0bcad59d1fcfa579b534812e6ad8becfdb497ac45fdd51395eafebb99,2024-07-12T16:34:58.687000
CVE-2024-38717,0,0,b419261359c698e03324dbb8ea2f4395aa22e4dc471400da4a0ea3bf6f64a243,2024-07-12T16:34:58.687000 CVE-2024-38717,0,0,b419261359c698e03324dbb8ea2f4395aa22e4dc471400da4a0ea3bf6f64a243,2024-07-12T16:34:58.687000
CVE-2024-38718,1,1,cede224cbf934c130cdad1b1f1be94652a4672ddce20ec497d62ffc3a102d245,2024-07-20T08:15:12.840000
CVE-2024-3872,0,0,e0746b0ccf3c2bc5c1cf6b271b7bc58e10aa7c45ec1e77f360e4d291ead633b8,2024-04-16T13:24:07.103000 CVE-2024-3872,0,0,e0746b0ccf3c2bc5c1cf6b271b7bc58e10aa7c45ec1e77f360e4d291ead633b8,2024-04-16T13:24:07.103000
CVE-2024-38720,1,1,469f991daf2def7e67c3df3b986ef91a0370134c765c0980f7276c5692bc8f17,2024-07-20T08:15:13.110000
CVE-2024-38722,1,1,066218e40377141819b1ff63ca569a312eddc226aaa8b47bec260e1974969f4c,2024-07-20T08:15:13.393000
CVE-2024-38725,1,1,740f4776228a3736518184f3714f515cf8af37daa00bab08f41ffdb672b5cee1,2024-07-20T08:15:13.660000
CVE-2024-3873,0,0,9f41cb948a87fde9385789dcbf920beb2d5b41b44037ffd26229becab16e904c,2024-05-17T02:40:09.627000 CVE-2024-3873,0,0,9f41cb948a87fde9385789dcbf920beb2d5b41b44037ffd26229becab16e904c,2024-05-17T02:40:09.627000
CVE-2024-38734,0,0,79ff123a195fce7175b23db24326d028fd00478c9d98f76522812875add5613f,2024-07-12T16:34:58.687000 CVE-2024-38734,0,0,79ff123a195fce7175b23db24326d028fd00478c9d98f76522812875add5613f,2024-07-12T16:34:58.687000
CVE-2024-38735,0,0,1f5c90d8bfd4fa649a448ed6b072bb6045e0905af17878a1b833dc9aafe0af6b,2024-07-12T16:34:58.687000 CVE-2024-38735,0,0,1f5c90d8bfd4fa649a448ed6b072bb6045e0905af17878a1b833dc9aafe0af6b,2024-07-12T16:34:58.687000
CVE-2024-38736,0,0,446ad8f9e80e45a41ef5a6fef6da4fe9df9204de144a025f28a19360718776b8,2024-07-12T16:34:58.687000 CVE-2024-38736,0,0,446ad8f9e80e45a41ef5a6fef6da4fe9df9204de144a025f28a19360718776b8,2024-07-12T16:34:58.687000
CVE-2024-38738,1,1,8f4c3fc8ddc8d78107919f066ec1722ddb2259b5920eb97c5c0a9584d83cc24e,2024-07-20T08:15:13.953000
CVE-2024-38739,1,1,79aafea3b22e7b4d5bbd135b122b6ccc1b0972c9867e20048f201ba46ad5eff9,2024-07-20T08:15:14.277000
CVE-2024-3874,0,0,f386620c295e4adf2d0e1bcb131bf4999519006b93485a0a9655b1dc65db42b9,2024-06-04T19:20:25.697000 CVE-2024-3874,0,0,f386620c295e4adf2d0e1bcb131bf4999519006b93485a0a9655b1dc65db42b9,2024-06-04T19:20:25.697000
CVE-2024-38741,1,1,8d1e4d04e240b25faf01e9487a964c7e94d7be31ee17e3e8f631296764a43fdf,2024-07-20T08:15:14.643000
CVE-2024-3875,0,0,089beeefeb959936719f61ddb82cb79408bd763795142eb9b4bb9ae3be3050ea,2024-06-04T19:20:25.807000 CVE-2024-3875,0,0,089beeefeb959936719f61ddb82cb79408bd763795142eb9b4bb9ae3be3050ea,2024-06-04T19:20:25.807000
CVE-2024-38750,1,1,fc96849edc62ec29953a57b5998a806a4476d665c46017dbe2c4667a97e26202,2024-07-20T08:15:14.983000
CVE-2024-38757,1,1,c3c6e803000a5bfbd42bff24fe35a1eb391a68eb9ed30a90480eba02bae7dcca,2024-07-20T08:15:15.283000
CVE-2024-38758,1,1,7e7178bbfc79ba93da99a1864605c03d7146fe64b2705537cf017a1842c04325,2024-07-20T08:15:15.590000
CVE-2024-3876,0,0,fa4ed7cd6030846f7b483928213b8739ce66b301252f810372f8be541fb30194,2024-06-17T19:15:58.763000 CVE-2024-3876,0,0,fa4ed7cd6030846f7b483928213b8739ce66b301252f810372f8be541fb30194,2024-06-17T19:15:58.763000
CVE-2024-38767,1,1,5ad0da711e375b5faa75cfeef9e50fe3656523a9e63748dcd031d21a52f712fd,2024-07-20T08:15:15.883000
CVE-2024-3877,0,0,4a72fb3a60020d6583c10cb3aed384330279f0439794d97578698eb4f04c72aa,2024-06-04T19:20:25.903000 CVE-2024-3877,0,0,4a72fb3a60020d6583c10cb3aed384330279f0439794d97578698eb4f04c72aa,2024-06-04T19:20:25.903000
CVE-2024-3878,0,0,5053df083f23b6f337fe4f8fdf53fe0df42d421dbd3425cfd92b488e4629a9db,2024-05-17T02:40:10.087000 CVE-2024-3878,0,0,5053df083f23b6f337fe4f8fdf53fe0df42d421dbd3425cfd92b488e4629a9db,2024-05-17T02:40:10.087000
CVE-2024-38780,0,0,ae16337cc2f7b6345cfbc91dc7be992225f0e3cd48711d005c1594aad3b12d58,2024-07-15T07:15:14.603000 CVE-2024-38780,0,0,ae16337cc2f7b6345cfbc91dc7be992225f0e3cd48711d005c1594aad3b12d58,2024-07-15T07:15:14.603000
@ -257394,10 +257459,11 @@ CVE-2024-6471,0,0,f732e100289c893532526b33b46541a39ba52ce518f7e90d2f97ec4bb67cf8
CVE-2024-6484,0,0,bc633abd6bfb9da06585afdfb273066dfbc508847026385eb612d46f7c70ed29,2024-07-11T18:09:58.777000 CVE-2024-6484,0,0,bc633abd6bfb9da06585afdfb273066dfbc508847026385eb612d46f7c70ed29,2024-07-11T18:09:58.777000
CVE-2024-6485,0,0,b143d2f5de1cad2c57f83d18fe64abfe0ba2da69210341aec4863f07cdd850cb,2024-07-11T18:09:58.777000 CVE-2024-6485,0,0,b143d2f5de1cad2c57f83d18fe64abfe0ba2da69210341aec4863f07cdd850cb,2024-07-11T18:09:58.777000
CVE-2024-6488,0,0,0c5ecb49d7296b409f5d61bd70a5d017ad6f69068345855a00f0bd7c78566faa,2024-07-04T21:15:10.403000 CVE-2024-6488,0,0,0c5ecb49d7296b409f5d61bd70a5d017ad6f69068345855a00f0bd7c78566faa,2024-07-04T21:15:10.403000
CVE-2024-6489,1,1,77837ba400c3690c0bd50e14fc77c874a4c9eb96e5f8e8743896d9be72ad8366,2024-07-20T07:15:01.963000 CVE-2024-6489,0,0,77837ba400c3690c0bd50e14fc77c874a4c9eb96e5f8e8743896d9be72ad8366,2024-07-20T07:15:01.963000
CVE-2024-6491,1,1,2d4efed2380d6e5a21aafbc277c8c56df6c7c10e7a84627d2aaf270c5470b669,2024-07-20T07:15:02.410000 CVE-2024-6491,0,0,2d4efed2380d6e5a21aafbc277c8c56df6c7c10e7a84627d2aaf270c5470b669,2024-07-20T07:15:02.410000
CVE-2024-6492,0,0,82f79625038ad5debf137137104e45e1e353947b9c4b14df742baece7a047a71,2024-07-17T13:34:20.520000 CVE-2024-6492,0,0,82f79625038ad5debf137137104e45e1e353947b9c4b14df742baece7a047a71,2024-07-17T13:34:20.520000
CVE-2024-6495,0,0,0b63a825f2423d6e7ce9297b9249f183116fa1df04bb2bd344ba05222b36e9dd,2024-07-12T16:34:58.687000 CVE-2024-6495,0,0,0b63a825f2423d6e7ce9297b9249f183116fa1df04bb2bd344ba05222b36e9dd,2024-07-12T16:34:58.687000
CVE-2024-6497,1,1,0a96a42e76e415edae93e1f489f04cc4c0b6b908e459e0f27c05f2f218d35692,2024-07-20T09:15:10.530000
CVE-2024-6501,0,0,45d58d6fcd90c3b83531e796541078a549af17f7a81eb1fbfe7d6944aa2bc8ac,2024-07-11T13:06:13.187000 CVE-2024-6501,0,0,45d58d6fcd90c3b83531e796541078a549af17f7a81eb1fbfe7d6944aa2bc8ac,2024-07-11T13:06:13.187000
CVE-2024-6504,0,0,12de06671a90020695ccfbcc739c1361cd1e9c3d2708a0b7d7abfdcce12f19fc,2024-07-18T12:28:43.707000 CVE-2024-6504,0,0,12de06671a90020695ccfbcc739c1361cd1e9c3d2708a0b7d7abfdcce12f19fc,2024-07-18T12:28:43.707000
CVE-2024-6505,0,0,b8708084cd092b6ca88acb18ad5e80f748f8e2829ec040b8958bfe3c1fee2cd6,2024-07-08T15:41:17.883000 CVE-2024-6505,0,0,b8708084cd092b6ca88acb18ad5e80f748f8e2829ec040b8958bfe3c1fee2cd6,2024-07-08T15:41:17.883000
@ -257453,6 +257519,9 @@ CVE-2024-6621,0,0,f5708b7519a1133fabc97c0209f19d7082b3f86d30fa6c319ccc36d4753af4
CVE-2024-6624,0,0,d641d0598d5f0d62f69b2f0bb30153f1263b9aa17a64dd7567b42517a1bc6027,2024-07-12T16:51:31.487000 CVE-2024-6624,0,0,d641d0598d5f0d62f69b2f0bb30153f1263b9aa17a64dd7567b42517a1bc6027,2024-07-12T16:51:31.487000
CVE-2024-6625,0,0,b913737eefce9f28c47dc537f0edd398b1eeb297cd2eb30c69b59c3401317130,2024-07-12T12:49:07.030000 CVE-2024-6625,0,0,b913737eefce9f28c47dc537f0edd398b1eeb297cd2eb30c69b59c3401317130,2024-07-12T12:49:07.030000
CVE-2024-6630,0,0,7742b604143993a9d769b9ab9c3e5aab85337a51e6772bb186961af80d29fee2,2024-07-10T18:15:05.407000 CVE-2024-6630,0,0,7742b604143993a9d769b9ab9c3e5aab85337a51e6772bb186961af80d29fee2,2024-07-10T18:15:05.407000
CVE-2024-6635,1,1,a79180184950632c5e30b7fbd08d3c6de7979236d69a7557cf2dce565cef7253,2024-07-20T08:15:16.177000
CVE-2024-6636,1,1,6c5c1289decd7ec99bfcf337def1efe1bfde6a5b4fed03c191a289434ea5b3ff,2024-07-20T08:15:16.510000
CVE-2024-6637,1,1,88fd4028c11061cee2e8c6675200aa734c873a0d48e8ed2681671f5ab354ef3a,2024-07-20T08:15:16.840000
CVE-2024-6642,0,0,8d96c1180af1047f7b667e53dd25106a95583c9fef6033b783f527ef0b9e4e6b,2024-07-10T13:15:11.140000 CVE-2024-6642,0,0,8d96c1180af1047f7b667e53dd25106a95583c9fef6033b783f527ef0b9e4e6b,2024-07-10T13:15:11.140000
CVE-2024-6643,0,0,c4eab211147138bb5613809a885f81bacb4eb0fc3c1e7955b1f331b632c0ef4a,2024-07-11T10:15:02.650000 CVE-2024-6643,0,0,c4eab211147138bb5613809a885f81bacb4eb0fc3c1e7955b1f331b632c0ef4a,2024-07-11T10:15:02.650000
CVE-2024-6644,0,0,0f2d20ba591a113ddb0330b932f8a246adf881e1931b22ed31564a539ff168f9,2024-07-11T13:05:54.930000 CVE-2024-6644,0,0,0f2d20ba591a113ddb0330b932f8a246adf881e1931b22ed31564a539ff168f9,2024-07-11T13:05:54.930000

Can't render this file because it is too large.