Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 28 May 2026 13:38:57 +0000 c59283a9-f347-4845-85e1-d95474caab61 https://vulnerability.circl.lu/sighting/c59283a9-f347-4845-85e1-d95474caab61/export {"uuid": "c59283a9-f347-4845-85e1-d95474caab61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11363", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vexs5yo25", "content": "", "creation_timestamp": "2025-01-07T05:15:38.246309Z"} {"uuid": "c59283a9-f347-4845-85e1-d95474caab61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11363", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vexs5yo25", "content": "", "creation_timestamp": "2025-01-07T05:15:38.246309Z"} https://vulnerability.circl.lu/sighting/c59283a9-f347-4845-85e1-d95474caab61/export Tue, 07 Jan 2025 05:15:38 +0000 02678398-8a44-4d2a-a939-b836b406a326 https://vulnerability.circl.lu/sighting/02678398-8a44-4d2a-a939-b836b406a326/export {"uuid": "02678398-8a44-4d2a-a939-b836b406a326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113785425925136481", "content": "", "creation_timestamp": "2025-01-07T05:30:13.675301Z"} {"uuid": "02678398-8a44-4d2a-a939-b836b406a326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113785425925136481", "content": "", "creation_timestamp": "2025-01-07T05:30:13.675301Z"} https://vulnerability.circl.lu/sighting/02678398-8a44-4d2a-a939-b836b406a326/export Tue, 07 Jan 2025 05:30:13 +0000 412f94fa-0f55-4c48-aa9c-ba12830534b1 https://vulnerability.circl.lu/sighting/412f94fa-0f55-4c48-aa9c-ba12830534b1/export {"uuid": "412f94fa-0f55-4c48-aa9c-ba12830534b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113785440083941138", "content": "", "creation_timestamp": "2025-01-07T05:33:49.163411Z"} {"uuid": "412f94fa-0f55-4c48-aa9c-ba12830534b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113785440083941138", "content": "", "creation_timestamp": "2025-01-07T05:33:49.163411Z"} https://vulnerability.circl.lu/sighting/412f94fa-0f55-4c48-aa9c-ba12830534b1/export Tue, 07 Jan 2025 05:33:49 +0000 36ab6098-277b-49de-bdfc-5c7ce5192e0e https://vulnerability.circl.lu/sighting/36ab6098-277b-49de-bdfc-5c7ce5192e0e/export {"uuid": "36ab6098-277b-49de-bdfc-5c7ce5192e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/344", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11369\n\ud83d\udd39 Description: The Store credit / Gift cards for woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'coupon', 'start_date', and 'end_date' parameters in all versions up to, and including, 1.0.49.46 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-01-07T05:23:53.299Z\n\ud83d\udccf Modified: 2025-01-07T05:23:53.299Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/2e8527c0-a4b0-436d-901a-c07f93c7ec5e?source=cve\n2. https://plugins.trac.wordpress.org/browser/store-credit-for-woocommerce/tags/1.0.49.42/admin/report.php#L95\n3. https://plugins.trac.wordpress.org/browser/store-credit-for-woocommerce/tags/1.0.49.42/admin/report.php#L113\n4. https://plugins.trac.wordpress.org/browser/store-credit-for-woocommerce/tags/1.0.49.42/admin/report.php#L119\n5. https://plugins.trac.wordpress.org/changeset/3213698/store-credit-for-woocommerce/trunk/admin/report.php", "creation_timestamp": "2025-01-07T05:39:03.000000Z"} {"uuid": "36ab6098-277b-49de-bdfc-5c7ce5192e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/344", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11369\n\ud83d\udd39 Description: The Store credit / Gift cards for woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'coupon', 'start_date', and 'end_date' parameters in all versions up to, and including, 1.0.49.46 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-01-07T05:23:53.299Z\n\ud83d\udccf Modified: 2025-01-07T05:23:53.299Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/2e8527c0-a4b0-436d-901a-c07f93c7ec5e?source=cve\n2. https://plugins.trac.wordpress.org/browser/store-credit-for-woocommerce/tags/1.0.49.42/admin/report.php#L95\n3. https://plugins.trac.wordpress.org/browser/store-credit-for-woocommerce/tags/1.0.49.42/admin/report.php#L113\n4. https://plugins.trac.wordpress.org/browser/store-credit-for-woocommerce/tags/1.0.49.42/admin/report.php#L119\n5. https://plugins.trac.wordpress.org/changeset/3213698/store-credit-for-woocommerce/trunk/admin/report.php", "creation_timestamp": "2025-01-07T05:39:03.000000Z"} https://vulnerability.circl.lu/sighting/36ab6098-277b-49de-bdfc-5c7ce5192e0e/export Tue, 07 Jan 2025 05:39:03 +0000 809150e1-2ac0-42f2-bcb7-699e33a4eaa4 https://vulnerability.circl.lu/sighting/809150e1-2ac0-42f2-bcb7-699e33a4eaa4/export {"uuid": "809150e1-2ac0-42f2-bcb7-699e33a4eaa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4yqipmlh25", "content": "", "creation_timestamp": "2025-01-07T06:15:46.345313Z"} {"uuid": "809150e1-2ac0-42f2-bcb7-699e33a4eaa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4yqipmlh25", "content": "", "creation_timestamp": "2025-01-07T06:15:46.345313Z"} https://vulnerability.circl.lu/sighting/809150e1-2ac0-42f2-bcb7-699e33a4eaa4/export Tue, 07 Jan 2025 06:15:46 +0000 558e1baf-483b-41c8-a6f3-9e9e6a726ee0 https://vulnerability.circl.lu/sighting/558e1baf-483b-41c8-a6f3-9e9e6a726ee0/export {"uuid": "558e1baf-483b-41c8-a6f3-9e9e6a726ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4zpndphb2i", "content": "", "creation_timestamp": "2025-01-07T06:33:13.573232Z"} {"uuid": "558e1baf-483b-41c8-a6f3-9e9e6a726ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4zpndphb2i", "content": "", "creation_timestamp": "2025-01-07T06:33:13.573232Z"} https://vulnerability.circl.lu/sighting/558e1baf-483b-41c8-a6f3-9e9e6a726ee0/export Tue, 07 Jan 2025 06:33:13 +0000 b97608a3-f3d1-4258-8740-4e77f72069b9 https://vulnerability.circl.lu/sighting/b97608a3-f3d1-4258-8740-4e77f72069b9/export {"uuid": "b97608a3-f3d1-4258-8740-4e77f72069b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11364\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Another \u201cuninitialized variable\u201d code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.\n\ud83d\udccf Published: 2024-12-19T21:04:52.473Z\n\ud83d\udccf Modified: 2025-03-20T18:03:57.750Z\n\ud83d\udd17 References:\n1. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1713.html", "creation_timestamp": "2025-03-20T18:20:41.000000Z"} {"uuid": "b97608a3-f3d1-4258-8740-4e77f72069b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11364\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Another \u201cuninitialized variable\u201d code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor.\n\ud83d\udccf Published: 2024-12-19T21:04:52.473Z\n\ud83d\udccf Modified: 2025-03-20T18:03:57.750Z\n\ud83d\udd17 References:\n1. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1713.html", "creation_timestamp": "2025-03-20T18:20:41.000000Z"} https://vulnerability.circl.lu/sighting/b97608a3-f3d1-4258-8740-4e77f72069b9/export Thu, 20 Mar 2025 18:20:41 +0000 64b22758-2f69-408f-83c1-412570ed8b70 https://vulnerability.circl.lu/sighting/64b22758-2f69-408f-83c1-412570ed8b70/export {"uuid": "64b22758-2f69-408f-83c1-412570ed8b70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1136", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12889", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1136\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsm_coming_soon_redirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a site with maintenance mode or coming-soon mode enabled to view the site's content.\n\ud83d\udccf Published: 2024-02-28T08:33:13.484Z\n\ud83d\udccf Modified: 2025-04-22T15:58:35.494Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e3c52d6e-b3f4-4ba8-aee4-b9f11704e1de?source=cve\n2. https://plugins.trac.wordpress.org/browser/responsive-coming-soon/trunk/redirect.php#L11", "creation_timestamp": "2025-04-22T16:03:32.000000Z"} {"uuid": "64b22758-2f69-408f-83c1-412570ed8b70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1136", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12889", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1136\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: The Coming Soon Page & Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to an improperly implemented URL check in the wpsm_coming_soon_redirect function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to view a site with maintenance mode or coming-soon mode enabled to view the site's content.\n\ud83d\udccf Published: 2024-02-28T08:33:13.484Z\n\ud83d\udccf Modified: 2025-04-22T15:58:35.494Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e3c52d6e-b3f4-4ba8-aee4-b9f11704e1de?source=cve\n2. https://plugins.trac.wordpress.org/browser/responsive-coming-soon/trunk/redirect.php#L11", "creation_timestamp": "2025-04-22T16:03:32.000000Z"} https://vulnerability.circl.lu/sighting/64b22758-2f69-408f-83c1-412570ed8b70/export Tue, 22 Apr 2025 16:03:32 +0000 9e4d8a88-8b25-4447-bdd0-05efd4c0407e https://vulnerability.circl.lu/sighting/9e4d8a88-8b25-4447-bdd0-05efd4c0407e/export {"uuid": "9e4d8a88-8b25-4447-bdd0-05efd4c0407e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"} {"uuid": "9e4d8a88-8b25-4447-bdd0-05efd4c0407e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"} https://vulnerability.circl.lu/sighting/9e4d8a88-8b25-4447-bdd0-05efd4c0407e/export Mon, 15 Sep 2025 13:28:31 +0000 220c615c-09b4-4e63-91d4-7611429273ae https://vulnerability.circl.lu/sighting/220c615c-09b4-4e63-91d4-7611429273ae/export {"uuid": "220c615c-09b4-4e63-91d4-7611429273ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:01.000000Z"} {"uuid": "220c615c-09b4-4e63-91d4-7611429273ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11364", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:01.000000Z"} https://vulnerability.circl.lu/sighting/220c615c-09b4-4e63-91d4-7611429273ae/export Tue, 16 Sep 2025 03:45:01 +0000