{"vulnerability": "CVE-2024-1053", "sightings": [{"uuid": "20884177-7416-46bd-ad09-4cbfcd31ca04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10535", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113434669672881162", "content": "", "creation_timestamp": "2024-11-06T06:48:17.462857Z"}, {"uuid": "cf652a22-9893-49bf-acef-734134bf6a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10535", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113434682260289982", "content": "", "creation_timestamp": "2024-11-06T06:51:29.347701Z"}, {"uuid": "4bb7b33c-9f6e-4f59-9cd7-4f1d5ca9a39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10538", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113467854433111203", "content": "", "creation_timestamp": "2024-11-12T03:27:36.629681Z"}, {"uuid": "e968d9fb-218e-49e7-bb6e-7ddac8ef58d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10532", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518678370133453", "content": "", "creation_timestamp": "2024-11-21T02:52:48.364401Z"}, {"uuid": "8b375cae-21c4-4b32-b941-24044eee7b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10537", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113530166931046326", "content": "", "creation_timestamp": "2024-11-23T03:34:30.094482Z"}, {"uuid": "a62f72b1-e888-4e24-86fa-33407dd53963", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10536", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4zpn3ksf2r", "content": "", "creation_timestamp": "2025-01-07T06:33:12.405089Z"}, {"uuid": "d323dcd0-b2fe-420b-99a9-68908590ee85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10536", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113785425906406111", "content": "", "creation_timestamp": "2025-01-07T05:30:12.828937Z"}, {"uuid": "d9f52e13-3292-467a-88de-113ab537f340", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10536", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113785440067040917", "content": "", "creation_timestamp": "2025-01-07T05:33:48.909474Z"}, {"uuid": "19eff343-ddb1-4107-9794-68e6a1e82c36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10536", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4yqdstap2i", "content": "", "creation_timestamp": "2025-01-07T06:15:41.038581Z"}, {"uuid": "e8d80dad-bc03-4671-b9fa-b4954fcd7a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10539", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113877930656431275", "content": "", "creation_timestamp": "2025-01-23T13:35:23.253879Z"}, {"uuid": "97bae401-0aca-47e3-ab45-11cfdf7b3b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10539", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgg4npewhk2r", "content": "", "creation_timestamp": "2025-01-23T14:44:57.337385Z"}, {"uuid": "eb535b98-ee52-46c2-ae8c-63c45142ef6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10539", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgg2zy6dx42h", "content": "", "creation_timestamp": "2025-01-23T14:16:01.279995Z"}, {"uuid": "ec7e00c6-7e03-4b9a-b577-c4a30be6acbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1053", "type": "seen", "source": "https://t.me/ctinow/206554", "content": "https://ift.tt/uWlOL4r\nCVE-2024-1053 | Event Tickets and Registration Plugin up to 5.8.1 on WordPress authorization (ID 3038150)", "creation_timestamp": "2024-03-13T11:11:30.000000Z"}, {"uuid": "8a2ed4be-f470-40dd-bc1d-9a4c6f0e4087", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10536", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/330", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10536\n\ud83d\udd39 Description: The FancyPost \u2013 Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle_block_shortcode_export() function in all versions up to, and including, 6.0.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export shortcodes.\n\ud83d\udccf Published: 2025-01-07T05:24:09.055Z\n\ud83d\udccf Modified: 2025-01-07T05:24:09.055Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e573648e-215f-4858-a4d3-a3e85119dbcf?source=cve\n2. https://plugins.trac.wordpress.org/browser/post-block/trunk/custom-fields/options/admin-backup.php#L171", "creation_timestamp": "2025-01-07T05:37:06.000000Z"}, {"uuid": "624204e4-72e0-4446-a10b-2ebe80b28df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10539", "type": "seen", "source": "https://t.me/cvedetector/16185", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10539 - Uyumsoft ERP Uyumsoft Information Systems Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10539 \nPublished : Jan. 23, 2025, 2:15 p.m. | 31\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XSS.This issue affects Uyumsoft ERP: before Erp4.2109.166p45. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-23T15:48:23.000000Z"}, {"uuid": "1622f569-b428-4d6f-bd8a-76f0377410ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10533", "type": "seen", "source": "https://t.me/cvedetector/11224", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10533 - WordPress Chat App Filebird Plugin Unauthorized Installation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10533 \nPublished : Nov. 16, 2024, 4:15 a.m. | 38\u00a0minutes ago \nDescription : The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajax_install_plugin() function in all versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the filebird plugin. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-16T06:02:43.000000Z"}, {"uuid": "795c9ca7-3cb2-41dc-bde1-595dd954cb98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10531", "type": "seen", "source": "https://t.me/cvedetector/10786", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10531 - Kognetiks Chatbot for WordPress Unauthenticated Data Modification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10531 \nPublished : Nov. 13, 2024, 3:15 a.m. | 41\u00a0minutes ago \nDescription : The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_assistant() function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to update GTP assistants. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T04:57:43.000000Z"}, {"uuid": "a5b317ba-2551-43ff-9ba5-fab5daa98a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10530", "type": "seen", "source": "https://t.me/cvedetector/10790", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10530 - Kognetiks Chatbot for WordPress Unauthenticated Data Manipulation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10530 \nPublished : Nov. 13, 2024, 3:15 a.m. | 41\u00a0minutes ago \nDescription : The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the add_new_assistant() function in all versions up to, and including, 2.1.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to create new GTP assistants. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T04:57:49.000000Z"}, {"uuid": "f6d9e021-f74a-428d-badd-6792147d2d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10539", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2733", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10539\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using Invalid Characters, Reflected XSS.This issue affects Uyumsoft ERP: before Erp4.2109.166p45.\n\ud83d\udccf Published: 2025-01-23T13:33:04.521Z\n\ud83d\udccf Modified: 2025-01-23T13:33:04.521Z\n\ud83d\udd17 References:\n1. https://www.usom.gov.tr/bildirim/tr-25-0017", "creation_timestamp": "2025-01-23T14:02:36.000000Z"}, {"uuid": "b089fe29-2e93-4642-9428-7b3088ec5eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10538", "type": "seen", "source": "https://t.me/cvedetector/10584", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10538 - Elementor Happy Addons Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-10538 \nPublished : Nov. 12, 2024, 4:15 a.m. | 37\u00a0minutes ago \nDescription : The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the before_label parameter in the Image Comparison widget in all versions up to, and including, 3.12.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T06:19:48.000000Z"}, {"uuid": "30b827bb-0ad8-4d18-84bd-d8b39c8c71b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10534", "type": "seen", "source": "https://t.me/cvedetector/11054", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10534 - Dataprom Informatics PACS/ACSS SSL/TLS Traffic Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10534 \nPublished : Nov. 15, 2024, 11:15 a.m. | 36\u00a0minutes ago \nDescription : Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) allows Traffic Injection.This issue affects Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS): before 2024. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T13:15:27.000000Z"}, {"uuid": "0bb79bb8-3450-44d5-adad-709cc86d8ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10535", "type": "seen", "source": "https://t.me/cvedetector/9995", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10535 - WooCommerce Video Gallery WordPress Unauthenticated Thumbnail Deletion Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-10535 \nPublished : Nov. 6, 2024, 7:15 a.m. | 40\u00a0minutes ago \nDescription : The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the remove_unused_thumbnails() function in all versions up to, and including, 1.31. This makes it possible for unauthenticated attackers to delete thumbnails in the video-wc-gallery-thumb directory. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-06T09:08:46.000000Z"}, {"uuid": "54d8f62c-5265-4b47-bb92-eae6cf55107c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1053", "type": "seen", "source": "https://t.me/ctinow/190500", "content": "https://ift.tt/YZHuf37\nCVE-2024-1053", "creation_timestamp": "2024-02-22T07:27:27.000000Z"}, {"uuid": "cd8c9c6e-689b-4eb3-8fa0-57009a255083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1053", "type": "seen", "source": "https://t.me/ctinow/190490", "content": "https://ift.tt/YZHuf37\nCVE-2024-1053", "creation_timestamp": "2024-02-22T07:23:07.000000Z"}]}