Auto-Update: 2024-05-04T06:00:29.778697+00:00

CVE-2024/CVE-2024-32xx/CVE-2024-3237.json

@@ -0,0 +1,47 @@
+{
+  "id": "CVE-2024-3237",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-05-04T04:15:08.690",
+  "lastModified": "2024-05-04T04:15:08.690",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The ConvertPlug plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the cp_dismiss_notice() function in all versions up to, and including, 3.5.25. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary option values to true."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.convertplug.com/plus/product/convertplug/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0cd72420-dca1-455d-92a6-a178b4b26eab?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-32xx/CVE-2024-3240.json

@@ -0,0 +1,47 @@
+{
+  "id": "CVE-2024-3240",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2024-05-04T04:15:08.970",
+  "lastModified": "2024-05-04T04:15:08.970",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.25 via deserialization of untrusted input from the 'settings_encoded' attribute of the 'smile_info_bar' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://www.convertplug.com/plus/product/convertplug/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fca3259b-bf0e-4b4a-815f-1eb399b8b674?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-344xx/CVE-2024-34460.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-34460",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-05-04T05:15:06.497",
+  "lastModified": "2024-05-04T05:15:06.497",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. (This component was removed in 9.5.60602.)"
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zenar.io/zenario-9/blog/zenario-9560602-patch-released",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2024/CVE-2024-344xx/CVE-2024-34461.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-34461",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-05-04T05:15:06.600",
+  "lastModified": "2024-05-04T05:15:06.600",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site-wide HEAD and BODY elements, enabling code execution by a designer or an administrator."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://zenar.io/zenario-9/blog/zenario-9560437-patch-released",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-05-04T04:00:38.180713+00:00
+2024-05-04T06:00:29.778697+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-05-04T03:15:07.237000+00:00
+2024-05-04T05:15:06.600000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,26 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-248587
+248591
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `1`
+Recently added CVEs: `4`
 
-- [CVE-2024-3868](CVE-2024/CVE-2024-38xx/CVE-2024-3868.json) (`2024-05-04T03:15:07.237`)
+- [CVE-2024-3237](CVE-2024/CVE-2024-32xx/CVE-2024-3237.json) (`2024-05-04T04:15:08.690`)
+- [CVE-2024-3240](CVE-2024/CVE-2024-32xx/CVE-2024-3240.json) (`2024-05-04T04:15:08.970`)
+- [CVE-2024-34460](CVE-2024/CVE-2024-344xx/CVE-2024-34460.json) (`2024-05-04T05:15:06.497`)
+- [CVE-2024-34461](CVE-2024/CVE-2024-344xx/CVE-2024-34461.json) (`2024-05-04T05:15:06.600`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `6`
+Recently modified CVEs: `0`
 
-- [CVE-2023-28755](CVE-2023/CVE-2023-287xx/CVE-2023-28755.json) (`2024-05-04T03:15:06.737`)
-- [CVE-2023-36617](CVE-2023/CVE-2023-366xx/CVE-2023-36617.json) (`2024-05-04T03:15:06.833`)
-- [CVE-2023-38709](CVE-2023/CVE-2023-387xx/CVE-2023-38709.json) (`2024-05-04T03:15:06.910`)
-- [CVE-2024-24795](CVE-2024/CVE-2024-247xx/CVE-2024-24795.json) (`2024-05-04T03:15:07.187`)
-- [CVE-2024-4331](CVE-2024/CVE-2024-43xx/CVE-2024-4331.json) (`2024-05-04T02:15:06.800`)
-- [CVE-2024-4368](CVE-2024/CVE-2024-43xx/CVE-2024-4368.json) (`2024-05-04T02:15:06.853`)
 
 
 ## Download and Usage

_state.csv

@@ -220752,7 +220752,7 @@ CVE-2023-28750,0,0,ed326f2ad61a7959dbe0e79d5b688d301a88e74eda669f8f55e650d8fcbb3
 CVE-2023-28751,0,0,875586a278352ed727ce843a7da27b61873000951ef83f5f743dc2981c31763f,2023-06-28T07:25:21.983000
 CVE-2023-28753,0,0,4987916688ac4dd4780b885785575adf02d1f5083774c3ee48d633ef1d8c576e,2023-11-07T04:10:50.717000
 CVE-2023-28754,0,0,61cb09ddb8ef7148240cad4fc0576b1a8e551f09cd7e638213f5be8168875eee,2023-07-28T19:01:07.280000
-CVE-2023-28755,0,1,8cc85c79b4b39f4ac738809893626f8feb13c218da2361e270b25c7d3564722b,2024-05-04T03:15:06.737000
+CVE-2023-28755,0,0,8cc85c79b4b39f4ac738809893626f8feb13c218da2361e270b25c7d3564722b,2024-05-04T03:15:06.737000
 CVE-2023-28756,0,0,5ca32124a847b1ace75dc25861392efa4d45d2420bf72926bbf5d496f260e72e,2024-01-24T05:15:13.297000
 CVE-2023-28758,0,0,f879f65be137e4ff2a06c59a7ec4e9f5ec2d2dc2ab30ebda90841251e63055e2,2023-03-27T16:03:16.257000
 CVE-2023-28759,0,0,28660a99752dbe6a8b5cfeb1e7b416d08b266f704a9b7c8ee52c3c539b2c74d6,2023-04-29T01:15:08.770000
@@ -226398,7 +226398,7 @@ CVE-2023-3661,0,0,9f60e79aeb4bdf9593a6ba1046d89b2607225c81c33ba8cfd2ea6525a80f25
 CVE-2023-36610,0,0,d5f287b6c02800b0d04ce8ddadaa1c52f72f85e922ec3a8c1d3db9240799ca40,2023-11-07T04:16:38.887000
 CVE-2023-36611,0,0,99990f2326e6ef50524083b5190ec3361c77550b3a60e026cc1e8158d16a4fb2,2023-07-07T21:40:07.380000
 CVE-2023-36612,0,0,cf64e6bc94091a63e20169d3f5244e38e66381cbe043e753b8a8383426d19e2c,2023-06-30T21:22:47.610000
-CVE-2023-36617,0,1,39f080178a0b8be16e282163b87fd91ec8ca572acf2d544e53eeeb17113b3e80,2024-05-04T03:15:06.833000
+CVE-2023-36617,0,0,39f080178a0b8be16e282163b87fd91ec8ca572acf2d544e53eeeb17113b3e80,2024-05-04T03:15:06.833000
 CVE-2023-36618,0,0,da1dc2ce35ab4efe549909cff0ab6a8ee5ee14e33bff162204fa2f72b03bcf97,2023-10-06T22:32:14.727000
 CVE-2023-36619,0,0,84c83fbca61db3baf8d56e7b559f9617a1ec9445bc2e49b5289493455f57a088,2023-10-06T22:32:37.880000
 CVE-2023-3662,0,0,83cd6e83516ee700214e752b61806dab0293ec9efb42c9e0aefccd2f1dd3a33c,2023-08-08T15:44:56.483000
@@ -228070,7 +228070,7 @@ CVE-2023-38704,0,0,71ad417d2d62aca56ced15b4b3782cb7ef14a1a963bb598f7ad603e82b901
 CVE-2023-38706,0,0,d617f4ba91b248078cb18ecbeaa51cab201c52ad3c8f2f18f77c483b475b121f,2023-09-20T19:59:40.533000
 CVE-2023-38707,0,0,1555d65b227585a9a17048663d159df62df160dae7a887969466cf59d80e31d9,2023-11-07T04:17:23.830000
 CVE-2023-38708,0,0,7fedbbf4bbe078eadce738b4508b175a97c5b3d1293a62ffb0695e275be0d573,2023-08-09T16:15:56.907000
-CVE-2023-38709,0,1,e2063f01ab64931e1d0e26a37668a376c7f68d851e9a8a2e88ac3218ac4bf7ac,2024-05-04T03:15:06.910000
+CVE-2023-38709,0,0,e2063f01ab64931e1d0e26a37668a376c7f68d851e9a8a2e88ac3218ac4bf7ac,2024-05-04T03:15:06.910000
 CVE-2023-3871,0,0,4f02d47fc97cf193950c9b3085aed576ce92d732d96aa3c855b0f1036be9bbf3,2024-04-11T01:21:27.630000
 CVE-2023-38710,0,0,c92dcd4884e376d2c6467d62a4785461b746cf66b09b5c314c8a7501bae93f64,2023-12-11T19:34:38.997000
 CVE-2023-38711,0,0,165f0388158a27a13a90130c6df8b1216fb4e778781b739e91f43d98820cbc39,2023-12-12T13:52:11.970000
@@ -243347,7 +243347,7 @@ CVE-2024-24786,0,0,2ab5258c4f4b859b5725766bbf2d516fb49e89ad73d54ff6c419a75b61510
 CVE-2024-2479,0,0,ef6fc869eff2eabe3309c6dccca20829eeed25fc7d431e575295c7ea2346fb4c,2024-04-11T01:25:24.413000
 CVE-2024-24793,0,0,c02d48f5d574325816298b4b1d2848ca92f5dc7aa67a2fd30978e3885630bc1b,2024-02-20T19:50:53.960000
 CVE-2024-24794,0,0,0d491c54da3b197a1321ac69102f9de79d058e3462ee7572209ea583555d837a,2024-02-20T19:50:53.960000
-CVE-2024-24795,0,1,1c528a1d5677405f95e443ef77785a8eed8eb4708edcbd54697e77c3c9c18f60,2024-05-04T03:15:07.187000
+CVE-2024-24795,0,0,1c528a1d5677405f95e443ef77785a8eed8eb4708edcbd54697e77c3c9c18f60,2024-05-04T03:15:07.187000
 CVE-2024-24796,0,0,a14eda4226a58c2c4e1be311d88c2631825b3dc125c63aa2226f772d7e85a358,2024-02-12T14:19:54.330000
 CVE-2024-24797,0,0,c19a8ac8bc5c78a5206d6c6bb45c357c3a8b7076e1d1a067b2d060905019e0d6,2024-02-12T14:19:54.330000
 CVE-2024-24798,0,0,27adaa65a015e65d65b2afdd5c0a25214a188429d30f4388b6afc3dde21fa6d1,2024-02-22T19:07:27.197000
@@ -247483,10 +247483,12 @@ CVE-2024-3235,0,0,87b194ac57d76e3164f790cf262b7f15e5577bfab72d12fd067ebb5070eb75
 CVE-2024-32358,0,0,4361acd373c6387e4e9f8c587956d55ed79588179fa5465dd154715a342d96e5,2024-04-25T17:24:59.967000
 CVE-2024-32359,0,0,403b699a663b5e4769b06b0d18b27b2d1fbe863256efbe1946cb823a1f907308,2024-05-02T18:00:37.360000
 CVE-2024-32368,0,0,e5f9ac1f5e4b7deacae1b8adfb72b39f31c0e06e3a2c110e19b743f4b05d773c,2024-04-22T19:24:12.920000
+CVE-2024-3237,1,1,2ae890d4a2b6b9b9cb87768df331798519234a6fa0e59c936b314949a7c5ccb2,2024-05-04T04:15:08.690000
 CVE-2024-32391,0,0,b9d2ada2509e9e002fcf7fc50c30e5fa24f6bd077b7f0fab83dbe519d76755ce,2024-04-22T13:28:50.310000
 CVE-2024-32392,0,0,e9dc77721f231608117a79f151c9f1e6be5cd7530989658bd3dd67ce41889ce5,2024-04-22T13:28:50.310000
 CVE-2024-32394,0,0,5f3cc70e4b86c8028147d2489cef40fa6c9285878a28bdb0855878990e97443a,2024-04-23T12:52:26.253000
 CVE-2024-32399,0,0,881ee2dd975bc6f828957c741f38d2e9a20065eb3fba67ea84e4e0b7e3e06627,2024-04-23T12:52:30.940000
+CVE-2024-3240,1,1,6c645e642a61c38bcb792ba5b970f32e0b1d60f01bde86dc6fa7e5e52ad91c44,2024-05-04T04:15:08.970000
 CVE-2024-32404,0,0,dd51daa738e86af5cb3559b49847af8b161e8c694a948fb4fd3bf01830c7a4e1,2024-04-26T12:58:17.720000
 CVE-2024-32405,0,0,3ef8baadce3828c002829cc143866c02c5413778e0871cfcfbcacdfae3d8303e,2024-04-27T05:15:48.447000
 CVE-2024-32406,0,0,02ca7a177d496abc3e50a6810f02b9048e8ddb45b883c530d6fb401e9dec18da,2024-04-26T12:58:17.720000
@@ -248167,6 +248169,8 @@ CVE-2024-3445,0,0,c9628f9221624aa27cf7f5ca164e4ed34c93be648ba2ac6a84e0908c02d87f
 CVE-2024-34453,0,0,0e8f149f031d5217568b6c07c56f71b3a1f4f221694525d2a7b6d78ac8d129f1,2024-05-03T18:15:10.160000
 CVE-2024-34455,0,0,1d2aa3de083f43cd70ae96f0d7b0627d4e6a4c2b20f0d2da6ad87efb50de0248,2024-05-03T19:15:07.950000
 CVE-2024-3446,0,0,d41b6ff09ba21a5a975268b5a0441447c6b2bcfd6bedfe0914b9c96867cd290f,2024-04-18T08:15:38.340000
+CVE-2024-34460,1,1,f55c45997cadc3bb62864286d65492b162b99f8e24b8566151735b6e6a70cd2a,2024-05-04T05:15:06.497000
+CVE-2024-34461,1,1,a0ee1d1552fd6ae841473d1f66c127474e4be19544b272b8a13d4a1183e5c33b,2024-05-04T05:15:06.600000
 CVE-2024-3448,0,0,38511310080ef6cbfb33c1721e41ad41c6df0877e6ffcdbf14f478fa1ea7a673,2024-04-10T19:49:51.183000
 CVE-2024-3455,0,0,18e948f1ff2182718852b2ba697f0fa9a8598811bb1c2e87509c3bd543b90a57,2024-04-11T01:26:03.233000
 CVE-2024-3456,0,0,944b33373fddc7621692e3fce6708723c7abc962139d88da65ad0c4ce610f104,2024-04-11T01:26:03.310000
@@ -248390,7 +248394,7 @@ CVE-2024-3863,0,0,2bcd7aff2d943e7ab42e23b79c60d375ad9e243a307a827bee502e9df17951
 CVE-2024-3864,0,0,19d7836c62228b8f626d6423c9bc9a43211c93bf4b17c3a151f2e9e764cbca42,2024-04-24T10:15:07.597000
 CVE-2024-3865,0,0,8b230c3d643bf4def0090616d3b729148802c45f8b0915e5522b00babc710a03,2024-04-17T12:48:31.863000
 CVE-2024-3867,0,0,1b62d18c2024e05920e3c0687ff0e24e4f942ae67e75e66374d57866a8214187,2024-04-16T17:15:11.113000
-CVE-2024-3868,1,1,0b62ca714f38dad79c7a8f5cd1d5e4625eb30c3ea91d329daf36368814332ffc,2024-05-04T03:15:07.237000
+CVE-2024-3868,0,0,0b62ca714f38dad79c7a8f5cd1d5e4625eb30c3ea91d329daf36368814332ffc,2024-05-04T03:15:07.237000
 CVE-2024-3869,0,0,5fe681dc14d2de5e9dd5b2f66bac58fa145bb31944427d754a663b3ce277c72c,2024-04-16T13:24:07.103000
 CVE-2024-3870,0,0,9766120f3ed830bdc775dcee235c4b059658cc24a823145c62a826726e08fa81,2024-05-02T18:00:37.360000
 CVE-2024-3871,0,0,9131680dba8c26c19b55533e86d2d270f65815944bae2f8fbcd8e63884ab3cf1,2024-04-17T11:15:11.403000
@@ -248571,14 +248575,14 @@ CVE-2024-4309,0,0,28469633e172b04b87044a57bcfdef246c95aa977480d7dea7f55167293101
 CVE-2024-4310,0,0,d7fbac27755c7133d1c2e0a6447c2fce3b245992298460e093f57ea997a724f7,2024-04-30T13:11:16.690000
 CVE-2024-4324,0,0,8fb3b1a613f16915f21c9c04ef3cbf59e959be8315c651a3ce5436a38862a685,2024-05-02T18:00:37.360000
 CVE-2024-4327,0,0,3d14955fd25b48e70347bc21b9cf8e4172732a4fac4f624dc37f9e58a61e1bb9,2024-04-30T13:11:16.690000
-CVE-2024-4331,0,1,bfd934b1b2f76cc8bd478cc4e561b67ba50f4f419d76b2999ea5119ff2a84bcd,2024-05-04T02:15:06.800000
+CVE-2024-4331,0,0,bfd934b1b2f76cc8bd478cc4e561b67ba50f4f419d76b2999ea5119ff2a84bcd,2024-05-04T02:15:06.800000
 CVE-2024-4334,0,0,d2c55786eb37c22aeaa962eb29c298610af66b07b247fefb5533e21481037f1e,2024-05-02T18:00:37.360000
 CVE-2024-4336,0,0,3217d54bd306c3320285772343c381eeb916064434adbe6d8dee38e0f49c378f,2024-04-30T13:11:16.690000
 CVE-2024-4337,0,0,8a1cfd2947a23a6e06428062fb85a86a0de43435d27cebf7533e44b2da7feda3,2024-04-30T13:11:16.690000
 CVE-2024-4340,0,0,0fa7c6bfc883a29aea545d51036f6541f96be5c069cd1c4a978687e541eb6f36,2024-04-30T17:52:35.057000
 CVE-2024-4348,0,0,e7b124fabadce54e64f93427ccac854d8236c12068cde76cb264464f6c1464d3,2024-05-01T13:02:20.750000
 CVE-2024-4349,0,0,7787a2614cf25f09e0deb4024609a2d9883c20f9e3d304ea70240ed6b8d0b8ed,2024-05-01T13:02:20.750000
-CVE-2024-4368,0,1,0ee02ebde276d817508f5495294b3429c463a1f4241660388e0c329992e72be6,2024-05-04T02:15:06.853000
+CVE-2024-4368,0,0,0ee02ebde276d817508f5495294b3429c463a1f4241660388e0c329992e72be6,2024-05-04T02:15:06.853000
 CVE-2024-4369,0,0,352391da6a6ef399397c7f9abf94d5a6fda2875f0f06f0b38dacd9a1a940e5cb,2024-05-02T03:15:15.027000
 CVE-2024-4405,0,0,ae0f4db23c6909c7d74c90a9689be79a58cad53d93c458fbc8aa608abe2f0377,2024-05-02T18:00:37.360000
 CVE-2024-4406,0,0,e1c30f2212dcad9d546e3af047be1a2ed8c32271936aca83f8eb5fa48d87e35c,2024-05-02T18:00:37.360000