{"vulnerability": "CVE-2024-1231", "sightings": [{"uuid": "1c788b81-27e5-4f0b-a52e-6073e371fd29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12312", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113638584212194781", "content": "", "creation_timestamp": "2024-12-12T07:06:26.618197Z"}, {"uuid": "18ee105d-acfc-48c0-9d21-c0efd439ce1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12313", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vhhhji425", "content": "", "creation_timestamp": "2025-01-07T05:17:01.732352Z"}, {"uuid": "eae4b9ec-cd62-4dc3-a987-e2fe69bbcc97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12316", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5mukj6nh2m", "content": "", "creation_timestamp": "2025-01-07T12:15:57.159719Z"}, {"uuid": "37828523-0b2a-4cf2-bb6a-a937550b8213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12313", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113785496445259609", "content": "", "creation_timestamp": "2025-01-07T05:48:09.418464Z"}, {"uuid": "58c9bf5e-5970-4ec9-ac7e-7ae77c58d5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12313", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4xi2rv3w25", "content": "", "creation_timestamp": "2025-01-07T05:53:11.190159Z"}, {"uuid": "06ce69a7-4b1d-432d-8cdd-46a8030dabc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12316", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf5oxqrlvf2e", "content": "", "creation_timestamp": "2025-01-07T12:53:32.795985Z"}, {"uuid": "7afc4467-0629-4ace-b457-9378710d184f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12311", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113779894293721804", "content": "", "creation_timestamp": "2025-01-06T06:03:31.376886Z"}, {"uuid": "0b7da31a-4715-4d34-86cf-c526c953d49e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12311", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf2ibaes2f2l", "content": "", "creation_timestamp": "2025-01-06T06:15:34.951162Z"}, {"uuid": "bb7c4a91-0477-4846-9b5a-3e2314d0a853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12311", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf2k2xp2kp2e", "content": "", "creation_timestamp": "2025-01-06T06:47:53.034692Z"}, {"uuid": "34a3c789-12ec-4164-bd1b-ff6012a27cdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwlekul2i2x", "content": "", "creation_timestamp": "2025-02-11T21:16:04.051830Z"}, {"uuid": "b59c45a3-1328-4441-be6f-8bbe7ee03d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwvvoqnep2u", "content": "", "creation_timestamp": "2025-02-12T00:24:35.895042Z"}, {"uuid": "66501aee-44fc-4920-bb1d-fb5687918f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113989978657694600", "content": "", "creation_timestamp": "2025-02-12T08:30:40.140296Z"}, {"uuid": "cd2cfd5d-6e36-4bdb-851b-926b6e07dc39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhxtljp3a62s", "content": "", "creation_timestamp": "2025-02-12T09:15:47.450459Z"}, {"uuid": "26d87a18-dc41-41e7-8362-0c7ddfa64013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhy5miaorn2v", "content": "", "creation_timestamp": "2025-02-12T12:15:17.777181Z"}, {"uuid": "1949b4b5-bbf3-4793-b5f6-5c455201f049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-1231", "type": "seen", "source": "https://bsky.app/profile/intelrob.bsky.social/post/3lmgime6r6s27", "content": "", "creation_timestamp": "2025-04-10T02:50:06.782210Z"}, {"uuid": "05f99610-3bdd-4b6b-ad93-41d481670cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12314", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ligixae7le2y", "content": "", "creation_timestamp": "2025-02-18T05:15:25.206248Z"}, {"uuid": "4413f280-3525-4c59-a139-c22a7c1b131f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12310", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lunct6brw32o", "content": "", "creation_timestamp": "2025-07-23T15:16:44.127438Z"}, {"uuid": "c095c7b9-c6db-493f-bcc4-093e18c63fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12315\n\ud83d\udd25 CVSS Score: 7.5 (CVSS_V3)\n\ud83d\udd39 Description: The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/smack_uci_uploads/exports/ directory which can contain information like exported user data.\n\ud83d\udccf Published: 2025-02-12T09:31:45Z\n\ud83d\udccf Modified: 2025-02-12T09:31:45Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-12315\n2. https://plugins.trac.wordpress.org/browser/wp-ultimate-exporter/trunk/exportExtensions/ExportExtension.php#L1678\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3230400%40wp-ultimate-exporter&new=3230400%40wp-ultimate-exporter&sfp_email=&sfph_mail=\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/075709e0-5f00-4d7b-80f6-96e3b4b4a895?source=cve", "creation_timestamp": "2025-02-12T10:08:40.000000Z"}, {"uuid": "29e78eaf-e222-4638-870f-fd718ac85d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12310", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:41.000000Z"}, {"uuid": "11f11efe-6edf-483c-bc50-5232fd8c7e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12316", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/394", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12316\n\ud83d\udd39 Description: The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_popup_action() function in all versions up to, and including, 4.8.5. This makes it possible for unauthenticated attackers to export popup templates.\n\ud83d\udccf Published: 2025-01-07T11:11:10.560Z\n\ud83d\udccf Modified: 2025-01-07T11:11:10.560Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/5db195c1-8917-4465-a5ca-21089afb0bc7?source=cve\n2. https://plugins.trac.wordpress.org/browser/jupiterx-core/trunk/includes/popups/class.php#L475\n3. https://plugins.trac.wordpress.org/changeset/3214798/jupiterx-core/trunk/includes/popups/class.php", "creation_timestamp": "2025-01-07T11:37:29.000000Z"}, {"uuid": "6d9bbfa9-e1bd-4959-951e-db7316e5e674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12314", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "f533467e-a8e3-4870-ae89-e3317f2f7681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/327", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12313\n\ud83d\udd39 Description: The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woo_compare_list' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.\n\ud83d\udccf Published: 2025-01-07T04:22:01.100Z\n\ud83d\udccf Modified: 2025-01-07T04:22:01.100Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/638e8e67-38b3-4fc4-bd77-8f268030a93a?source=cve\n2. https://plugins.trac.wordpress.org/browser/woocommerce-compare-products/trunk/classes/class-wc-compare-functions.php#L219\n3. https://plugins.trac.wordpress.org/browser/woocommerce-compare-products/trunk/classes/class-wc-compare-functions.php#L237\n4. https://plugins.trac.wordpress.org/browser/woocommerce-compare-products/trunk/classes/class-wc-compare-functions.php#L256\n5. https://plugins.trac.wordpress.org/browser/woocommerce-compare-products/trunk/classes/class-wc-compare-functions.php#L275", "creation_timestamp": "2025-01-07T04:39:26.000000Z"}, {"uuid": "601f26bb-128d-46ef-84bb-19c71b6591f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12311", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/149", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-c797-jx9v-f674\n\ud83d\udd17 Aliases: CVE-2024-12311\n\ud83d\udd39 Details: The Email Subscribers by Icegram Express  WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks\n\ud83d\uddd3\ufe0f Modified: 2025-01-06T06:30:46Z\n\ud83d\uddd3\ufe0f Published: 2025-01-06T06:30:45Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-12311\n2. https://wpscan.com/vulnerability/5e00ba3-daf-403-a0b9-6523696fbdd", "creation_timestamp": "2025-01-06T06:40:11.000000Z"}, {"uuid": "dcc8d827-ff3d-465b-b3bd-fbbf49487fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "https://t.me/cvedetector/17850", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12315 - WordPress Export All Posts, Products, Orders, Refunds & Users Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-12315 \nPublished : Feb. 12, 2025, 9:15 a.m. | 1\u00a0hour, 37\u00a0minutes ago \nDescription : The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/smack_uci_uploads/exports/ directory which can contain information like exported user data. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T12:41:57.000000Z"}, {"uuid": "8502c07f-daf1-4b55-a040-533a82d83701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12314", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12314\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Rapid Cache plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 1.2.3. This is due to plugin storing HTTP headers in the cached data. This makes it possible for unauthenticated attackers to poison the cache with custom HTTP headers that may be unsanitized which can lead to Cross-Site Scripting.\n\ud83d\udccf Published: 2025-02-18T04:21:17.575Z\n\ud83d\udccf Modified: 2025-02-18T04:21:17.575Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/72b777ac-1870-4588-82fe-da96a784ec81?source=cve\n2. https://wordpress.org/plugins/rapid-cache/", "creation_timestamp": "2025-02-18T07:56:53.000000Z"}, {"uuid": "95a0c0da-2101-4b78-9f3b-4590dd8dcdf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1231", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8136", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1231\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The CM Download Manager  WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack\n\ud83d\udccf Published: 2024-03-25T05:00:00.845Z\n\ud83d\udccf Modified: 2025-03-19T20:04:28.792Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/7d3968d9-61ed-4c00-8764-0360cf03255e/", "creation_timestamp": "2025-03-19T20:18:02.000000Z"}, {"uuid": "4c672b40-fdaa-4ab2-a3cd-225a7925c3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12311", "type": "seen", "source": "https://t.me/cvedetector/14338", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12311 - Icegram Express WordPress Plugin SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12311 \nPublished : Jan. 6, 2025, 6:15 a.m. | 24\u00a0minutes ago \nDescription : The Email Subscribers by Icegram Express  WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-06T07:43:47.000000Z"}, {"uuid": "fa6121f4-d220-4d45-848e-7cd0c774834b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12313", "type": "seen", "source": "https://t.me/cvedetector/14458", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12313 - \"WooCommerce Compare Products PHP Object Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-12313 \nPublished : Jan. 7, 2025, 5:15 a.m. | 40\u00a0minutes ago \nDescription : The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woo_compare_list' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T07:10:18.000000Z"}, {"uuid": "22254a0e-f3ed-4e85-bf9e-58c08d346937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12316", "type": "seen", "source": "https://t.me/cvedetector/14530", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12316 - Jupiter X Core WordPress Unauthenticated Data Export Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12316 \nPublished : Jan. 7, 2025, 12:15 p.m. | 29\u00a0minutes ago \nDescription : The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_popup_action() function in all versions up to, and including, 4.8.5. This makes it possible for unauthenticated attackers to export popup templates. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T13:52:32.000000Z"}, {"uuid": "10e5717a-2542-497f-ad6d-b8e18fdbeda0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12314", "type": "seen", "source": "Telegram/qsk_LT-2N1HoNGZ5N4XYTgpUNmj9CPuM0aNZAvOWHRDugzsb", "content": "", "creation_timestamp": "2025-02-18T11:38:59.000000Z"}, {"uuid": "3334b941-3142-4508-89e0-1fec692ab284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12312", "type": "seen", "source": "https://t.me/cvedetector/12746", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12312 - Print Science Designer WordPress PHP Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12312 \nPublished : Dec. 12, 2024, 7:15 a.m. | 33\u00a0minutes ago \nDescription : The Print Science Designer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.152 via deserialization of untrusted input through the 'designer-saved-projects' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T08:48:50.000000Z"}, {"uuid": "963d9aab-c542-4334-9e6d-bbcf769a7311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12314", "type": "seen", "source": "Telegram/XPCogO68oESYzRzq0rnG1cKRvDKqDuMYJN9nNIoezMukKYLi", "content": "", "creation_timestamp": "2025-02-24T14:08:43.000000Z"}, {"uuid": "a3dc4443-d351-4fbc-b1f4-fbf23a6bd00d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12315", "type": "seen", "source": "Telegram/cNHz2WIqvypLYxSi6vlQDxxMDAeiIhgPdHWn4S5Rx9t0uge9", "content": "", "creation_timestamp": "2025-02-14T10:04:03.000000Z"}]}