{"vulnerability": "CVE-2024-13097", "sightings": [{"uuid": "616b6d36-fe0b-433f-8371-96aac38f692a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13097", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh3z4bpjk22k", "content": "", "creation_timestamp": "2025-02-01T07:40:09.946542Z"}, {"uuid": "9b795fc6-2d71-4714-8587-6f6b7d1e772b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13097", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3meovcdjj4w2v", "content": "", "creation_timestamp": "2026-02-12T21:03:19.211204Z"}, {"uuid": "a5879c99-4ff2-4368-b09f-75e9abacdeb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13097", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3725", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13097\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP Finance WordPress plugin through 1.3.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-02-01T06:31:01Z\n\ud83d\udccf Modified: 2025-02-01T06:31:01Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13097\n2. https://wpscan.com/vulnerability/d83d7274-55ae-4f35-b65e-6d6e19e36fac", "creation_timestamp": "2025-02-01T07:16:19.000000Z"}, {"uuid": "bf12d3b9-65d0-4df1-9cf6-1d1b9c28cfe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13097", "type": "seen", "source": "https://t.me/cvedetector/16995", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13097 - WordPress Finance Plugin Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13097 \nPublished : Feb. 1, 2025, 6:15 a.m. | 21\u00a0minutes ago \nDescription : The WP Finance WordPress plugin through 1.3.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-01T08:07:22.000000Z"}, {"uuid": "131e2d2a-c71d-4857-8391-20d6d6cb3f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13097", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh3ufvgjue2r", "content": "", "creation_timestamp": "2025-02-01T06:15:59.061859Z"}]}