Skip to content

Commit

Permalink
Auto-Update: 2024-10-05T18:00:17.500610+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
@cad-safe-bot
cad-safe-bot committed Oct 5, 2024
1 parent ab0be81 commit fe81af6
Show file tree
Hide file tree
Showing 12 changed files with 696 additions and 60 deletions.
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-473xx/CVE-2024-47369.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-47369",
"sourceIdentifier": "[email protected]",
"published": "2024-10-05T16:15:02.627",
"lastModified": "2024-10-05T16:15:02.627",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPWeb Social Auto Poster allows Reflected XSS.This issue affects Social Auto Poster: from n/a through 5.3.15."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/social-auto-poster/wordpress-social-auto-poster-plugin-5-3-15-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-473xx/CVE-2024-47370.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-47370",
"sourceIdentifier": "[email protected]",
"published": "2024-10-05T16:15:02.873",
"lastModified": "2024-10-05T16:15:02.873",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.21."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/author-avatars/wordpress-author-avatars-list-block-plugin-2-1-21-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-473xx/CVE-2024-47371.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-47371",
"sourceIdentifier": "[email protected]",
"published": "2024-10-05T16:15:03.103",
"lastModified": "2024-10-05T16:15:03.103",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Walter Pinem WP MyLinks allows Stored XSS.This issue affects WP MyLinks: from n/a through 1.0.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-mylinks/wordpress-wp-mylinks-plugin-1-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-473xx/CVE-2024-47372.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-47372",
"sourceIdentifier": "[email protected]",
"published": "2024-10-05T16:15:03.307",
"lastModified": "2024-10-05T16:15:03.307",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/a through 3.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pdf-viewer-by-themencode/wordpress-tnc-pdf-viewer-plugin-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-473xx/CVE-2024-47373.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-47373",
"sourceIdentifier": "[email protected]",
"published": "2024-10-05T16:15:03.530",
"lastModified": "2024-10-05T16:15:03.530",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 6.5.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-5-0-2-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-473xx/CVE-2024-47374.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-47374",
"sourceIdentifier": "[email protected]",
"published": "2024-10-05T16:15:03.760",
"lastModified": "2024-10-05T16:15:03.760",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 6.5.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-5-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
Loading

0 comments on commit fe81af6

Please sign in to comment.