{"vulnerability": "CVE-2024-1330", "sightings": [{"uuid": "529a6aab-56b4-4187-8480-5e831705f211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13308", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlz3szkz27", "content": "", "creation_timestamp": "2025-01-09T21:16:34.216222Z"}, {"uuid": "d2f3e3a9-369c-4f9f-93e2-bcf1668b361b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13302", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlyqty6f2d", "content": "", "creation_timestamp": "2025-01-09T21:16:22.723302Z"}, {"uuid": "a529f0c6-94df-49ea-bb12-a37e284d89d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13303", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlythl7b2e", "content": "", "creation_timestamp": "2025-01-09T21:16:25.474202Z"}, {"uuid": "d56edcc7-492f-4a6d-9501-82631ab6f5b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13304", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlyvpzdj27", "content": "", "creation_timestamp": "2025-01-09T21:16:27.838884Z"}, {"uuid": "cb0fbb71-1731-444f-bfd0-c03c46bc7d64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13305", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlyzi4bq2f", "content": "", "creation_timestamp": "2025-01-09T21:16:31.950826Z"}, {"uuid": "e255fa6f-81ac-4356-bc3d-657bf66e742e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13300", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlymb2g72m", "content": "", "creation_timestamp": "2025-01-09T21:16:17.958879Z"}, {"uuid": "e25b8683-c020-4b20-afeb-be8c868335b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13301", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlyojnij2e", "content": "", "creation_timestamp": "2025-01-09T21:16:20.229457Z"}, {"uuid": "a6ddabf8-3377-4dee-8559-19eb54e0eba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13309", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdlz67uus22", "content": "", "creation_timestamp": "2025-01-09T21:16:36.717415Z"}, {"uuid": "960f7923-f9fe-4a1c-b245-18846a95fe8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13309", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdnayomje2g", "content": "", "creation_timestamp": "2025-01-09T21:38:54.957013Z"}, {"uuid": "690ce729-15cd-4400-8e5c-c4fc5d1efafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13305", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdnays74z2h", "content": "", "creation_timestamp": "2025-01-09T21:38:55.545910Z"}, {"uuid": "d2f8da57-227b-4eca-8933-937daf49ee6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13300", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdnazdsxv2q", "content": "", "creation_timestamp": "2025-01-09T21:38:58.000046Z"}, {"uuid": "7643f60c-6e42-40a9-bbe3-16c6b0ab34cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13303", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdnazhipy2e", "content": "", "creation_timestamp": "2025-01-09T21:38:58.568744Z"}, {"uuid": "ed22ca1a-7262-45b7-ac8f-e36a0766bb59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114006395694000942", "content": "", "creation_timestamp": "2025-02-15T06:05:44.197161Z"}, {"uuid": "c811d903-6e92-4a8f-81e9-72a167540739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13305", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113800305221049241", "content": "", "creation_timestamp": "2025-01-09T20:34:13.217018Z"}, {"uuid": "3a04e02c-97d8-426a-8a33-f8cf4b0d9100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13309", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113800305249592802", "content": "", "creation_timestamp": "2025-01-09T20:34:13.450332Z"}, {"uuid": "3a06d048-5c9a-4b5c-9708-f7162dc020bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13308", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113800305235617163", "content": "", "creation_timestamp": "2025-01-09T20:34:14.112739Z"}, {"uuid": "3f2ae74d-14ae-4842-a7ad-e1ff11309c76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li72wtuyhf2t", "content": "", "creation_timestamp": "2025-02-15T06:16:01.347011Z"}, {"uuid": "5b2e9f43-287f-47b7-8ea6-237c3634e865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li7eeh7beq2y", "content": "", "creation_timestamp": "2025-02-15T09:04:42.209194Z"}, {"uuid": "a70ed348-3361-4b2a-bd36-209590fc9522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13309", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1092", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13309\n\ud83d\udd39 Description: Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.\n\ud83d\udccf Published: 2025-01-09T20:27:35.812Z\n\ud83d\udccf Modified: 2025-01-09T20:27:35.812Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2024-073", "creation_timestamp": "2025-01-09T21:17:57.000000Z"}, {"uuid": "666afeef-0602-4ae5-b0c3-ff1cec49b7a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13307", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnkvnu6k242s", "content": "", "creation_timestamp": "2025-04-24T14:19:28.463005Z"}, {"uuid": "d75b0d1a-7f09-4b65-8617-6644c63a7821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13303", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1190", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13303\n\ud83d\udd39 Description: Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2.\n\ud83d\udccf Published: 2025-01-09T20:24:30.952Z\n\ud83d\udccf Modified: 2025-01-10T17:55:12.067Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2024-069", "creation_timestamp": "2025-01-10T18:03:20.000000Z"}, {"uuid": "7a482933-bb59-433a-9e99-40240de7f9e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13302", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1189", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13302\n\ud83d\udd39 Description: Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing.This issue affects Pages Restriction Access: from 2.0.0 before 2.0.3.\n\ud83d\udccf Published: 2025-01-09T20:24:05.171Z\n\ud83d\udccf Modified: 2025-01-10T17:56:17.360Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2024-068", "creation_timestamp": "2025-01-10T18:03:17.000000Z"}, {"uuid": "e7ff6a80-3d92-44b8-b720-62047b99bad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13308", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1093", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13308\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.\n\ud83d\udccf Published: 2025-01-09T20:27:03.983Z\n\ud83d\udccf Modified: 2025-01-09T20:27:03.983Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2024-072", "creation_timestamp": "2025-01-09T21:18:03.000000Z"}, {"uuid": "89b40741-8907-46af-a7cd-495b0f8eedc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13304", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1191", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13304\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3.\n\ud83d\udccf Published: 2025-01-09T20:25:04.098Z\n\ud83d\udccf Modified: 2025-01-10T17:53:34.294Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2024-070", "creation_timestamp": "2025-01-10T18:03:22.000000Z"}, {"uuid": "426637a5-b74a-4510-a9ad-6f77147c0b47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4532", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13306\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Maps Plugin using Google Maps for WordPress  WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-02-15T06:30:51Z\n\ud83d\udccf Modified: 2025-02-15T06:30:51Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13306\n2. https://wpscan.com/vulnerability/ec3096f2-60fd-4654-9e95-5cf4b20b2990", "creation_timestamp": "2025-02-15T07:11:12.000000Z"}, {"uuid": "ea9e5915-14b9-4b80-8ea9-3c0bd1dbf684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13300", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1490", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13300\n\ud83d\udd39 Description: Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*.\n\ud83d\udccf Published: 2025-01-09T20:23:03.508Z\n\ud83d\udccf Modified: 2025-01-14T15:00:16.586Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2024-066", "creation_timestamp": "2025-01-14T15:11:20.000000Z"}, {"uuid": "b38eb385-e0bd-4cfd-af84-056f2f56c2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13309", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3533", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13309\n\ud83d\udd25 CVSS Score: 5.3 (CVSS_V3)\n\ud83d\udd39 Description: Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.\n\ud83d\udccf Published: 2025-01-09T21:31:32Z\n\ud83d\udccf Modified: 2025-01-31T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13309\n2. https://www.drupal.org/sa-contrib-2024-073", "creation_timestamp": "2025-01-31T01:12:14.000000Z"}, {"uuid": "5c66f039-852d-4922-bee2-74b0ce53b4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13308", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3537", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13308\n\ud83d\udd25 CVSS Score: 3.7 (CVSS_V3)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.\n\ud83d\udccf Published: 2025-01-09T21:31:32Z\n\ud83d\udccf Modified: 2025-01-31T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13308\n2. https://www.drupal.org/sa-contrib-2024-072", "creation_timestamp": "2025-01-31T01:12:20.000000Z"}, {"uuid": "9d4b912f-cd41-4d20-b499-af63d2f75124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4535", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13306\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-15T06:15:36.847\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/ec3096f2-60fd-4654-9e95-5cf4b20b2990/", "creation_timestamp": "2025-02-15T07:11:14.000000Z"}, {"uuid": "dad3218a-eedc-4620-bab2-c5534f4035a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13307", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13200", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13307\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales_delete_file', 'reales_delete_file_plans', 'reales_add_to_favourites', and 'reales_remove_from_favourites' functions in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary attachments, and add or remove favorite property listings for any user.\n\ud83d\udccf Published: 2025-04-24T08:23:51.329Z\n\ud83d\udccf Modified: 2025-04-24T08:23:51.329Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/cb94caa4-35a4-4aa3-8d25-263bbd58072a?source=cve\n2. https://themeforest.net/item/reales-wp-real-estate-wordpress-theme/10330568", "creation_timestamp": "2025-04-24T09:12:12.000000Z"}, {"uuid": "93d76b70-647f-4d16-ad5c-9fa07cec97b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13300", "type": "seen", "source": "https://t.me/cvedetector/14940", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13300 - Drupal Print Anything Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13300 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Vulnerability in Drupal Print Anything.This issue affects Print Anything: *.*. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:19.000000Z"}, {"uuid": "478b2ec6-f11a-4b9c-b0db-9b5d64856d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "https://t.me/cvedetector/18159", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13306 - Google Maps for WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13306 \nPublished : Feb. 15, 2025, 6:15 a.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : The Maps Plugin using Google Maps for WordPress  WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-15T08:30:32.000000Z"}, {"uuid": "e74f0540-18eb-4694-af32-680852a30f12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13307", "type": "seen", "source": "https://t.me/cvedetector/23669", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13307 - Reales WP Real Estate WordPress Theme Unauthenticated File Deletion and Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13307 \nPublished : April 24, 2025, 9:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales_delete_file', 'reales_delete_file_plans', 'reales_add_to_favourites', and 'reales_remove_from_favourites' functions in all versions up to, and including, 2.1.2. This makes it possible for unauthenticated attackers to delete arbitrary attachments, and add or remove favorite property listings for any user. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T13:03:57.000000Z"}, {"uuid": "2c3316cd-616d-4895-a518-83fb31aad704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13301", "type": "seen", "source": "https://t.me/cvedetector/14933", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13301 - Drupal OAuth & OpenID Connect Single Sign On - SSO Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13301 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On \u2013 SSO (OAuth/OIDC Client) allows Cross-Site Scripting (XSS).This issue affects OAuth & OpenID Connect Single Sign On \u2013 SSO (OAuth/OIDC Client): from 3.0.0 before 3.44.0, from 4.0.0 before 4.0.19. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:11.000000Z"}, {"uuid": "f6d32b38-c216-4168-b653-1de531dc33a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13302", "type": "seen", "source": "https://t.me/cvedetector/14934", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13302 - Drupal Pages Restriction Access Authorization Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-13302 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing.This issue affects Pages Restriction Access: from 2.0.0 before 2.0.3. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:11.000000Z"}, {"uuid": "9f5a0087-b043-43b2-85ee-96af28354280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13309", "type": "seen", "source": "https://t.me/cvedetector/14930", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13309 - Drupal Login Disable Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-13309 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:05.000000Z"}, {"uuid": "04f75c55-9a85-4039-958d-0cae06e829b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13308", "type": "seen", "source": "https://t.me/cvedetector/14929", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13308 - Drupal Browser Back Button Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-13308 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:04.000000Z"}, {"uuid": "926bc930-0941-4969-b75a-141add994f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13305", "type": "seen", "source": "https://t.me/cvedetector/14928", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13305 - Drupal Entity Form Steps Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-13305 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Entity Form Steps allows Cross-Site Scripting (XSS).This issue affects Entity Form Steps: from 0.0.0 before 1.1.4. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:03.000000Z"}, {"uuid": "bc13eaa7-fcc1-4bd1-b33c-12029349efdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13304", "type": "seen", "source": "https://t.me/cvedetector/14927", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13304 - Drupal Minify JS CSRF Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-13304 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request Forgery.This issue affects Minify JS: from 0.0.0 before 3.0.3. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:02.000000Z"}, {"uuid": "86db191f-f93e-42db-a931-c7c1ff93cdd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13303", "type": "seen", "source": "https://t.me/cvedetector/14926", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13303 - Drupal Download All Files Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13303 \nPublished : Jan. 9, 2025, 9:15 p.m. | 28\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T22:48:01.000000Z"}, {"uuid": "c398e245-e7ec-4af0-bef5-d7d698166b03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13306", "type": "seen", "source": "Telegram/pc2hfXyg3BzfV-bL87T4G8bZslDfiNbcmjXJHyH0c-gvOy7f", "content": "", "creation_timestamp": "2025-02-15T23:50:18.000000Z"}]}