admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-03-13T17:00:43.603853+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-03-13 17:03:31 +00:00
parent fa3894a5ab
commit f47efd1c90
147 changed files with 6716 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2023/CVE-2023-44xx/CVE-2023-4459.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4459",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-21T19:15:09.373",
"lastModified": "2024-03-12T04:15:07.807",
"lastModified": "2024-03-13T15:15:49.370",
"vulnStatus": "Modified",
"descriptions": [
{
@ -123,6 +123,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1250",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1306",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4459",
"source": "secalert@redhat.com",

51
CVE-2023/CVE-2023-56xx/CVE-2023-5663.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-5663",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:08.110",
"lastModified": "2024-03-13T16:15:08.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The News Announcement Scroll plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/news-announcement-scroll/tags/9.0.0/news-announcement-scroll.php#L261",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2987837/news-announcement-scroll#file2",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b29113d6-7a9a-4e10-a446-147ec146ac93?source=cve",
"source": "security@wordfence.com"
}
]
}

6
CVE-2023/CVE-2023-65xx/CVE-2023-6546.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6546",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-21T20:15:08.260",
"lastModified": "2024-03-12T03:15:06.823",
"lastModified": "2024-03-13T15:15:49.863",
"vulnStatus": "Modified",
"descriptions": [
{
@ -192,6 +192,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1253",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1306",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-6546",
"source": "secalert@redhat.com",

47
CVE-2023/CVE-2023-67xx/CVE-2023-6785.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6785",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:08.407",
"lastModified": "2024-03-13T16:15:08.407",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin (even when privately published)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038209%40download-manager%2Ftrunk&old=3022104%40download-manager%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7b3608ca-8ed6-46ff-8e57-d8b68f91b9f2?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-68xx/CVE-2023-6809.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6809",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:08.640",
"lastModified": "2024-03-13T16:15:08.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Custom fields shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied custom post meta values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wordpress.org/plugins/beepress/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99d3d5aa-dd82-415a-bc40-9d2c677d9248?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2023/CVE-2023-68xx/CVE-2023-6825.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-6825",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:08.850",
"lastModified": "2024-03-13T16:15:08.850",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 (free version) and 8.3.4 (Pro version) via the target parameter in the mk_file_folder_manager_action_callback_shortcode function. This makes it possible for attackers to read the contents of arbitrary files on the server, which can contain sensitive information and to upload files into directories other than the intended directory for file uploads. The free version requires Administrator access for this vulnerability to be exploitable. The Pro version allows a file manager to be embedded via a shortcode and also allows admins to grant file handling privileges to other user levels, which could lead to this vulnerability being exploited by lower-level users."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://github.com/Studio-42/elFinder/blob/master/php/elFinderVolumeDriver.class.php#L6784",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023403%40wp-file-manager%2Ftrunk&old=2984933%40wp-file-manager%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93f377a1-2c33-4dd7-8fd6-190d9148e804?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-68xx/CVE-2023-6880.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6880",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:09.093",
"lastModified": "2024-03-13T16:15:09.093",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 45.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://help.visualcomposer.com/release-notes/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/622b9b46-774d-4251-9a79-73e5b398de57?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2023/CVE-2023-69xx/CVE-2023-6954.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-6954",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:09.300",
"lastModified": "2024-03-13T16:15:09.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Download Manager Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.2.85 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.83/src/Category/Shortcodes.php#L14",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.83/src/Package/Shortcodes.php#L106",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.83/src/Package/views/packages-shortcode-toolbar.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.83/src/Package/views/packages-shortcode.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5cdd64a4-040b-4dc9-a8df-dbecfeb928c8?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-69xx/CVE-2023-6957.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6957",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:09.517",
"lastModified": "2024-03-13T16:15:09.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.9 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The exploitation level depends on who is granted the right to create forms by an administrator. This level can be as low as contributor, but by default is admin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3041316%40fluentform%2Ftrunk&old=3025740%40fluentform%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4050403-6b8c-4023-b170-39f3cb68583e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-69xx/CVE-2023-6969.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-6969",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:09.703",
"lastModified": "2024-03-13T16:15:09.703",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve potentially sensitive user meta."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/user-shortcodes-plus/trunk/includes/Shortcodes/UserMeta.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/76a0a87a-dff0-4a51-bad0-8868c342ecde?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2023/CVE-2023-70xx/CVE-2023-7015.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-7015",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:09.900",
"lastModified": "2024-03-13T16:15:09.900",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The File Manager Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tb' parameter in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://filemanagerpro.io/changelog/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94750424-bb52-4236-962e-aa8cbdeb1459?source=cve",
"source": "security@wordfence.com"
}
]
}

6
CVE-2023/CVE-2023-71xx/CVE-2023-7192.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-7192",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-02T19:15:11.510",
"lastModified": "2024-03-12T03:15:07.273",
"lastModified": "2024-03-13T15:15:50.313",
"vulnStatus": "Modified",
"descriptions": [
{
@ -135,6 +135,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1250",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1306",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-7192",
"source": "secalert@redhat.com",

55
CVE-2024/CVE-2024-01xx/CVE-2024-0161.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0161",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-03-13T16:15:10.143",
"lastModified": "2024-03-13T16:15:10.143",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability",
"source": "security_alert@emc.com"
}
]
}

59
CVE-2024/CVE-2024-03xx/CVE-2024-0326.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-0326",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:10.410",
"lastModified": "2024-03-13T16:15:10.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Link Wrapper functionality in all versions up to, and including, 4.10.17 due to insufficient input sanitization and output escaping on user supplied links. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/includes/class-premium-template-tags.php#L1638",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php#L173",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/trunk/widgets/premium-button.php#L1709",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3022824/premium-addons-for-elementor/trunk/modules/premium-wrapper-link/module.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22ba0eaf-f514-420a-9680-8126f6dcdde9?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2024/CVE-2024-03xx/CVE-2024-0368.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2024-0368",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:10.623",
"lastModified": "2024-03-13T16:15:10.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Hustle \u2013 Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.8.3 via hardcoded API Keys. This makes it possible for unauthenticated attackers to extract sensitive data including PII."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://developers.hubspot.com/docs/api/webhooks#manage-settings-via-api",
"source": "security@wordfence.com"
},
{
"url": "https://developers.hubspot.com/docs/api/webhooks#scopes",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wordpress-popup/trunk/inc/providers/hubspot/hustle-hubspot-api.php#L13",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3047775/wordpress-popup/trunk/inc/providers/hubspot/hustle-hubspot-api.php?old=3025070&old_path=wordpress-popup/tags/7.8.3/inc/providers/hubspot/hustle-hubspot-api.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e6d40b41-540d-476d-afde-970845543933?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-03xx/CVE-2024-0369.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0369",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:10.837",
"lastModified": "2024-03-13T16:15:10.837",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Bulk Edit Post Titles plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkUpdatePostTitles function in all versions up to, and including, 5.0.0. This makes it possible for authenticated attackers, with subscriber access and above, to modify the titles of arbitrary posts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/bulk-edit-post-titles/trunk/classes/class.bulk.titles.php#L130",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cad19306-6eef-4f80-9442-e7b314b3a873?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-03xx/CVE-2024-0377.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0377",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:11.070",
"lastModified": "2024-03-13T16:15:11.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The LifterLMS \u2013 WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_review' function in all versions up to, and including, 7.5.1. This makes it possible for unauthenticated attackers to publish an unrestricted number of reviews on the site."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3036762/lifterlms/tags/7.5.2/includes/class.llms.review.php?old=2903997&old_path=lifterlms/trunk/includes/class.llms.review.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d1f41400-5c59-444d-9c1e-121e83449521?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-03xx/CVE-2024-0385.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0385",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:11.293",
"lastModified": "2024-03-13T16:15:11.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxAddCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to add categories."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3034410/categorify",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c74cf-a109-4f77-a740-5a43ccd4e96a?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-04xx/CVE-2024-0447.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0447",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:11.483",
"lastModified": "2024-03-13T16:15:11.483",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the artibot_update function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to update plugin settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/artibot/trunk/artibot.php#L60",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/848f36de-c62a-45ee-b259-46dab73e4439?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-04xx/CVE-2024-0449.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0449",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:11.707",
"lastModified": "2024-03-13T16:15:11.707",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/artibot/trunk/artibot.php#L52",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/450d0748-93d6-448a-97a2-06fc2f8065b3?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-05xx/CVE-2024-0591.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-0591",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:11.917",
"lastModified": "2024-03-13T16:15:11.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The wpDataTables \u2013 WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'A' parameter in all versions up to, and including, 3.4.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.svn.wordpress.org/wpdatatables/trunk/lib/phpoffice/phpspreadsheet/",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.svn.wordpress.org/wpdatatables/trunk/lib/phpoffice/phpspreadsheet/samples/Basic/45_Quadratic_equation_solver.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3037741%40wpdatatables&new=3037741%40wpdatatables&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a679863-3c22-4d34-9994-1f8ec121ad86?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-05xx/CVE-2024-0592.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0592",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:12.147",
"lastModified": "2024-03-13T16:15:12.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Related Posts for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the handle_create_link() function. This makes it possible for unauthenticated attackers to add related posts to other posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This ultimately makes it possible for attackers to view draft and password protected posts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/related-posts-for-wp/trunk/classes/hooks/class-hook-link-related-screen.php#L70",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3049719/related-posts-for-wp/tags/2.2.2/classes/hooks/class-hook-link-related-screen.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5d21aad7-dbee-4204-afbd-0a5fdeaca50e?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-06xx/CVE-2024-0614.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0614",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:12.357",
"lastModified": "2024-03-13T16:15:12.357",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Events Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.4.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://advisory.abay.sh/cve-2024-0614",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3042128/events-manager/trunk/admin/em-options.php?old=2769385&old_path=events-manager/trunk/admin/em-options.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6288fddf-926f-4506-94de-696e0a23766d?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-06xx/CVE-2024-0631.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0631",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:12.573",
"lastModified": "2024-03-13T16:15:12.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_duitku_response function in all versions up to, and including, 2.11.4. This makes it possible for unauthenticated attackers to change the payment status of orders to failed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/duitku-social-payment-gateway/trunk/woocommerce-gateway-duitku.php#L409",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a33de35f-1c9d-4fc9-9be8-0a1c7d9352ec?source=cve",
"source": "security@wordfence.com"
}
]
}

6
CVE-2024/CVE-2024-06xx/CVE-2024-0646.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-0646",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-17T16:15:47.190",
"lastModified": "2024-03-12T21:15:57.700",
"lastModified": "2024-03-13T15:15:50.503",
"vulnStatus": "Modified",
"descriptions": [
{
@ -189,6 +189,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:1278",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:1306",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0646",
"source": "secalert@redhat.com",

47
CVE-2024/CVE-2024-06xx/CVE-2024-0681.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0681",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:12.767",
"lastModified": "2024-03-13T16:15:12.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Page Restriction WordPress (WP) \u2013 Protect WP Pages/Post plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.3.4. This is due to the plugin not properly restricting access to pages via the REST API when a page has been made private. This makes it possible for unauthenticated attackers to view protected pages. The vendor has decided that they will not implement REST API protection on posts and pages and the restrictions will only apply to the front-end of the site. The vendors solution was to add notices throughout the dashboard and recommends installing the WordPress REST API Authentication plugin for REST API coverage."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3034414%40page-and-post-restriction&new=3034414%40page-and-post-restriction&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a3e33a5c-df7c-4ef5-a59c-1c31abcda6d1?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-06xx/CVE-2024-0683.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0683",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:12.973",
"lastModified": "2024-03-13T16:15:12.973",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in all versions up to, and including, 3.0.14. This makes it possible for unauthenticated and authenticated attackers, with subscriber-level access and above, to generate and delete labels."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3034198%40bulgarisation-for-woocommerce&new=3034198%40bulgarisation-for-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be759c83-a9df-4858-a724-28006a595404?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-06xx/CVE-2024-0687.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0687",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:13.203",
"lastModified": "2024-03-13T16:15:13.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Restrict User Access \u2013 Ultimate Membership & Content Protection plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages via API."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037773%40restrict-user-access%2Ftrunk&old=3010745%40restrict-user-access%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f67684cd-3e0f-48bb-967a-16ea2b027843?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-07xx/CVE-2024-0700.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0700",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:13.403",
"lastModified": "2024-03-13T16:15:13.403",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Simple Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tweet this text value in all versions up to, and including, 1.4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://github.com/wTeBwAA/PoC-SimpleTweet/blob/main/POST-request",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/simple-tweet/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5da021c-3835-4251-a3e5-3b5aaa11ea14?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0827.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0827",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:13.610",
"lastModified": "2024-03-13T16:15:13.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Play.ht \u2013 Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.4. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/play-ht/trunk/includes/class-ajax-handler.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de112e5a-4b92-4389-8c6e-b2bfeb6f6cd4?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0828.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0828",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:13.833",
"lastModified": "2024-03-13T16:15:13.833",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Play.ht \u2013 Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 3.6.4. This makes it possible for authenticated attackers, with subscriber access or higher, to delete, retrieve, or modify post metadata, retrieve posts contents of protected posts, modify conversion data and delete article audio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/play-ht/trunk/includes/class-ajax-handler.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5708a414-7cd8-4926-8871-3248ebf4c39d?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-08xx/CVE-2024-0829.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0829",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:14.067",
"lastModified": "2024-03-13T16:15:14.067",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.0. This is due to missing or incorrect capability checks on several ajax actions. This makes it possible for authenticated attackers, with subscriber access or higher, to invoke those actions. As a result, they may modify comment form fields and update plugin settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-comment-fields/trunk/classes/admin.class.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3040734%40wp-comment-fields%2Ftrunk&old=3039523%40wp-comment-fields%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc5754c2-a052-41ac-af19-7c4f55860f95?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-08xx/CVE-2024-0830.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0830",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:14.307",
"lastModified": "2024-03-13T16:15:14.307",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0. This is due to missing or incorrect nonce validation on several ajax actions. This makes it possible for unauthenticated attackers to invoke those actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. As a result, they may modify comment form fields and update plugin settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-comment-fields/trunk/classes/admin.class.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3040734%40wp-comment-fields%2Ftrunk&old=3039523%40wp-comment-fields%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8ea53b11-37fa-4c45-a158-5a7709b842fc?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0839.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0839",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:14.537",
"lastModified": "2024-03-13T16:15:14.537",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FeedWordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2022.0222 due to missing validation on the user controlled 'guid' key. This makes it possible for unauthenticated attackers to view draft posts that may contain sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://wordpress.org/plugins/feedwordpress/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1ead46fd-5744-4fbb-9efd-980f9216abbc?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0871.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0871",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:14.750",
"lastModified": "2024-03-13T16:15:14.750",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Icon Widget 'fl_builder_data[node_preview][link]' and 'fl_builder_data[settings][link_target]' parameters in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3032810/beaver-builder-lite-version",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/26bfef74-214f-4257-afc7-730e82e80946?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-08xx/CVE-2024-0896.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0896",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:14.943",
"lastModified": "2024-03-13T16:15:14.943",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button link parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/beaver-builder-lite-version/tags/2.7.4.2/modules/button/includes/frontend.php#L13",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3032810%40beaver-builder-lite-version%2Ftrunk&old=3012562%40beaver-builder-lite-version%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96086886-72f4-4a62-8f31-fc20e5240ba4?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0897.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0897",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:15.343",
"lastModified": "2024-03-13T16:15:15.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3032810%40beaver-builder-lite-version%2Ftrunk&old=3012562%40beaver-builder-lite-version%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21d1feae-e70f-439d-8992-f136211fdde0?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-08xx/CVE-2024-0898.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-0898",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:15.593",
"lastModified": "2024-03-13T16:15:15.593",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Chat Bubble \u2013 Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://wordpress.org/plugins/chat-bubble/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a56772fd-f77f-4ba5-b5c4-79ac8204b599?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-09xx/CVE-2024-0976.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-0976",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:15.827",
"lastModified": "2024-03-13T16:15:15.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Event Manager \u2013 Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the plugin parameter in all versions up to, and including, 3.1.41 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-event-manager/trunk/admin/wp-event-manager-shortcode-list.php#L32",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3039683/wp-event-manager/trunk/admin/wp-event-manager-shortcode-list.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d7f4d17-8318-4ab3-b4a2-81d7a017c397?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-10xx/CVE-2024-1038.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1038",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:16.050",
"lastModified": "2024-03-13T16:15:16.050",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via a 'playground.wordpress.net' parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/beaver-builder-lite-version/tags/2.7.4.2/js/fl-builder.js#L1578",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032809/beaver-builder-lite-version/tags/2.7.4.3/js/fl-builder.js?old=3012561&old_path=beaver-builder-lite-version/tags/2.7.4.2/js/fl-builder.js",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e2cc2776-9496-42b5-a242-c572ae5462fb?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2024/CVE-2024-10xx/CVE-2024-1071.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-1071",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:16.293",
"lastModified": "2024-03-13T16:15:16.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Ultimate Member \u2013 User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076#L666",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076#L858",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3038036/ultimate-member/trunk/includes/core/class-member-directory-meta.php",
"source": "security@wordfence.com"
},
{
"url": "https://wordpress.org/plugins/ultimate-member/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/005fa621-3c49-4c23-add5-d6b7a9110055?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-10xx/CVE-2024-1074.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1074",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:16.503",
"lastModified": "2024-03-13T16:15:16.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the audio widget 'link_url' parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/beaver-builder-lite-version/tags/2.7.4.2/modules/audio/includes/frontend.php#L34",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3032809/beaver-builder-lite-version/tags/2.7.4.3/modules/audio/includes/frontend.php?old=3012561&old_path=beaver-builder-lite-version/tags/2.7.4.2/modules/audio/includes/frontend.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a49e4f5a-ac9d-4f9b-8de2-c7871da8de35?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-10xx/CVE-2024-1080.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1080",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:16.717",
"lastModified": "2024-03-13T16:15:16.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the via the heading tag in all versions up to, and including, 2.7.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/beaver-builder-lite-version/tags/2.7.4.2/modules/heading/includes/frontend.php#L1",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d62d3ca5-5795-46ef-ad8c-4474ff1e504e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-10xx/CVE-2024-1083.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1083",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:16.940",
"lastModified": "2024-03-13T16:15:16.940",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3035727%40simple-restrict&new=3035727%40simple-restrict&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/65963ce0-6589-4753-837c-14ef37a1a9e3?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-11xx/CVE-2024-1126.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1126",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:17.267",
"lastModified": "2024-03-13T16:15:17.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_attendees_email_by_event_id() function in all versions up to, and including, 3.4.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to to retrieve the attendees list for any event."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3033882%40eventprime-event-calendar-management&new=3033882%40eventprime-event-calendar-management&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d266b6ee-24ec-4363-a986-5ccd4db5ae3c?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-11xx/CVE-2024-1127.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1127",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:17.507",
"lastModified": "2024-03-13T16:15:17.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the booking_export_all() function in all versions up to, and including, 3.4.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve all event booking which can contain PII."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/eventprime-event-calendar-management/trunk//includes/service/class-ep-ajax.php#L1994",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3033882%40eventprime-event-calendar-management&new=3033882%40eventprime-event-calendar-management&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/39da62be-e630-48cd-b732-80ed3d337638?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-11xx/CVE-2024-1158.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1158",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:17.740",
"lastModified": "2024-03-13T16:15:17.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Post Form \u2013 Registration Form \u2013 Profile Form for User Profiles \u2013 Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buddyforms_new_page function in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber access or higher, to create pages with arbitrary titles. These pages are published."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/admin/admin-ajax.php?rev=2820257#L80",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3046092%40buddyforms%2Ftrunk&old=3031945%40buddyforms%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/198cb3bb-73fe-45ae-b8e0-b7ee8dda9547?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-11xx/CVE-2024-1176.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1176",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:17.933",
"lastModified": "2024-03-13T16:15:17.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The HT Easy GA4 \u2013 Google Analytics WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the login() function in all versions up to, and including, 1.1.5. This makes it possible for unauthenticated attackers to update the email associated through the plugin with GA4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ht-easy-google-analytics/trunk/includes/class.ht-easy-ga4.php#L99",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10e1b3ac-f002-4108-9682-5fe300f07adb?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-12xx/CVE-2024-1203.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1203",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:18.150",
"lastModified": "2024-03-13T16:15:18.150",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Conversios \u2013 Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'valueData' parameter in all versions up to, and including, 6.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/enhanced-e-commerce-for-woocommerce-store/trunk/includes/data/class-tvc-ajax-file.php#L1850",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7eb7d499-28ba-48ef-9798-b7c8cbb7aa3e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-12xx/CVE-2024-1234.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1234",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:18.390",
"lastModified": "2024-03-13T16:15:18.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via data attribute in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3042217/exclusive-addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1b87fe3d-a88d-477a-8d91-4d7c2dba4a43?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-12xx/CVE-2024-1237.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1237",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:18.617",
"lastModified": "2024-03-13T16:15:18.617",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the flyout_layout attribute in all versions up to, and including, 1.6.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.24/inc/widgets-manager/widgets/class-navigation-menu.php#L1951",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3034938%40header-footer-elementor&new=3034938%40header-footer-elementor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/82644c46-205b-4005-bba8-6b3e45769639?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-12xx/CVE-2024-1291.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1291",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:18.807",
"lastModified": "2024-03-13T16:15:18.807",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown URL parameter in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb4b5165-35a6-47e9-922e-b244b0d006e4?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-12xx/CVE-2024-1293.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1293",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:19.043",
"lastModified": "2024-03-13T16:15:19.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the embedded media custom block in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57dac6de-545f-49e5-9f45-d90a48d6b05f?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-12xx/CVE-2024-1296.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1296",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:19.257",
"lastModified": "2024-03-13T16:15:19.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block upload in all versions up to, and including, 2.4.40 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/post.php#L529",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/zip/archiver.php#L196",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3034945%40brizy%2Ftrunk&old=3032616%40brizy%2Ftrunk&sfp_email=&sfph_mail=#file4",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3e1008ad-daa9-4785-9dd5-4cdeb10d7e59?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1311.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1311",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:19.450",
"lastModified": "2024-03-13T16:15:19.450",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the storeImages function in all versions up to, and including, 2.4.40. This makes it possible for authenticated attackers, with contributor access or above, to upload arbitrary files on the affected site's server which may make remote code execution possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/brizy/trunk/editor/zip/archiver.php#L254",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3034945/brizy/tags/2.4.41/editor/zip/archiver.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc023c1b-7ec6-45b6-b50a-f0d823065843?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-13xx/CVE-2024-1321.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1321",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:19.663",
"lastModified": "2024-03-13T16:15:19.663",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The EventPrime \u2013 Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 3.4.2. This is due to the plugin allowing unauthenticated users to update the status of order payments. This makes it possible for unauthenticated attackers to book events for free."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3033882%40eventprime-event-calendar-management&new=3033882%40eventprime-event-calendar-management&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/765d0933-8db2-471c-ad4e-e19d3b4ff015?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1358.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1358",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:19.870",
"lastModified": "2024-03-13T16:15:19.870",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.12.12 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to include the contents of arbitrary PHP files on the server, which may expose sensitive information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/shape-separator/widgets/shape-separator.php#L89",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3037925/addon-elements-for-elementor-page-builder/trunk/modules/shape-separator/widgets/shape-separator.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20cd3fff-0488-4bc2-961b-2427925e6a96?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-13xx/CVE-2024-1363.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1363",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:20.130",
"lastModified": "2024-03-13T16:15:20.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Easy Accordion \u2013 Best Accordion FAQ Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'accordion_content_source' attribute in all versions up to, and including, 2.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3044803%40easy-accordion-free&new=3044803%40easy-accordion-free&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88f2fa28-5bb2-4633-b2bc-27cc6a4e304c?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-13xx/CVE-2024-1365.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1365",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:20.417",
"lastModified": "2024-03-13T16:15:20.417",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the feed_id parameter in all versions up to, and including, 4.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3039876%40yml-for-yandex-market%2Ftrunk&old=3036732%40yml-for-yandex-market%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c343cee6-909d-4c1a-a6e4-f916a2ae223e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-13xx/CVE-2024-1370.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1370",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:20.687",
"lastModified": "2024-03-13T16:15:20.687",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Maintenance Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the subscribe_download function hooked via AJAX action in all versions up to, and including, 1.0.8. This makes it possible for authenticated attackers, with subscriber access or higher, to download a csv containing subscriber emails."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037664%40maintenance-page%2Ftrunk&old=1218033%40maintenance-page%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1fce54b1-e1e6-4742-9eb3-bbfb613ccd70?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-13xx/CVE-2024-1380.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1380",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:20.903",
"lastModified": "2024-03-13T16:15:20.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Relevanssi \u2013 A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relevanssi_export_log_check() function in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper authorization control, however, this vulnerability is theoretically patched as is."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3033880%40relevanssi&new=3033880%40relevanssi&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7b2a3b17-0551-4e02-8e6a-ae8d46da0ef8?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1383.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1383",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.163",
"lastModified": "2024-03-13T16:15:21.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WPvivid Backup for MainWP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 0.9.32 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wpvivid-backup-mainwp/trunk/wpvivid-backup-mainwp.php#L525",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3040939%40wpvivid-backup-mainwp&new=3040939%40wpvivid-backup-mainwp&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2a8430ed-6aeb-46a3-8c42-59646845706e?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1391.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1391",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.387",
"lastModified": "2024-03-13T16:15:21.387",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018eae_custom_overlay_switcher\u2019 attribute of the Thumbnail Slider widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/bg-slider/module.php#L255",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/bg-slider/module.php#L255",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/977bab12-969d-4b15-9942-2b17c8541f61?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1392.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1392",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.590",
"lastModified": "2024-03-13T16:15:21.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'button1_icon' attribute of the Dual Button widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/dual-button/widgets/dual-button.php#L885",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/dual-button/widgets/dual-button.php#L885",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/33d7dc4d-bb41-456a-bd1a-37d8f2aada30?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-13xx/CVE-2024-1393.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1393",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.770",
"lastModified": "2024-03-13T16:15:21.770",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'icon_align' attribute of the Content Switcher widget in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.12.12/modules/content-switcher/skins/skin-3.php#L39",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/tags/1.13/modules/content-switcher/skins/skin-3.php#L39",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb0888d6-30e6-4957-b270-1968eace462e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1409.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1409",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:21.947",
"lastModified": "2024-03-13T16:15:21.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content \u2013 ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [reg-select-role] shortcode in all versions up to, and including, 4.15.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3038677%40wp-user-avatar&new=3038677%40wp-user-avatar&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/53e16bca-7c85-4d56-8233-b3b53f793b39?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1413.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1413",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:22.113",
"lastModified": "2024-03-13T16:15:22.113",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3042217/exclusive-addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f40956e0-6e5c-4965-84f8-2420ad14a299?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1414.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1414",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:22.287",
"lastModified": "2024-03-13T16:15:22.287",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Call To Action widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3042217/exclusive-addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6a12acf0-932e-4dff-9da6-9fbace11dbe1?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-14xx/CVE-2024-1422.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1422",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:22.457",
"lastModified": "2024-03-13T16:15:22.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget's effect setting in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1048",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/modules/modal-popup/widgets/modal-popup.php#L1062",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037925%40addon-elements-for-elementor-page-builder%2Ftrunk&old=3031349%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file26",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ba28184-b5c3-4a5c-a376-29b3c6a2aa20?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-14xx/CVE-2024-1452.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1452",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:22.643",
"lastModified": "2024-03-13T16:15:22.643",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The GenerateBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.2 via Query Loop. This makes it possible for authenticated attackers, with contributor access and above, to see contents of posts and pages in draft or private status as well as those with scheduled publication dates."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/generateblocks/trunk/includes/class-query-loop.php#L140",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/generateblocks/trunk/includes/class-query-loop.php#L70",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3041431%40generateblocks%2Ftrunk&old=2995923%40generateblocks%2Ftrunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/62f19301-2311-4989-a5f2-9f845b72dd54?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1462.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1462",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:22.830",
"lastModified": "2024-03-13T16:15:22.830",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Maintenance Page plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 1.0.8 via the REST API. This makes it possible for unauthenticated attackers to view post titles and content when the site is in maintenance mode."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3037664%40maintenance-page%2Ftrunk&old=1218033%40maintenance-page%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/653bf021-370d-4787-9ded-c5c915aed1d6?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-14xx/CVE-2024-1479.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1479",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:23.013",
"lastModified": "2024-03-13T16:15:23.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WP Show Posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the wpsp_display function. This makes it possible for authenticated attackers with contributor access and above to view the contents of draft, trash, future, private and pending posts and pages."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-show-posts/trunk/wp-show-posts.php#L224",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-show-posts/trunk/wp-show-posts.php#L591",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3041416%40wp-show-posts%2Ftrunk&old=2846296%40wp-show-posts%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6788e2ee-ce61-494b-8d7f-6d1144466e58?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1484.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1484",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:23.203",
"lastModified": "2024-03-13T16:15:23.203",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Booking for Appointments and Events Calendar \u2013 Amelia plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the date parameters in all versions up to, and including, 1.0.98 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3041769%40ameliabooking%2Ftrunk&old=3037721%40ameliabooking%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a849ef2-ad0a-45ea-8827-9a7233b1ca30?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-14xx/CVE-2024-1489.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1489",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:23.377",
"lastModified": "2024-03-13T16:15:23.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The SMS Alert Order Notifications \u2013 WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for unauthenticated attackers to delete pages and posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3039989%40sms-alert%2Ftrunk&old=3032487%40sms-alert%2Ftrunk&sfp_email=&sfph_mail=#file19",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e7a28382-facb-43a7-892a-8ca9e7f0f62b?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-14xx/CVE-2024-1497.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1497",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:23.547",
"lastModified": "2024-03-13T16:15:23.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form widget addr2_width attribute in all versions up to, and including, 2.10.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/tags/2.10.30/vendor/codeinwp/themeisle-content-forms/includes/widgets-admin/elementor/elementor_widget_base.php#L1219",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038451%40themeisle-companion%2Ftrunk&old=3030173%40themeisle-companion%2Ftrunk&sfp_email=&sfph_mail=#file10",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b4603b58-0972-4e04-91ac-ffc846964722?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-14xx/CVE-2024-1499.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1499",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:23.723",
"lastModified": "2024-03-13T16:15:23.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Pricing Table widget in the $settings['title_tags'] parameter in all versions up to, and including, 2.10.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/tags/2.10.30/vendor/codeinwp/elementor-extra-widgets/widgets/elementor/pricing-table.php#L1037",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3038451%40themeisle-companion%2Ftrunk&old=3030173%40themeisle-companion%2Ftrunk&sfp_email=&sfph_mail=#file10",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/df40eb21-2080-4de5-9055-09246a8a275e?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-15xx/CVE-2024-1505.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1505",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:23.893",
"lastModified": "2024-03-13T16:15:23.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Academy LMS \u2013 eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.9.19. This is due to plugin allowing arbitrary user meta updates through the saved_user_info() function. This makes it possible for authenticated attackers, with minimal permissions such as students, to elevate their user role to that of an administrator."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3037880/academy#file473",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b150f90a-ccb7-4c19-a4b3-eaf9ec264ba8?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-15xx/CVE-2024-1535.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1535",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.090",
"lastModified": "2024-03-13T16:15:24.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content \u2013 ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.15.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://github.com/WordpressPluginDirectory/wp-user-avatar/blob/fde360946c86d67610d8f95a82752199ce25b39a/wp-user-avatar/src/ShortcodeParser/Builder/FieldsShortcodeCallback.php#L952",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3047008/wp-user-avatar/trunk/src/ShortcodeParser/Builder/FieldsShortcodeCallback.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38ec1a6b-f5ee-446a-9e6c-3485dafb85ac?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-15xx/CVE-2024-1536.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1536",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.270",
"lastModified": "2024-03-13T16:15:24.270",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's event calendar widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 3.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Event_Calendar.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc9e63-17bb-4755-be3c-ae8b26edd3cd?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-15xx/CVE-2024-1537.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1537",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.440",
"lastModified": "2024-03-13T16:15:24.440",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Data Table widget in all versions up to, and including, 5.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3037755/essential-addons-for-elementor-lite/tags/5.9.10/includes/Elements/Data_Table.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81a48c61-4191-4252-9230-9df8fc5e3443?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-15xx/CVE-2024-1541.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1541",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.600",
"lastModified": "2024-03-13T16:15:24.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmlTag attribute in all versions up to, and including, 3.2.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.2.21/includes/blocks/class-kadence-blocks-advanced-heading-block.php#L418",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3041366%40kadence-blocks%2Ftrunk&old=3036979%40kadence-blocks%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0913632-85c5-4835-b606-4eca51df2496?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-15xx/CVE-2024-1585.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1585",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.780",
"lastModified": "2024-03-13T16:15:24.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.8.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/utils/util.php#L555",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/metform/tags/3.8.3&old=3047398&new_path=/metform/tags/3.8.4&new=3047398&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342d6941-6987-4756-b554-1699128b9108?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-16xx/CVE-2024-1640.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1640",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:24.957",
"lastModified": "2024-03-13T16:15:24.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient user validation on the bitforms_update_form_entry AJAX action in all versions up to, and including, 2.10.1. This makes it possible for unauthenticated attackers to modify form submissions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3048523/bit-form/trunk/includes/Frontend/Ajax/FrontendAjax.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/49ed7d6a-4a65-4efc-90e5-ffa5470d4011?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-16xx/CVE-2024-1642.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1642",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:25.127",
"lastModified": "2024-03-13T16:15:25.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The MainWP Dashboard \u2013 WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.0.1. This is due to missing or incorrect nonce validation on the 'posting_bulk' function. This makes it possible for unauthenticated attackers to delete arbitrary posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/mainwp/tags/4.6.0.1/pages/page-mainwp-post-page-handler.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3042125/mainwp/trunk/pages/page-mainwp-post-page-handler.php?old=3017011&old_path=mainwp/trunk/pages/page-mainwp-post-page-handler.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2c2d9569-a551-46f5-8581-464b9f35b71c?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-16xx/CVE-2024-1668.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1668",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:25.510",
"lastModified": "2024-03-13T16:15:25.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents of all form submissions, including fields that are obfuscated (such as the contact form's \"password\" field)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://gist.github.com/Xib3rR4dAr/91bd37338022b15379f393356d1056a1",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd224169-ae51-4af8-b6de-706ed580ff8d?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-16xx/CVE-2024-1680.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1680",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:25.773",
"lastModified": "2024-03-13T16:15:25.773",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Settings URL of the Banner, Team Members, and Image Scroll widgets in all versions up to, and including, 4.10.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3041548/premium-addons-for-elementor",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e2d0b38-8241-456f-a79b-5d31132b3233?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-16xx/CVE-2024-1684.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1684",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:25.947",
"lastModified": "2024-03-13T16:15:25.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form file field CSS metabox in all versions up to, and including, 2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://store.themeisle.com/?edd_action=view_changelog&name=Otter%20Pro",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/934bf839-152d-4d10-9ac8-c64cf042dc18?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-16xx/CVE-2024-1690.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1690",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:26.127",
"lastModified": "2024-03-13T16:15:26.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The TeraWallet \u2013 Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the terawallet_export_user_search() function in all versions up to, and including, 1.4.10. This makes it possible for authenticated attackers, with subscriber-level access and above, to export a list of registered users and their emails."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3043412/woo-wallet/trunk/includes/class-woo-wallet-ajax.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18e24a2e-cbc6-4285-b846-bea513b6ff69?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-16xx/CVE-2024-1691.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1691",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:26.333",
"lastModified": "2024-03-13T16:15:26.333",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Otter Blocks \u2013 Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file upload form, which allows SVG uploads, in all versions up to, and including, 2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note that the patch in 2.6.4 allows SVG uploads but the uploaded SVG files are sanitized."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://store.themeisle.com/?edd_action=view_changelog&name=Otter%20Pro",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77838bf8-7809-4dd6-87f1-a9bda40275a6?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-17xx/CVE-2024-1723.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1723",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:26.510",
"lastModified": "2024-03-13T16:15:26.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.58.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Affected parameters include: $instance['fonts']['title_options']['tag'], $headline_tag, $sub_headline_tag, $feature['icon']."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/tags/1.58.6/widgets/features/tpl/default.php#L90",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3044174%40so-widgets-bundle%2Ftrunk&old=3040814%40so-widgets-bundle%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e63c566d-744b-42f5-9ba6-9007cc60313a?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-17xx/CVE-2024-1751.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1751",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:26.683",
"lastModified": "2024-03-13T16:15:26.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Tutor LMS \u2013 eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the question_id parameter in all versions up to, and including, 2.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber/student access or higher, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/tutor/tags/2.6.1/classes/Utils.php#L4555",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3049105%40tutor&new=3049105%40tutor&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9cee379-79f8-4a60-b1bb-ccab1e954512?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-17xx/CVE-2024-1763.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1763",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:26.863",
"lastModified": "2024-03-13T16:15:26.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp_social/v1/ REST API endpoint in all versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to enable and disable certain providers for the social share and login features."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3042283%40wp-social&new=3042283%40wp-social&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4f145c85-f3c6-46a7-b8ae-d486dd23087d?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-17xx/CVE-2024-1772.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1772",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:27.040",
"lastModified": "2024-03-13T16:15:27.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Play.ht \u2013 Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.4 via deserialization of untrusted input from the play_podcast_data post meta. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/play-ht/trunk/includes/class-ajax-handler.php#L138",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/83a595b7-379c-4202-abdd-d8ba4a30c6a4?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2024/CVE-2024-17xx/CVE-2024-1793.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-1793",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:27.207",
"lastModified": "2024-03-13T16:15:27.207",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The AWeber \u2013 Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth plugin for WordPress is vulnerable to SQL Injection via the 'post_id' parameter in all versions up to, and including, 7.3.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://glimmer-handball-dae.notion.site/AWeber-Authenticated-SQLi-Admin-6e0d31c4a14c42f4996f9e201482d4cc?pvs=4",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/aweber-web-form-widget/tags/7.3.12/php/aweber_webform_plugin.php#L962",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/aweber-web-form-widget/tags/7.3.12/php/aweber_webform_plugin.php#L970",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/aweber-web-form-widget/tags/7.3.12/php/aweber_webform_plugin.php#L972",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3042751%40aweber-web-form-widget&new=3042751%40aweber-web-form-widget&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3ae3bca-d363-4c4b-809f-0625385bc9a6?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-18xx/CVE-2024-1806.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1806",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:27.380",
"lastModified": "2024-03-13T16:15:27.380",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content \u2013 ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.15.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-user-avatar/tags/4.15.0/src/ShortcodeParser/EditProfileTag.php#L76",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3040292%40wp-user-avatar%2Ftrunk&old=3038677%40wp-user-avatar%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d3b9d0ab-d785-4e93-9ab8-f75673a27334?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-18xx/CVE-2024-1843.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1843",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:27.550",
"lastModified": "2024-03-13T16:15:27.550",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Auto Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aalAddLink function in all versions up to, and including, 6.4.3. This makes it possible for authenticated attackers, with subscriber access or higher, to add arbitrary links to posts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-auto-affiliate-links/trunk/aal_ajax.php#L79",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3044067%40wp-auto-affiliate-links&new=3044067%40wp-auto-affiliate-links&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/09e5aa34-ab28-4349-ac5f-6a0479e641e5?source=cve",
"source": "security@wordfence.com"
}
]
}

47
CVE-2024/CVE-2024-18xx/CVE-2024-1854.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2024-1854",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:27.717",
"lastModified": "2024-03-13T16:15:27.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3041859%40essential-blocks%2Ftrunk&old=3036273%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86364b6f-dec8-48d8-9d2d-de1ee4901872?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-18xx/CVE-2024-1862.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1862",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:27.893",
"lastModified": "2024-03-13T16:15:27.893",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Add to Cart Custom Redirect plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'wcr_dismiss_admin_notice' function in all versions up to, and including, 1.2.13. This makes it possible for authenticated attackers, with contributor access and above, to update the values of arbitrary site options to 'dismissed'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-add-to-cart-custom-redirect/tags/1.2.13/woocommerce-custom-redirect.php#L204",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/woocommerce-add-to-cart-custom-redirect/tags/1.2.13&old=3047408&new_path=/woocommerce-add-to-cart-custom-redirect/tags/1.2.14&new=3047408&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36c6a116-37cc-4ade-b601-5f9d6aaf9217?source=cve",
"source": "security@wordfence.com"
}
]
}

55
CVE-2024/CVE-2024-18xx/CVE-2024-1894.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2024-1894",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:28.067",
"lastModified": "2024-03-13T16:15:28.067",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Burst Statistics \u2013 Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'burst_total_pageviews_count' custom meta field in all versions up to, and including, 1.5.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note that this exploit only functions if the victim has the 'Show Toolbar when viewing site' option enabled in their profile."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/class-frontend.php#L67",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/burst-statistics/trunk/class-frontend.php#L74",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/burst-statistics/tags/1.5.6.1&old=3049793&new_path=/burst-statistics/tags/1.5.7&new=3049793&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fa587df5-9d96-4cac-ae5d-2a0485a3a789?source=cve",
"source": "security@wordfence.com"
}
]
}

51
CVE-2024/CVE-2024-19xx/CVE-2024-1935.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2024-1935",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-13T16:15:28.260",
"lastModified": "2024-03-13T16:15:28.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Giveaways and Contests by RafflePress \u2013 Get More Website Traffic, Email Subscribers, and Social Followers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018parent_url\u2019 parameter in all versions up to, and including, 1.12.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/rafflepress/tags/1.12.5/resources/views/rafflepress-giveaway.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/rafflepress/tags/1.12.5&old=3043286&new_path=/rafflepress/tags/1.12.7&new=3043286&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/29b471ac-3a08-42da-9907-670c3b3bae92?source=cve",
"source": "security@wordfence.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More