{"vulnerability": "CVE-2024-1087", "sightings": [{"uuid": "944e7412-924c-4388-b093-8b31b72dcf4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10876", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113451633559974994", "content": "", "creation_timestamp": "2024-11-09T06:42:26.368608Z"}, {"uuid": "146fe6e8-f0f5-476a-a01c-84e0b9971999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10871", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113451904328749808", "content": "", "creation_timestamp": "2024-11-09T07:51:17.389739Z"}, {"uuid": "529690e2-9f9f-4c35-8fe6-169596222789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10877", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113474318154393390", "content": "", "creation_timestamp": "2024-11-13T06:51:25.270731Z"}, {"uuid": "2ec1f609-f005-4731-b99c-cbfccf2c0c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10875", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113490553139764151", "content": "", "creation_timestamp": "2024-11-16T03:40:11.817050Z"}, {"uuid": "c3f73dde-3007-4b99-8cf3-71012485d41e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10872", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514959061509312", "content": "", "creation_timestamp": "2024-11-20T11:06:56.178512Z"}, {"uuid": "83dd0f3c-6de9-458e-b1ea-65aba576d54b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10873", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113530416359865800", "content": "", "creation_timestamp": "2024-11-23T04:37:55.991237Z"}, {"uuid": "64dbfcea-2567-4e88-bd57-57f507ea2e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10878", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113550489349966911", "content": "", "creation_timestamp": "2024-11-26T17:42:45.577927Z"}, {"uuid": "69be935f-6ce8-47eb-8b85-fecf78a90580", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10879", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113605022621189199", "content": "", "creation_timestamp": "2024-12-06T08:51:17.088465Z"}, {"uuid": "200f95f6-ea1c-4970-baac-f7cca420ff3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10874", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113530225995694298", "content": "", "creation_timestamp": "2024-11-23T03:49:31.692373Z"}, {"uuid": "0ef074f2-5373-4393-a216-115bda7d07a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10872", "type": "seen", "source": "https://t.me/cvedetector/11583", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10872 - Getwid \u2013 Gutenberg Blocks WordPress Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-10872 \nPublished : Nov. 20, 2024, 11:15 a.m. | 38\u00a0minutes ago \nDescription : The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `template-post-custom-field` block in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T12:54:10.000000Z"}, {"uuid": "d8c25f3c-a2f5-45ef-b585-0537293a00a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10871", "type": "seen", "source": "https://t.me/cvedetector/10282", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10871 - Category Ajax Filter Multiple Vulnerabilities through Local File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-10871 \nPublished : Nov. 9, 2024, 8:15 a.m. | 39\u00a0minutes ago \nDescription : The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where files with a .php extension can be uploaded and included. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T09:56:29.000000Z"}, {"uuid": "db6443d8-c7fd-4f0b-a04e-69ce91b88e6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10876", "type": "seen", "source": "https://t.me/cvedetector/10279", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10876 - WordPress Charitable Donation Plugin - Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-10876 \nPublished : Nov. 9, 2024, 7:15 a.m. | 39\u00a0minutes ago \nDescription : The Charitable \u2013 Donation Plugin for WordPress \u2013 Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T09:06:19.000000Z"}, {"uuid": "e4b7f343-9ebc-4f2b-a2a8-cceecf5cdec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10875", "type": "seen", "source": "https://t.me/cvedetector/11219", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10875 - WordPress Gallery Manager Plugin Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10875 \nPublished : Nov. 16, 2024, 4:15 a.m. | 38\u00a0minutes ago \nDescription : The Gallery Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_Query_Arg without appropriate escaping on the URL in all versions up to, and including, 1.6.58. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-16T06:02:36.000000Z"}, {"uuid": "de7e5cff-4903-4001-a846-49e1375908b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10877", "type": "seen", "source": "https://t.me/cvedetector/10809", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10877 - Wordpress AFI - Easiest Integration Plugin Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-10877 \nPublished : Nov. 13, 2024, 7:15 a.m. | 45\u00a0minutes ago \nDescription : The AFI \u2013 The Easiest Integration Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.92.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T09:08:41.000000Z"}, {"uuid": "f8183eed-fe35-415f-a481-abd3836d24fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1087", "type": "seen", "source": "https://t.me/ctinow/176771", "content": "https://ift.tt/fS5NiwO\nCVE-2024-1087", "creation_timestamp": "2024-01-31T14:31:34.000000Z"}]}