{"vulnerability": "CVE-2024-1109", "sightings": [{"uuid": "5b7d610c-950a-4732-9ef2-03cbe40dce84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11097", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113467533009360498", "content": "", "creation_timestamp": "2024-11-12T02:05:52.148253Z"}, {"uuid": "1af0ba83-73ad-4a08-a2f9-05b22c8fd853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11099", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113467533024839151", "content": "", "creation_timestamp": "2024-11-12T02:05:52.465627Z"}, {"uuid": "b32fc9c5-600a-4a5d-bc69-66cce5776e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11098", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113508494481507307", "content": "", "creation_timestamp": "2024-11-19T07:42:54.786548Z"}, {"uuid": "03d316ea-2d1f-4505-ac54-f6b926ba3995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11092", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113490612210234530", "content": "", "creation_timestamp": "2024-11-16T03:55:12.917186Z"}, {"uuid": "485048e4-12ed-4ca9-b77d-92c254aa90cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11098", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113508481875016325", "content": "", "creation_timestamp": "2024-11-19T07:39:42.763466Z"}, {"uuid": "b41afc72-dacf-420a-b067-57a7ce61600f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11094", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113491970843217453", "content": "", "creation_timestamp": "2024-11-16T09:40:43.939695Z"}, {"uuid": "1d984202-9704-4d74-b55d-ea307df0cb02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11093", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113592347894947803", "content": "", "creation_timestamp": "2024-12-04T03:07:56.245182Z"}, {"uuid": "1642575c-5528-4121-b8e0-d8aa01900824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11091", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113548367153102888", "content": "", "creation_timestamp": "2024-11-26T08:43:03.433846Z"}, {"uuid": "f823ce14-7765-4e15-9612-29785eb69675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11095", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113649307925333273", "content": "", "creation_timestamp": "2024-12-14T04:33:37.272213Z"}, {"uuid": "8cfccd3a-fa5e-473d-bbf7-c24417f49714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113893307633508299", "content": "", "creation_timestamp": "2025-01-26T06:45:57.458999Z"}, {"uuid": "01fed874-6092-4467-8773-a10bf50adab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgmuwwj6ut2i", "content": "", "creation_timestamp": "2025-01-26T07:15:34.485764Z"}, {"uuid": "448bab15-3eaf-47d4-8567-705eec6f3fba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3128", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-f537-2529-5pf3\n\ud83d\udd25 CVSS Score: N/A (CVSS_V3)\n\ud83d\udd39 Description: The Membership Plugin \u2013 Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.13 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.\n\ud83d\udccf Published: 2025-01-26T09:30:31Z\n\ud83d\udccf Modified: 2025-01-26T09:30:31Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-11090\n2. https://plugins.trac.wordpress.org/changeset/3227065/restrict-content\n3. https://www.wordfence.com/threat-intel/vulnerabilities/id/7615c391-ccb1-4990-bbfd-949782cc609a?source=cve", "creation_timestamp": "2025-01-26T10:06:16.000000Z"}, {"uuid": "db74c33b-c603-479c-af74-678306f93fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgmzfklyc22k", "content": "", "creation_timestamp": "2025-01-26T08:35:21.551472Z"}, {"uuid": "a1e9bdb4-dc2e-4075-8674-77e6dbe6eeca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11090\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-26T07:15:08.750\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/changeset/3227065/restrict-content\n2. https://www.wordfence.com/threat-intel/vulnerabilities/id/7615c391-ccb1-4990-bbfd-949782cc609a?source=cve", "creation_timestamp": "2025-01-26T09:14:39.000000Z"}, {"uuid": "5442925a-5fb8-42c4-8914-45868425b7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11093", "type": "seen", "source": "https://t.me/cvedetector/11944", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11093 - The SG Helper plugin for WordPress is vulnerable t\", \n  \"Content\": \"CVE ID : CVE-2024-11093 \nPublished : Dec. 4, 2024, 3:15 a.m. | 39\u00a0minutes ago \nDescription : The SG Helper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in version 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T05:02:44.000000Z"}, {"uuid": "abed1e7b-b25a-4064-8d9e-c335f72ff17e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "https://t.me/cvedetector/16406", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11090 - \"Restrict Content WordPress Sensitive Information Exposure\"\", \n  \"Content\": \"CVE ID : CVE-2024-11090 \nPublished : Jan. 26, 2025, 7:15 a.m. | 37\u00a0minutes ago \nDescription : The Membership Plugin \u2013 Restrict Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.13 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-26T09:03:11.000000Z"}, {"uuid": "e0ca0501-b164-47e9-be2a-1b99ad514939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11098", "type": "seen", "source": "https://t.me/cvedetector/11438", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11098 - \"WordPress SVG Block Stored Cross-Site Scripting (XSS)\"\", \n  \"Content\": \"CVE ID : CVE-2024-11098 \nPublished : Nov. 19, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : The SVG Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T10:07:21.000000Z"}, {"uuid": "29c70d41-4e34-4807-992f-e167c79854b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11099", "type": "seen", "source": "https://t.me/cvedetector/10568", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11099 - Code-projects Job Recruitment SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11099 \nPublished : Nov. 12, 2024, 2:15 a.m. | 26\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T03:49:10.000000Z"}, {"uuid": "33ea0ea3-7309-4235-bd5c-eb55d04a26f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11090", "type": "seen", "source": "Telegram/x1tAuhkafTPFlz2lB3d2rgnLAwhrNrnJwlR-ow20jr6i_u4i", "content": "", "creation_timestamp": "2025-02-06T02:42:29.000000Z"}, {"uuid": "cbcba42b-c69e-4e0b-a251-e6090c72ac4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11096", "type": "seen", "source": "https://t.me/cvedetector/10565", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11096 - SQLite CodeProject Task Manager SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-11096 \nPublished : Nov. 12, 2024, 1:15 a.m. | 37\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T02:59:01.000000Z"}, {"uuid": "7b8f10e0-a8c1-49ec-abbe-9013502590f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11097", "type": "seen", "source": "https://t.me/cvedetector/10570", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11097 - \"SourceCodester Student Record Management System Infinite Local Loop Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11097 \nPublished : Nov. 12, 2024, 2:15 a.m. | 26\u00a0minutes ago \nDescription : A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T03:49:12.000000Z"}, {"uuid": "d62106a7-6cb9-49d4-ad30-6642464f3da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11094", "type": "seen", "source": "https://t.me/cvedetector/11230", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11094 - WordPress 404 Solution Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-11094 \nPublished : Nov. 16, 2024, 10:15 a.m. | 36\u00a0minutes ago \nDescription : The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature. This makes it possible for unauthenticated attackers to extract sensitive data such as redirects including GET parameters which may reveal sensitive information. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-16T11:53:19.000000Z"}, {"uuid": "51b0f604-f786-4cf9-aa4f-cae3892d3cf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11092", "type": "seen", "source": "https://t.me/cvedetector/11218", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11092 - WordPress SVGPlus Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11092 \nPublished : Nov. 16, 2024, 4:15 a.m. | 38\u00a0minutes ago \nDescription : The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-16T06:02:35.000000Z"}, {"uuid": "6bf40891-e29b-4b3e-aca2-f0075837e456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1109", "type": "seen", "source": "https://t.me/ctinow/180657", "content": "https://ift.tt/CPfc3UF\nCVE-2024-1109", "creation_timestamp": "2024-02-07T12:21:56.000000Z"}, {"uuid": "3733f5b7-9c61-4b78-b5c6-d1d50fd7d327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1109", "type": "seen", "source": "https://t.me/ctinow/197805", "content": "https://ift.tt/BVcw8ro\nCVE-2024-1109 | Podlove Podcast Publisher Plugin up to 4.0.11 on WordPress Data Export authorization", "creation_timestamp": "2024-03-01T17:17:18.000000Z"}]}