{"vulnerability": "CVE-2024-1311", "sightings": [{"uuid": "08f768ea-55ab-4c16-a14c-08ce97f683c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13110", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lerb7uehee2k", "content": "", "creation_timestamp": "2025-01-02T14:15:35.112155Z"}, {"uuid": "b3a679d3-e539-4039-a56d-686fcacc54ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13111", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lerb7wtrq62e", "content": "", "creation_timestamp": "2025-01-02T14:15:37.744786Z"}, {"uuid": "b630ce7b-1257-4362-aac5-1ab2424f8bfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13110", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lercqlwnci2h", "content": "", "creation_timestamp": "2025-01-02T14:42:57.098322Z"}, {"uuid": "bcbdc655-5199-41ca-8791-51b4d8006c41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzdwy327l2b", "content": "", "creation_timestamp": "2025-01-31T06:15:59.550611Z"}, {"uuid": "2a3129e5-defe-496c-b195-7448cf6b1ec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13116", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgpc3rr36b2h", "content": "", "creation_timestamp": "2025-01-27T06:16:15.500396Z"}, {"uuid": "0d173eec-77db-4fb4-bd76-d752b5bb902b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13117", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgpc3uiqv62i", "content": "", "creation_timestamp": "2025-01-27T06:16:18.312116Z"}, {"uuid": "880a94b8-b933-4ab7-9da4-24c2fdbc966b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113921514093808163", "content": "", "creation_timestamp": "2025-01-31T06:19:13.718450Z"}, {"uuid": "43180a74-6d10-47b8-8797-8efabec3d38f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13116", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113898933847071028", "content": "", "creation_timestamp": "2025-01-27T06:36:46.487084Z"}, {"uuid": "3ce97292-9b65-48ab-9c6e-d144008324e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgzi2xsifr2e", "content": "", "creation_timestamp": "2025-01-31T07:29:49.333952Z"}, {"uuid": "7a827938-c9ab-4fa8-97ae-9ebf97decb99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13116", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgpdxj3ye62g", "content": "", "creation_timestamp": "2025-01-27T06:49:43.481382Z"}, {"uuid": "791aac8b-4953-4fd2-8259-b1add166ac6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13117", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgpdxjnup72q", "content": "", "creation_timestamp": "2025-01-27T06:49:46.320244Z"}, {"uuid": "e08f7932-37f1-4af6-815c-0183a2e2318a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13117", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113898992850347130", "content": "", "creation_timestamp": "2025-01-27T06:51:46.764269Z"}, {"uuid": "699811f8-db0d-4021-a647-1b0bcff90c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13115", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhdt4d5aad2i", "content": "", "creation_timestamp": "2025-02-04T10:14:07.488785Z"}, {"uuid": "6cf90b67-dfce-4657-9d3a-532d2e7ade2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhdt4csgma2e", "content": "", "creation_timestamp": "2025-02-04T10:14:05.855575Z"}, {"uuid": "0db3ec56-3983-475a-8a90-6b15f61d774d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13115", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944121166063683", "content": "", "creation_timestamp": "2025-02-04T06:08:30.912907Z"}, {"uuid": "91cc2809-5eb3-4a8d-b421-a64d601d5568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944121148585749", "content": "", "creation_timestamp": "2025-02-04T06:08:31.343782Z"}, {"uuid": "d3bf62a6-fee5-4183-ab53-ae8d6c8317db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944139618963568", "content": "", "creation_timestamp": "2025-02-04T06:13:11.843394Z"}, {"uuid": "0614b984-1772-4189-a3be-9a8feff2ebc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13115", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944139633952082", "content": "", "creation_timestamp": "2025-02-04T06:13:12.162011Z"}, {"uuid": "4987de13-8f8c-4618-ac6c-698887fcbe3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdfsh3orj2b", "content": "", "creation_timestamp": "2025-02-04T06:15:52.193428Z"}, {"uuid": "a3da73a9-50c5-4521-8fe8-d8bf12f5cbe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13115", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdfskc6t22i", "content": "", "creation_timestamp": "2025-02-04T06:15:55.424258Z"}, {"uuid": "7dad5568-8403-4a1d-93d1-547bb0adc10b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113995089001366526", "content": "", "creation_timestamp": "2025-02-13T06:10:17.785193Z"}, {"uuid": "ed214bb2-57bc-40b5-9540-95d184035e1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzzym6evq2c", "content": "", "creation_timestamp": "2025-02-13T06:15:47.705509Z"}, {"uuid": "0b0c1752-5de7-4913-8fe6-61c7a7b246bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13118", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3ll6mzgj6dr2s", "content": "", "creation_timestamp": "2025-03-25T06:22:30.280077Z"}, {"uuid": "ebd4e2ed-5ebb-43fd-b654-f9b2c1dd3f9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13118", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll6v7zmr3f2m", "content": "", "creation_timestamp": "2025-03-25T08:49:22.405176Z"}, {"uuid": "47ccebd6-2791-4269-907c-a22e7a9b3474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13118", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "56b37516-3352-49d1-b850-4befff732fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "MISP/db121278-a8f5-4f36-a226-e45f3a86f55e", "content": "", "creation_timestamp": "2025-08-26T13:26:34.000000Z"}, {"uuid": "3af64732-9098-458a-94cc-13d9e3397f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mejue7ukwi2i", "content": "", "creation_timestamp": "2026-02-10T21:02:58.508889Z"}, {"uuid": "8b044e19-aca9-4ed3-9532-a1a8f0a8e7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3meovcdlnfk2j", "content": "", "creation_timestamp": "2026-02-12T21:03:19.854515Z"}, {"uuid": "32018e1e-24f4-49d8-a56c-864e93d146d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13117", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3168", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-9hcf-78cf-xwqv\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded\n\ud83d\udccf Published: 2025-01-27T06:30:26Z\n\ud83d\udccf Modified: 2025-01-27T06:30:26Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13117\n2. https://wpscan.com/vulnerability/3234cdac-f328-4f1e-a1de-31fbd86aefb9", "creation_timestamp": "2025-01-27T07:08:00.000000Z"}, {"uuid": "ababc704-b1f8-4499-a4d7-3acb1a69a3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3621", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13112\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP MediaTagger WordPress plugin through 4.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-01-31T06:30:53Z\n\ud83d\udccf Modified: 2025-01-31T06:30:53Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13112\n2. https://wpscan.com/vulnerability/155df231-30ef-47bb-aa91-a7deb1779bd1", "creation_timestamp": "2025-01-31T08:15:15.000000Z"}, {"uuid": "c3a7a4cd-a878-4c57-8b26-7cd89fd47c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13116", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3159", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-v3w4-79rw-r73c\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-01-27T06:30:26Z\n\ud83d\udccf Modified: 2025-01-27T06:30:26Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13116\n2. https://wpscan.com/vulnerability/1755c8ad-7620-4b12-bba0-013e80c2691b", "creation_timestamp": "2025-01-27T07:07:47.000000Z"}, {"uuid": "6dee98e1-bee0-4b1a-b1de-f27cc18a5908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3599", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13112\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-31T06:15:28.160\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/155df231-30ef-47bb-aa91-a7deb1779bd1/", "creation_timestamp": "2025-01-31T07:24:20.000000Z"}, {"uuid": "819c0dfa-2cda-427a-bad9-82eef138ae2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13119\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &amp; Restrict Content  WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-02-13T06:31:43Z\n\ud83d\udccf Modified: 2025-02-13T06:31:43Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13119\n2. https://wpscan.com/vulnerability/32600a45-a8cd-446c-9aa2-0621a02a9754", "creation_timestamp": "2025-02-13T07:11:16.000000Z"}, {"uuid": "e1a37917-df83-4eb9-b6f6-a306a6e9a371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4206", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13119\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T06:15:20.763\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/32600a45-a8cd-446c-9aa2-0621a02a9754/", "creation_timestamp": "2025-02-13T07:08:43.000000Z"}, {"uuid": "d6bd2f36-4f8d-4da7-bf4a-13cbbe1c3cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13113", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5469", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13113\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Countdown Timer for Elementor WordPress plugin before 1.3.7 does not sanitise and escape some parameters when outputting them on the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks.\n\ud83d\udccf Published: 2025-02-26T06:00:07.971Z\n\ud83d\udccf Modified: 2025-02-26T06:00:07.971Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/ffc31d9d-d245-4c4b-992d-394a01798117/", "creation_timestamp": "2025-02-26T06:25:23.000000Z"}, {"uuid": "5239b379-8873-4e8e-9a8c-97489f92380d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7416", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13112\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP MediaTagger WordPress plugin through 4.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-01-31T06:00:14.899Z\n\ud83d\udccf Modified: 2025-03-13T14:35:59.438Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/155df231-30ef-47bb-aa91-a7deb1779bd1/", "creation_timestamp": "2025-03-13T14:45:12.000000Z"}, {"uuid": "8ce6513d-8de5-4e36-ae2d-0f858a18eda3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13118", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13118\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack\n\ud83d\udccf Published: 2025-03-25T06:00:12.234Z\n\ud83d\udccf Modified: 2025-03-25T06:00:12.234Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/eba6f98e-b931-4f02-b190-ca855a674839/", "creation_timestamp": "2025-03-25T07:00:37.000000Z"}, {"uuid": "11108d22-643a-4927-bd58-b655ea2eaa93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "https://t.me/cvedetector/17970", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13119 - WordPress Paid Membership Plugin Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13119 \nPublished : Feb. 13, 2025, 6:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &amp; Restrict Content  WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-13T08:47:54.000000Z"}, {"uuid": "e9a455b4-b324-40b0-b37b-7490712f899e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13112", "type": "seen", "source": "https://t.me/cvedetector/16896", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13112 - WordPress MediaTagger Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13112 \nPublished : Jan. 31, 2025, 6:15 a.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : The WP MediaTagger WordPress plugin through 4.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T09:31:02.000000Z"}, {"uuid": "d3e5077c-5f6a-404d-80ad-d0432e4be038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13116", "type": "seen", "source": "https://t.me/cvedetector/16438", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13116 - Crelly Slider WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13116 \nPublished : Jan. 27, 2025, 6:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T10:08:17.000000Z"}, {"uuid": "a22fc99a-fa79-4041-a7bf-bff6907ad016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13118", "type": "seen", "source": "https://t.me/cvedetector/21069", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13118 - IP Based Login CSRF Vulnerability in WordPress\", \n  \"Content\": \"CVE ID : CVE-2024-13118 \nPublished : March 25, 2025, 6:15 a.m. | 1\u00a0hour, 32\u00a0minutes ago \nDescription : The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T09:27:47.000000Z"}, {"uuid": "5e7b322f-5035-4e87-a9df-510f8934d6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13117", "type": "seen", "source": "https://t.me/cvedetector/16439", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13117 - \"Social Share Buttons for WordPress Philippines Urged Disclosure of Local File Inclusion\"\", \n  \"Content\": \"CVE ID : CVE-2024-13117 \nPublished : Jan. 27, 2025, 6:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T10:08:18.000000Z"}, {"uuid": "02cd46f1-45c3-46ba-bde0-f58329fb91de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "https://t.me/cvedetector/17154", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13114 - WordPress Projects Portfolio with Client Testimonials Reflected Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13114 \nPublished : Feb. 4, 2025, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T08:02:16.000000Z"}, {"uuid": "1ea86887-dd93-4919-b55e-bc0e64aedd95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13115", "type": "seen", "source": "https://t.me/cvedetector/17153", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13115 - WordPress WP Projects Portfolio with Client Testimonials XSS Action\", \n  \"Content\": \"CVE ID : CVE-2024-13115 \nPublished : Feb. 4, 2025, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T08:02:16.000000Z"}, {"uuid": "dd79284e-afa6-4902-a012-1a9271c74127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13111", "type": "seen", "source": "https://t.me/cvedetector/14153", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13111 - Beijing Yunfan Internet Technology Yunfan Learning Examination System JWT Token Handler Authentication Bypass Critical Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13111 \nPublished : Jan. 2, 2025, 2:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl of the component JWT Token Handler. The manipulation leads to improper authentication. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. \nSeverity: 5.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T15:55:47.000000Z"}, {"uuid": "418d9e27-e13e-4026-9b87-3f1ed21703df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13110", "type": "seen", "source": "https://t.me/cvedetector/14152", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13110 - Yunfan Learning Examination System Remote Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13110 \nPublished : Jan. 2, 2025, 2:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected is an unknown function of the file src/main/java/com/yf/exam/modules/paper/controller/PaperController.java\uff0c of the component Exam Answer Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T15:55:47.000000Z"}, {"uuid": "e6af732f-d27d-4778-b7a0-f3c840d5eead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13115", "type": "seen", "source": "Telegram/70X7a4YWLAPtOtwyEH2yiICkPEvGaLjp_Z7Sm_hh6dL8TmTy", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "52aef2f9-a567-45f2-b184-1a762971589f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13114", "type": "seen", "source": "Telegram/JW2LiKep5lO5FzQrxxONctYBPofFc6nApxtBGlZjbITFOHGX", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "7c3d8e59-dc93-4999-886d-58268ff6605e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13119", "type": "seen", "source": "Telegram/_0nRAREVu9_rXHctizv-ApjUjNsFwyQplX3KFp6FEQpKa66v", "content": "", "creation_timestamp": "2025-02-14T10:08:08.000000Z"}]}