{"vulnerability": "CVE-2024-12736", "sightings": [{"uuid": "8454618d-c7ca-4d74-bcb5-8ff8f346293d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12736", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113796932492439394", "content": "", "creation_timestamp": "2025-01-09T06:16:29.930703Z"}, {"uuid": "b381183e-7d9e-48b8-bbd5-3f6d82ef0ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12736", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfbzoofiwo2k", "content": "", "creation_timestamp": "2025-01-09T06:15:57.592345Z"}, {"uuid": "2dd96f11-18c1-43eb-ae17-d86cdc728c02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12736", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfc3apom6i2i", "content": "", "creation_timestamp": "2025-01-09T06:43:57.787042Z"}, {"uuid": "3f2a3daa-2fe5-460f-83df-e21026e0d6d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12736", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/892", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12736\n\ud83d\udd39 Description: The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-01-09T06:00:09.513Z\n\ud83d\udccf Modified: 2025-01-09T06:00:09.513Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/d3c6a4c1-8358-4f8b-b58d-3f712052668f/", "creation_timestamp": "2025-01-09T06:17:07.000000Z"}, {"uuid": "ca407c09-8d81-4f6f-ba23-bfc43fff255e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12736", "type": "seen", "source": "https://t.me/cvedetector/14783", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12736 - WordPress BU Section Editing Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12736 \nPublished : Jan. 9, 2025, 6:15 a.m. | 19\u00a0minutes ago \nDescription : The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T07:43:07.000000Z"}]}