{"vulnerability": "CVE-2024-1141", "sightings": [{"uuid": "e315110d-d810-4e7c-93ad-2ccc58268f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11416", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518855561839944", "content": "", "creation_timestamp": "2024-11-21T03:37:52.814420Z"}, {"uuid": "847d3e14-50e5-4d2a-a95f-e9eb69312052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11412", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518855534268808", "content": "", "creation_timestamp": "2024-11-21T03:37:51.765339Z"}, {"uuid": "ed3786fe-2210-4240-9881-4c06ac519d62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11414", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518855547753647", "content": "", "creation_timestamp": "2024-11-21T03:37:52.292239Z"}, {"uuid": "710fdbce-32b3-4bf7-852f-7d8ead40bbac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11415", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113530285041888081", "content": "", "creation_timestamp": "2024-11-23T04:04:32.596352Z"}, {"uuid": "4d427b89-e529-4804-907c-2a9af74a3a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11418", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113547174851813062", "content": "", "creation_timestamp": "2024-11-26T03:39:50.879794Z"}, {"uuid": "2e58f0f5-2fa1-45af-8e76-adf82732ca69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11413", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113637748519156484", "content": "", "creation_timestamp": "2024-12-12T03:33:55.023336Z"}, {"uuid": "476077b8-09a5-4a7d-ae2a-728f7b2ada93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11417", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113637807522771815", "content": "", "creation_timestamp": "2024-12-12T03:48:55.033804Z"}, {"uuid": "7e1f707a-c474-415d-b710-815238a9f0f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11419", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113637807538504573", "content": "", "creation_timestamp": "2024-12-12T03:48:55.505856Z"}, {"uuid": "92bb8ea9-6d29-4f61-9092-8eddccf680b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11411", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113683880039836247", "content": "", "creation_timestamp": "2024-12-20T07:05:46.283260Z"}, {"uuid": "2e71f018-c83c-49d3-8e45-53f99becb2f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11411", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldptopqajy2z", "content": "", "creation_timestamp": "2024-12-20T07:15:29.575512Z"}, {"uuid": "a8f2a9f9-d701-4f0e-96cd-a083764067af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11411", "type": "seen", "source": "https://t.me/cvedetector/13424", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11411 - WordPress Spotlightr Plugin Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11411 \nPublished : Dec. 20, 2024, 7:15 a.m. | 43\u00a0minutes ago \nDescription : The Spotlightr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spotlightr-v' shortcode in all versions up to, and including, 0.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T09:13:22.000000Z"}, {"uuid": "bc52ad8b-2648-47fd-8dae-cd37fd02f4b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11410", "type": "seen", "source": "https://t.me/cvedetector/12722", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11410 - WordPress YooBar Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11410 \nPublished : Dec. 12, 2024, 5:15 a.m. | 43\u00a0minutes ago \nDescription : The Top and footer bars for announcements, notifications, advertisements, promotions \u2013 YooBar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Yoo Bar settings in all versions up to, and including, 2.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T07:08:12.000000Z"}, {"uuid": "ab088464-1313-407e-a29f-0c75a81c3587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11413", "type": "seen", "source": "https://t.me/cvedetector/12702", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11413 - HostFact WordPress Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11413 \nPublished : Dec. 12, 2024, 4:15 a.m. | 36\u00a0minutes ago \nDescription : The HostFact bestelformulier integratie plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bestelformulier' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T06:17:42.000000Z"}, {"uuid": "e6e353a4-3bed-49ec-8e4d-3b52e1e351e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11419", "type": "seen", "source": "https://t.me/cvedetector/12699", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11419 - WordPress Password WP Plugin CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-11419 \nPublished : Dec. 12, 2024, 4:15 a.m. | 36\u00a0minutes ago \nDescription : The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on the get3_init_admin_page() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T06:17:36.000000Z"}, {"uuid": "fd14a836-2a51-4f96-b3a4-7a2b1dbacc26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11417", "type": "seen", "source": "https://t.me/cvedetector/12698", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11417 - WordPress Dejure Vernetzungsfunktion CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11417 \nPublished : Dec. 12, 2024, 4:15 a.m. | 36\u00a0minutes ago \nDescription : The dejure.org Vernetzungsfunktion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.97.5. This is due to missing or incorrect nonce validation on the djo_einstellungen_menue() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T06:17:36.000000Z"}, {"uuid": "bb8ca32d-7acc-40dc-ae57-8433d4d351bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1141", "type": "seen", "source": "https://t.me/ctinow/177651", "content": "https://ift.tt/oPFrTBa\nCVE-2024-1141", "creation_timestamp": "2024-02-01T16:26:09.000000Z"}, {"uuid": "920c739f-f9a7-4ced-8853-18e512ec2050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1141", "type": "seen", "source": "https://t.me/ctinow/191180", "content": "https://ift.tt/SnJoV5G\nCVE-2024-1141 | python-glance-store access_key debug log file", "creation_timestamp": "2024-02-22T21:21:48.000000Z"}]}