From 8d98b6419f259576a330561bcc64d73d700c9f02 Mon Sep 17 00:00:00 2001 From: "advisory-database[bot]" <45398580+advisory-database[bot]@users.noreply.github.com> Date: Sat, 16 Nov 2024 06:32:14 +0000 Subject: [PATCH] Publish Advisories GHSA-594g-qx5x-32v8 GHSA-5f6w-q9hm-9whp GHSA-5qfq-f4mc-vp2x GHSA-7r2m-9pq4-w3pv GHSA-8qcp-625c-54ww GHSA-92r6-576v-g4gg GHSA-9mr9-9jpx-v54p GHSA-f3hj-px43-qpfm GHSA-fx7j-93q4-w74p GHSA-grc4-v3q8-vpc8 GHSA-h4cx-vh6c-6cmq GHSA-h7j2-r3qv-9q3v GHSA-h8ff-xm6f-g53p GHSA-jcwr-f32q-qc8g GHSA-qhq6-88r3-4vr4 GHSA-rw7j-3chm-m69x GHSA-rxw3-qw9q-pjf9 GHSA-v554-ffg4-x8gc GHSA-vg26-g32m-3x67 GHSA-wj6r-j2cr-pgm5 GHSA-wph3-vq9m-q946 GHSA-wq39-wh7h-h4qx GHSA-wq9h-h745-r69v GHSA-xhgw-hf2q-c493 --- .../GHSA-594g-qx5x-32v8.json | 42 +++++++++++++++ .../GHSA-5f6w-q9hm-9whp.json | 46 ++++++++++++++++ .../GHSA-5qfq-f4mc-vp2x.json | 46 ++++++++++++++++ .../GHSA-7r2m-9pq4-w3pv.json | 46 ++++++++++++++++ .../GHSA-8qcp-625c-54ww.json | 50 +++++++++++++++++ .../GHSA-92r6-576v-g4gg.json | 42 +++++++++++++++ .../GHSA-9mr9-9jpx-v54p.json | 42 +++++++++++++++ .../GHSA-f3hj-px43-qpfm.json | 42 +++++++++++++++ .../GHSA-fx7j-93q4-w74p.json | 42 +++++++++++++++ .../GHSA-grc4-v3q8-vpc8.json | 42 +++++++++++++++ .../GHSA-h4cx-vh6c-6cmq.json | 46 ++++++++++++++++ .../GHSA-h7j2-r3qv-9q3v.json | 54 +++++++++++++++++++ .../GHSA-h8ff-xm6f-g53p.json | 42 +++++++++++++++ .../GHSA-jcwr-f32q-qc8g.json | 42 +++++++++++++++ .../GHSA-qhq6-88r3-4vr4.json | 42 +++++++++++++++ .../GHSA-rw7j-3chm-m69x.json | 42 +++++++++++++++ .../GHSA-rxw3-qw9q-pjf9.json | 42 +++++++++++++++ .../GHSA-v554-ffg4-x8gc.json | 42 +++++++++++++++ .../GHSA-vg26-g32m-3x67.json | 42 +++++++++++++++ .../GHSA-wj6r-j2cr-pgm5.json | 42 +++++++++++++++ .../GHSA-wph3-vq9m-q946.json | 50 +++++++++++++++++ .../GHSA-wq39-wh7h-h4qx.json | 42 +++++++++++++++ .../GHSA-wq9h-h745-r69v.json | 42 +++++++++++++++ .../GHSA-xhgw-hf2q-c493.json | 42 +++++++++++++++ 24 files changed, 1052 insertions(+) create mode 100644 advisories/unreviewed/2024/11/GHSA-594g-qx5x-32v8/GHSA-594g-qx5x-32v8.json create mode 100644 advisories/unreviewed/2024/11/GHSA-5f6w-q9hm-9whp/GHSA-5f6w-q9hm-9whp.json create mode 100644 advisories/unreviewed/2024/11/GHSA-5qfq-f4mc-vp2x/GHSA-5qfq-f4mc-vp2x.json create mode 100644 advisories/unreviewed/2024/11/GHSA-7r2m-9pq4-w3pv/GHSA-7r2m-9pq4-w3pv.json create mode 100644 advisories/unreviewed/2024/11/GHSA-8qcp-625c-54ww/GHSA-8qcp-625c-54ww.json create mode 100644 advisories/unreviewed/2024/11/GHSA-92r6-576v-g4gg/GHSA-92r6-576v-g4gg.json create mode 100644 advisories/unreviewed/2024/11/GHSA-9mr9-9jpx-v54p/GHSA-9mr9-9jpx-v54p.json create mode 100644 advisories/unreviewed/2024/11/GHSA-f3hj-px43-qpfm/GHSA-f3hj-px43-qpfm.json create mode 100644 advisories/unreviewed/2024/11/GHSA-fx7j-93q4-w74p/GHSA-fx7j-93q4-w74p.json create mode 100644 advisories/unreviewed/2024/11/GHSA-grc4-v3q8-vpc8/GHSA-grc4-v3q8-vpc8.json create mode 100644 advisories/unreviewed/2024/11/GHSA-h4cx-vh6c-6cmq/GHSA-h4cx-vh6c-6cmq.json create mode 100644 advisories/unreviewed/2024/11/GHSA-h7j2-r3qv-9q3v/GHSA-h7j2-r3qv-9q3v.json create mode 100644 advisories/unreviewed/2024/11/GHSA-h8ff-xm6f-g53p/GHSA-h8ff-xm6f-g53p.json create mode 100644 advisories/unreviewed/2024/11/GHSA-jcwr-f32q-qc8g/GHSA-jcwr-f32q-qc8g.json create mode 100644 advisories/unreviewed/2024/11/GHSA-qhq6-88r3-4vr4/GHSA-qhq6-88r3-4vr4.json create mode 100644 advisories/unreviewed/2024/11/GHSA-rw7j-3chm-m69x/GHSA-rw7j-3chm-m69x.json create mode 100644 advisories/unreviewed/2024/11/GHSA-rxw3-qw9q-pjf9/GHSA-rxw3-qw9q-pjf9.json create mode 100644 advisories/unreviewed/2024/11/GHSA-v554-ffg4-x8gc/GHSA-v554-ffg4-x8gc.json create mode 100644 advisories/unreviewed/2024/11/GHSA-vg26-g32m-3x67/GHSA-vg26-g32m-3x67.json create mode 100644 advisories/unreviewed/2024/11/GHSA-wj6r-j2cr-pgm5/GHSA-wj6r-j2cr-pgm5.json create mode 100644 advisories/unreviewed/2024/11/GHSA-wph3-vq9m-q946/GHSA-wph3-vq9m-q946.json create mode 100644 advisories/unreviewed/2024/11/GHSA-wq39-wh7h-h4qx/GHSA-wq39-wh7h-h4qx.json create mode 100644 advisories/unreviewed/2024/11/GHSA-wq9h-h745-r69v/GHSA-wq9h-h745-r69v.json create mode 100644 advisories/unreviewed/2024/11/GHSA-xhgw-hf2q-c493/GHSA-xhgw-hf2q-c493.json diff --git a/advisories/unreviewed/2024/11/GHSA-594g-qx5x-32v8/GHSA-594g-qx5x-32v8.json b/advisories/unreviewed/2024/11/GHSA-594g-qx5x-32v8/GHSA-594g-qx5x-32v8.json new file mode 100644 index 0000000000000..301ef1ce054a0 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-594g-qx5x-32v8/GHSA-594g-qx5x-32v8.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-594g-qx5x-32v8", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-6628" + ], + "details": "The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9. This is due to missing or incorrect nonce validation when deleting form submissions. This makes it possible for unauthenticated attackers to delete form submissions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6628" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/all-contact-form-integration-for-elementor/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c21f5461-9c1e-48ec-b15f-6a9be1e27b43?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-352" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:06Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-5f6w-q9hm-9whp/GHSA-5f6w-q9hm-9whp.json b/advisories/unreviewed/2024/11/GHSA-5f6w-q9hm-9whp/GHSA-5f6w-q9hm-9whp.json new file mode 100644 index 0000000000000..97b081f2a133b --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-5f6w-q9hm-9whp/GHSA-5f6w-q9hm-9whp.json @@ -0,0 +1,46 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-5f6w-q9hm-9whp", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9839" + ], + "details": "The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9839" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/uix-slideshow/trunk/includes/shortcodes.php#L26" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/uix-slideshow/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f189f606-ec30-4f5d-81c9-d526ba7141f0?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-94" + ], + "severity": "HIGH", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:07Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-5qfq-f4mc-vp2x/GHSA-5qfq-f4mc-vp2x.json b/advisories/unreviewed/2024/11/GHSA-5qfq-f4mc-vp2x/GHSA-5qfq-f4mc-vp2x.json new file mode 100644 index 0000000000000..5605710716fcb --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-5qfq-f4mc-vp2x/GHSA-5qfq-f4mc-vp2x.json @@ -0,0 +1,46 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-5qfq-f4mc-vp2x", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10262" + ], + "details": "The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10262" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/drop-shadow-boxes/trunk/dropshadowboxes.php#L150" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/drop-shadow-boxes/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fa0a296a-a93f-4c0e-9911-b4f9bdd53fad?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-94" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:04Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-7r2m-9pq4-w3pv/GHSA-7r2m-9pq4-w3pv.json b/advisories/unreviewed/2024/11/GHSA-7r2m-9pq4-w3pv/GHSA-7r2m-9pq4-w3pv.json new file mode 100644 index 0000000000000..06454d0826cc7 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-7r2m-9pq4-w3pv/GHSA-7r2m-9pq4-w3pv.json @@ -0,0 +1,46 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-7r2m-9pq4-w3pv", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9386" + ], + "details": "The Exclusive Divi – Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9386" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/exclusive-divi/trunk/public/script-handler.php#L62" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/exclusive-divi/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7bf68565-ea30-4caf-8323-b0b88561e89f?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:07Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-8qcp-625c-54ww/GHSA-8qcp-625c-54ww.json b/advisories/unreviewed/2024/11/GHSA-8qcp-625c-54ww/GHSA-8qcp-625c-54ww.json new file mode 100644 index 0000000000000..d41dc01df2999 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-8qcp-625c-54ww/GHSA-8qcp-625c-54ww.json @@ -0,0 +1,50 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-8qcp-625c-54ww", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10533" + ], + "details": "The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the filebird plugin.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10533" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/wp-whatsapp/tags/3.6.7/includes/Cross.php#L206" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/wp-whatsapp/trunk/includes/Cross.php#L206" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/changeset/3186930/wp-whatsapp/trunk/includes/Cross.php" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/26f73bfe-f41a-4045-9d72-21181a9a704f?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-862" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:04Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-92r6-576v-g4gg/GHSA-92r6-576v-g4gg.json b/advisories/unreviewed/2024/11/GHSA-92r6-576v-g4gg/GHSA-92r6-576v-g4gg.json new file mode 100644 index 0000000000000..e5138d3a72f83 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-92r6-576v-g4gg/GHSA-92r6-576v-g4gg.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-92r6-576v-g4gg", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10884" + ], + "details": "The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10884" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/simpleform-contact-form-submissions/tags/2.1.0/admin/includes/class-simpleform-entries-list.php#L102" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/07f25481-51c1-4d02-85c6-561bee587587?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:05Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-9mr9-9jpx-v54p/GHSA-9mr9-9jpx-v54p.json b/advisories/unreviewed/2024/11/GHSA-9mr9-9jpx-v54p/GHSA-9mr9-9jpx-v54p.json new file mode 100644 index 0000000000000..2de5e5455f26b --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-9mr9-9jpx-v54p/GHSA-9mr9-9jpx-v54p.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-9mr9-9jpx-v54p", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9615" + ], + "details": "The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 0.3.5. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9615" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/bulkpress/trunk/lib/classes/AdminMenuPage/class.Abstract.php#L221" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bbce4588-fbd2-4b75-8f67-51c7d02892be?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:07Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-f3hj-px43-qpfm/GHSA-f3hj-px43-qpfm.json b/advisories/unreviewed/2024/11/GHSA-f3hj-px43-qpfm/GHSA-f3hj-px43-qpfm.json new file mode 100644 index 0000000000000..394384ae8ae98 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-f3hj-px43-qpfm/GHSA-f3hj-px43-qpfm.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-f3hj-px43-qpfm", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9192" + ], + "details": "The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to privilege escalation due to insufficient validation on user meta that can be updated in the wpvr_rate_request_result() function in all versions up to, and including, 1.20.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta on a WordPress site. This can be leveraged to update their capabilities to that of an administrator.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9192" + }, + { + "type": "WEB", + "url": "https://codecanyon.net/item/wordpress-video-robot-plugin/8619739" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2da019d3-4aca-485a-aa0c-73728dc1e7c1?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-269" + ], + "severity": "HIGH", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:06Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-fx7j-93q4-w74p/GHSA-fx7j-93q4-w74p.json b/advisories/unreviewed/2024/11/GHSA-fx7j-93q4-w74p/GHSA-fx7j-93q4-w74p.json new file mode 100644 index 0000000000000..dc1040b32b4df --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-fx7j-93q4-w74p/GHSA-fx7j-93q4-w74p.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-fx7j-93q4-w74p", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9849" + ], + "details": "The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'r3dfb_save_thumbnail_callback' function in all versions up to, and including, 4.6. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9849" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/real3d-flipbook-lite/tags/4.6/includes/plugin-admin.php#L77" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f99b366-1a94-41ed-813a-bb13893604d0?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-434" + ], + "severity": "HIGH", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:07Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-grc4-v3q8-vpc8/GHSA-grc4-v3q8-vpc8.json b/advisories/unreviewed/2024/11/GHSA-grc4-v3q8-vpc8/GHSA-grc4-v3q8-vpc8.json new file mode 100644 index 0000000000000..3a44cc916b7d8 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-grc4-v3q8-vpc8/GHSA-grc4-v3q8-vpc8.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-grc4-v3q8-vpc8", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10017" + ], + "details": "The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10017" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/pjw-mime-config" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2731e8ed-27db-4d2b-b76f-8fdccfb2226a?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:04Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-h4cx-vh6c-6cmq/GHSA-h4cx-vh6c-6cmq.json b/advisories/unreviewed/2024/11/GHSA-h4cx-vh6c-6cmq/GHSA-h4cx-vh6c-6cmq.json new file mode 100644 index 0000000000000..8da95b483e82c --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-h4cx-vh6c-6cmq/GHSA-h4cx-vh6c-6cmq.json @@ -0,0 +1,46 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-h4cx-vh6c-6cmq", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-11118" + ], + "details": "The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the updatePluginSettings() function. This makes it possible for unauthenticated attackers to make changes to plugin settings and clear up all the error logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11118" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/404-error-monitor/trunk/index.php#L274" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/404-error-monitor/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ba7a54d-3497-4788-aa73-081d2c1015fc?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-352" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:06Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-h7j2-r3qv-9q3v/GHSA-h7j2-r3qv-9q3v.json b/advisories/unreviewed/2024/11/GHSA-h7j2-r3qv-9q3v/GHSA-h7j2-r3qv-9q3v.json new file mode 100644 index 0000000000000..8bc19c74164f3 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-h7j2-r3qv-9q3v/GHSA-h7j2-r3qv-9q3v.json @@ -0,0 +1,54 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-h7j2-r3qv-9q3v", + "modified": "2024-11-16T06:30:42Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-10728" + ], + "details": "The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10728" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Importer.php#L94" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Initialization.php#L330" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/changeset/3188636/ultimate-post/trunk/classes/Importer.php" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/ultimate-post" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/076f36fb-c2fb-43e0-a027-1351d3995489?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-862" + ], + "severity": "HIGH", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T05:15:12Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-h8ff-xm6f-g53p/GHSA-h8ff-xm6f-g53p.json b/advisories/unreviewed/2024/11/GHSA-h8ff-xm6f-g53p/GHSA-h8ff-xm6f-g53p.json new file mode 100644 index 0000000000000..96f3eab45461b --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-h8ff-xm6f-g53p/GHSA-h8ff-xm6f-g53p.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-h8ff-xm6f-g53p", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10875" + ], + "details": "The Gallery Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_Query_Arg without appropriate escaping on the URL in all versions up to, and including, 1.6.58. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10875" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/fancy-gallery/trunk/options-page/options-page.php#L25" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/63ff56cf-0b64-491f-8629-8b7738adee10?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:05Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-jcwr-f32q-qc8g/GHSA-jcwr-f32q-qc8g.json b/advisories/unreviewed/2024/11/GHSA-jcwr-f32q-qc8g/GHSA-jcwr-f32q-qc8g.json new file mode 100644 index 0000000000000..c80513cc60827 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-jcwr-f32q-qc8g/GHSA-jcwr-f32q-qc8g.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-jcwr-f32q-qc8g", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10147" + ], + "details": "The Steel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10147" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/steel/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b1ed1ef4-8867-499b-8f73-296280573462?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:04Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-qhq6-88r3-4vr4/GHSA-qhq6-88r3-4vr4.json b/advisories/unreviewed/2024/11/GHSA-qhq6-88r3-4vr4/GHSA-qhq6-88r3-4vr4.json new file mode 100644 index 0000000000000..b4f8bd2a5d855 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-qhq6-88r3-4vr4/GHSA-qhq6-88r3-4vr4.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-qhq6-88r3-4vr4", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-8873" + ], + "details": "The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.6.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8873" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/pepro-bacs-receipt-upload-for-woocommerce/trunk/wc-upload-reciept.php#L163" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e09c2916-6e2c-4db3-901a-b5715d635824?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:06Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-rw7j-3chm-m69x/GHSA-rw7j-3chm-m69x.json b/advisories/unreviewed/2024/11/GHSA-rw7j-3chm-m69x/GHSA-rw7j-3chm-m69x.json new file mode 100644 index 0000000000000..e477048bcb73e --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-rw7j-3chm-m69x/GHSA-rw7j-3chm-m69x.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-rw7j-3chm-m69x", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9850" + ], + "details": "The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9850" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/case-study/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7fe128e-02b7-4838-8575-db09d33d2340?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:07Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-rxw3-qw9q-pjf9/GHSA-rxw3-qw9q-pjf9.json b/advisories/unreviewed/2024/11/GHSA-rxw3-qw9q-pjf9/GHSA-rxw3-qw9q-pjf9.json new file mode 100644 index 0000000000000..8b13ae230d5ca --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-rxw3-qw9q-pjf9/GHSA-rxw3-qw9q-pjf9.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-rxw3-qw9q-pjf9", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9938" + ], + "details": "The Bounce Handler MailPoet 3 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9938" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/bounce-handler-mailpoet/trunk/includes/class-mailpoet-bounce-log.php#L193" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2c6fefe-f6f3-44ce-906c-abad717840d5?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:08Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-v554-ffg4-x8gc/GHSA-v554-ffg4-x8gc.json b/advisories/unreviewed/2024/11/GHSA-v554-ffg4-x8gc/GHSA-v554-ffg4-x8gc.json new file mode 100644 index 0000000000000..6ba1df294b76a --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-v554-ffg4-x8gc/GHSA-v554-ffg4-x8gc.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-v554-ffg4-x8gc", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-11092" + ], + "details": "The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11092" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/svgplus/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77e43062-1a3d-4db1-aeac-4d7505d18730?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:05Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-vg26-g32m-3x67/GHSA-vg26-g32m-3x67.json b/advisories/unreviewed/2024/11/GHSA-vg26-g32m-3x67/GHSA-vg26-g32m-3x67.json new file mode 100644 index 0000000000000..ef6cc24f74a2d --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-vg26-g32m-3x67/GHSA-vg26-g32m-3x67.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-vg26-g32m-3x67", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10015" + ], + "details": "The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'type' parameters in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10015" + }, + { + "type": "WEB", + "url": "https://wordpress.org/plugins/convertcalculator/#developers" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1f55b51-cc93-4f45-9666-03740e147277?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:03Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-wj6r-j2cr-pgm5/GHSA-wj6r-j2cr-pgm5.json b/advisories/unreviewed/2024/11/GHSA-wj6r-j2cr-pgm5/GHSA-wj6r-j2cr-pgm5.json new file mode 100644 index 0000000000000..6297a3437534b --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-wj6r-j2cr-pgm5/GHSA-wj6r-j2cr-pgm5.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-wj6r-j2cr-pgm5", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-10883" + ], + "details": "The SimpleForm – Contact form made simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10883" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/simpleform/tags/2.2.0/admin/includes/class-simpleform-forms-list.php#L84" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/045f2be3-9a24-4f8b-8a09-8adeb751b218?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-79" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:05Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-wph3-vq9m-q946/GHSA-wph3-vq9m-q946.json b/advisories/unreviewed/2024/11/GHSA-wph3-vq9m-q946/GHSA-wph3-vq9m-q946.json new file mode 100644 index 0000000000000..02b90877f5594 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-wph3-vq9m-q946/GHSA-wph3-vq9m-q946.json @@ -0,0 +1,50 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-wph3-vq9m-q946", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-8856" + ], + "details": "The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8856" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/wp-time-capsule/trunk/wp-tcapsule-bridge/upload/php/UploadHandler.php" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/changeset/3188325" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153289%40wp-time-capsule&new=3153289%40wp-time-capsule&sfp_email=&sfph_mail=" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fdc2de78-5601-461f-b2f0-c80b592ccb1b?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-434" + ], + "severity": "CRITICAL", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T05:15:13Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-wq39-wh7h-h4qx/GHSA-wq39-wh7h-h4qx.json b/advisories/unreviewed/2024/11/GHSA-wq39-wh7h-h4qx/GHSA-wq39-wh7h-h4qx.json new file mode 100644 index 0000000000000..42f7f8e932a22 --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-wq39-wh7h-h4qx/GHSA-wq39-wh7h-h4qx.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-wq39-wh7h-h4qx", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-9935" + ], + "details": "The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9935" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/pdf-generator-addon-for-elementor-page-builder/trunk/public/class-pdf-generator-addon-for-elementor-page-builder-public.php#L133" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/36daf2af-1db3-4b35-8849-480212660b2f?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-22" + ], + "severity": "HIGH", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:08Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-wq9h-h745-r69v/GHSA-wq9h-h745-r69v.json b/advisories/unreviewed/2024/11/GHSA-wq9h-h745-r69v/GHSA-wq9h-h745-r69v.json new file mode 100644 index 0000000000000..6bfe2e2342d2f --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-wq9h-h745-r69v/GHSA-wq9h-h745-r69v.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-wq9h-h745-r69v", + "modified": "2024-11-16T06:30:40Z", + "published": "2024-11-16T06:30:40Z", + "aliases": [ + "CVE-2024-11085" + ], + "details": "The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on several AJAX actions in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access logs, update plugin-related user settings and general plugin settings.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11085" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/browser/wp-log-viewer/trunk/libs/Ajax.php" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e27bd526-1a5f-4628-8bb2-1741496f897f?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-862" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T04:15:05Z" + } +} \ No newline at end of file diff --git a/advisories/unreviewed/2024/11/GHSA-xhgw-hf2q-c493/GHSA-xhgw-hf2q-c493.json b/advisories/unreviewed/2024/11/GHSA-xhgw-hf2q-c493/GHSA-xhgw-hf2q-c493.json new file mode 100644 index 0000000000000..7bbafd99f937a --- /dev/null +++ b/advisories/unreviewed/2024/11/GHSA-xhgw-hf2q-c493/GHSA-xhgw-hf2q-c493.json @@ -0,0 +1,42 @@ +{ + "schema_version": "1.4.0", + "id": "GHSA-xhgw-hf2q-c493", + "modified": "2024-11-16T06:30:41Z", + "published": "2024-11-16T06:30:41Z", + "aliases": [ + "CVE-2024-10614" + ], + "details": "The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to cancel and import or check on the status.", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" + } + ], + "affected": [ + + ], + "references": [ + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10614" + }, + { + "type": "WEB", + "url": "https://plugins.trac.wordpress.org/changeset/3188169/customer-reviews-woocommerce/trunk/includes/import-export/class-cr-reviews-importer.php" + }, + { + "type": "WEB", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e27224aa-56c4-49ab-b9b3-b431b38e126e?source=cve" + } + ], + "database_specific": { + "cwe_ids": [ + "CWE-862" + ], + "severity": "MODERATE", + "github_reviewed": false, + "github_reviewed_at": null, + "nvd_published_at": "2024-11-16T06:15:07Z" + } +} \ No newline at end of file