admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-02-12T09:00:25.445564+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-02-12 09:00:29 +00:00
parent 3139d93852
commit ec5d358094
11 changed files with 564 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-475xx/CVE-2023-47526.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-47526",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:07.650",
"lastModified": "2024-02-12T07:15:07.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chart Builder Team Chartify \u2013 WordPress Chart Plugin allows Stored XSS.This issue affects Chartify \u2013 WordPress Chart Plugin: from n/a through 2.0.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chart-builder/wordpress-chartify-plugin-2-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-508xx/CVE-2023-50875.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-50875",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:08.920",
"lastModified": "2024-02-12T07:15:08.920",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic Sensei LMS \u2013 Online Courses, Quizzes, & Learning allows Stored XSS.This issue affects Sensei LMS \u2013 Online Courses, Quizzes, & Learning: from n/a through 4.17.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sensei-lms/wordpress-sensei-lms-plugin-4-17-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-513xx/CVE-2023-51370.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51370",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:09.637",
"lastModified": "2024-02-12T07:15:09.637",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affects WP Chat App: from n/a through 3.4.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-whatsapp/wordpress-wp-chat-app-plugin-3-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-514xx/CVE-2023-51403.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51403",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:10.247",
"lastModified": "2024-02-12T07:15:10.247",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nicdark Restaurant Reservations allows Stored XSS.This issue affects Restaurant Reservations: from n/a through 1.8.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/nd-restaurant-reservations/wordpress-restaurant-reservations-plugin-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-235xx/CVE-2024-23513.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-23513",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T08:15:40.457",
"lastModified": "2024-02-12T08:15:40.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.5.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/propertyhive/wordpress-propertyhive-plugin-2-0-5-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-247xx/CVE-2024-24796.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24796",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T08:15:40.810",
"lastModified": "2024-02-12T08:15:40.810",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce \u2013 WpEvently \u2013 WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce \u2013 WpEvently \u2013 WordPress Plugin: from n/a through 4.1.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mage-eventpress/wordpress-wpevently-plugin-4-1-1-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-247xx/CVE-2024-24797.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24797",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T08:15:41.090",
"lastModified": "2024-02-12T08:15:41.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in G5Theme ERE Recently Viewed \u2013 Essential Real Estate Add-On.This issue affects ERE Recently Viewed \u2013 Essential Real Estate Add-On: from n/a through 1.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ere-recently-viewed/wordpress-ere-recently-viewed-plugin-1-3-unauthenticated-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-248xx/CVE-2024-24889.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24889",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:10.947",
"lastModified": "2024-02-12T07:15:10.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Geek Code Lab All 404 Pages Redirect to Homepage allows Stored XSS.This issue affects All 404 Pages Redirect to Homepage: from n/a through 1.9.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/all-404-pages-redirect-to-homepage/wordpress-all-404-pages-redirect-to-homepage-plugin-1-9-unauthenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-249xx/CVE-2024-24926.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-24926",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T08:15:41.390",
"lastModified": "2024-02-12T08:15:41.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/brooklyn/wordpress-brooklyn-theme-4-9-7-6-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2024/CVE-2024-251xx/CVE-2024-25100.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-25100",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-02-12T07:15:11.577",
"lastModified": "2024-02-12T07:15:11.577",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

25
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-02-12T07:00:24.116696+00:00 2024-02-12T09:00:25.445564+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-02-12T06:15:09.120000+00:00 2024-02-12T08:15:41.390000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,20 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
238136 238146
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `7` Recently added CVEs: `10`
* [CVE-2024-25744](CVE-2024/CVE-2024-257xx/CVE-2024-25744.json) (`2024-02-12T05:15:07.710`) * [CVE-2023-47526](CVE-2023/CVE-2023-475xx/CVE-2023-47526.json) (`2024-02-12T07:15:07.650`)
* [CVE-2024-24927](CVE-2024/CVE-2024-249xx/CVE-2024-24927.json) (`2024-02-12T06:15:08.030`) * [CVE-2023-50875](CVE-2023/CVE-2023-508xx/CVE-2023-50875.json) (`2024-02-12T07:15:08.920`)
* [CVE-2024-24928](CVE-2024/CVE-2024-249xx/CVE-2024-24928.json) (`2024-02-12T06:15:08.313`) * [CVE-2023-51370](CVE-2023/CVE-2023-513xx/CVE-2023-51370.json) (`2024-02-12T07:15:09.637`)
* [CVE-2024-24930](CVE-2024/CVE-2024-249xx/CVE-2024-24930.json) (`2024-02-12T06:15:08.520`) * [CVE-2023-51403](CVE-2023/CVE-2023-514xx/CVE-2023-51403.json) (`2024-02-12T07:15:10.247`)
* [CVE-2024-24931](CVE-2024/CVE-2024-249xx/CVE-2024-24931.json) (`2024-02-12T06:15:08.717`) * [CVE-2024-24889](CVE-2024/CVE-2024-248xx/CVE-2024-24889.json) (`2024-02-12T07:15:10.947`)
* [CVE-2024-24932](CVE-2024/CVE-2024-249xx/CVE-2024-24932.json) (`2024-02-12T06:15:08.917`) * [CVE-2024-25100](CVE-2024/CVE-2024-251xx/CVE-2024-25100.json) (`2024-02-12T07:15:11.577`)
* [CVE-2024-24933](CVE-2024/CVE-2024-249xx/CVE-2024-24933.json) (`2024-02-12T06:15:09.120`) * [CVE-2024-23513](CVE-2024/CVE-2024-235xx/CVE-2024-23513.json) (`2024-02-12T08:15:40.457`)
* [CVE-2024-24796](CVE-2024/CVE-2024-247xx/CVE-2024-24796.json) (`2024-02-12T08:15:40.810`)
* [CVE-2024-24797](CVE-2024/CVE-2024-247xx/CVE-2024-24797.json) (`2024-02-12T08:15:41.090`)
* [CVE-2024-24926](CVE-2024/CVE-2024-249xx/CVE-2024-24926.json) (`2024-02-12T08:15:41.390`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit