{"vulnerability": "CVE-2024-1333", "sightings": [{"uuid": "085b5bda-b43c-4261-a449-dfac0addd787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13333", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113842072385666285", "content": "", "creation_timestamp": "2025-01-17T05:36:09.457987Z"}, {"uuid": "e54bcd06-9509-4fa8-8069-72d3bf5e8cee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13333", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfw5fd2df72t", "content": "", "creation_timestamp": "2025-01-17T06:15:33.413733Z"}, {"uuid": "4bb771b5-3ef1-43ea-840d-bb256a7f62b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13333", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfw7jrx2z72g", "content": "", "creation_timestamp": "2025-01-17T06:53:51.250886Z"}, {"uuid": "a4c95f33-3141-46ec-9cc0-3a5cb428e3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13332", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhdt4bulkm2e", "content": "", "creation_timestamp": "2025-02-04T10:14:01.442898Z"}, {"uuid": "4e83f409-ecbf-4b31-bf6e-f6b77917d998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhdt4clko725", "content": "", "creation_timestamp": "2025-02-04T10:14:04.740396Z"}, {"uuid": "a67dce2e-fb7d-4daa-962b-66d728756aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhdt4cozua2y", "content": "", "creation_timestamp": "2025-02-04T10:14:05.310399Z"}, {"uuid": "83fa25f3-2cd4-4c11-91f4-635223b1eeef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13332", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdft6fq6e2f", "content": "", "creation_timestamp": "2025-02-04T06:16:16.671831Z"}, {"uuid": "35283c3f-7fad-46b1-92a5-87c087780173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdft3mpy62e", "content": "", "creation_timestamp": "2025-02-04T06:16:13.504647Z"}, {"uuid": "f06019f7-a610-4d9f-8d89-0542b17a5e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdfsz3t322i", "content": "", "creation_timestamp": "2025-02-04T06:16:10.988706Z"}, {"uuid": "7a5600ee-5d2c-4955-b175-041a91cd74a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944198729165110", "content": "", "creation_timestamp": "2025-02-04T06:28:18.651595Z"}, {"uuid": "16938357-3fe5-4415-b971-032c5e2033ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944257725945915", "content": "", "creation_timestamp": "2025-02-04T06:43:14.086299Z"}, {"uuid": "33f37f86-4907-4e70-a775-032e3ef41960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13332", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113944257740323451", "content": "", "creation_timestamp": "2025-02-04T06:43:14.847990Z"}, {"uuid": "450509ea-921f-4d4d-8a68-a87021e2aefa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13336", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijgtigepz2i", "content": "", "creation_timestamp": "2025-02-19T09:15:30.873370Z"}, {"uuid": "646a3086-4e47-40f2-b9a8-652d204daa24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13339", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijgtkwhnn23", "content": "", "creation_timestamp": "2025-02-19T09:15:33.393023Z"}, {"uuid": "e9777988-8e82-4ccc-9b41-e2a44c24ae96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13339", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijq3x4e7u26", "content": "", "creation_timestamp": "2025-02-19T12:01:22.099320Z"}, {"uuid": "c7c37e21-951c-43bc-86f8-f130daa013be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3memet7osym2i", "content": "", "creation_timestamp": "2026-02-11T21:03:05.052885Z"}, {"uuid": "ef1fc80a-0535-48bc-a29f-2bfda3d2499f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13331.yaml", "content": "", "creation_timestamp": "2026-02-06T16:02:04.000000Z"}, {"uuid": "aa14b9ca-f0e9-4d51-a3ee-2d89b618b082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mejue7xjma2q", "content": "", "creation_timestamp": "2026-02-10T21:02:59.043502Z"}, {"uuid": "360ef728-2246-4758-88e3-1e48cfddd165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13330.yaml", "content": "", "creation_timestamp": "2026-02-07T03:20:03.000000Z"}, {"uuid": "5df91918-13c1-4e8e-a043-1566f97d710b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13337", "type": "seen", "source": "https://gist.github.com/alon710/b98e74709e45ce1d97fc3eef0f77b652", "content": "", "creation_timestamp": "2026-01-24T21:30:46.000000Z"}, {"uuid": "3c7b7116-7851-4d90-a92b-5aca7be3d14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13337", "type": "seen", "source": "https://gist.github.com/alon710/d914cef57d3f53543037ad495b44bb69", "content": "", "creation_timestamp": "2026-01-24T21:30:47.000000Z"}, {"uuid": "31812d99-ef0d-4af7-8be8-dfe136f10874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13337", "type": "seen", "source": "https://gist.github.com/alon710/350d54a2bd3192801aa5fae40b7cb39c", "content": "", "creation_timestamp": "2026-01-24T22:42:48.000000Z"}, {"uuid": "d7f3f87c-0070-41d1-b8dd-1b57c4b3c779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13334", "type": "seen", "source": "https://t.me/cvedetector/15403", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13334 - WordPress Car Demon Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13334 \nPublished : Jan. 15, 2025, 4:15 a.m. | 35\u00a0minutes ago \nDescription : The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_condition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T05:54:40.000000Z"}, {"uuid": "88751326-89c3-4e98-8487-f6dab78734ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13339", "type": "seen", "source": "https://t.me/cvedetector/18420", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13339 - WordPress DeBounce Email Validator CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13339 \nPublished : Feb. 19, 2025, 9:15 a.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.6. This is due to missing or incorrect nonce validation on the 'debounce_email_validator' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T12:03:04.000000Z"}, {"uuid": "39a704d4-a6e6-4af1-853b-25c332209f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13336", "type": "seen", "source": "https://t.me/cvedetector/18419", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13336 - WordPress Disable Auto Updates CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-13336 \nPublished : Feb. 19, 2025, 9:15 a.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'disable-auto-updates' page. This makes it possible for unauthenticated attackers to disable all auto updates via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T12:03:03.000000Z"}, {"uuid": "1cedf8b5-c6a2-4aa8-82f3-dc29ffc633b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13335", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2893", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13335\n\ud83d\udd39 Description: The Spexo Addons for Elementor \u2013 Free Elementor Addons, Widgets and Templates plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the tmpcoder_theme_install_func() function in all versions up to, and including, 1.0.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install a theme.\n\ud83d\udccf Published: 2025-01-24T11:07:32.551Z\n\ud83d\udccf Modified: 2025-01-24T11:07:32.551Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/4edc7ef9-33db-4433-8ef2-cd06089ee8d5?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3227353/sastra-essential-addons-for-elementor/trunk/inc/wizard/wizard-ajax-api.php", "creation_timestamp": "2025-01-24T12:04:46.000000Z"}, {"uuid": "6a47890a-5fe6-4a72-b67a-26985db84519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13334", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1699", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13334\n\ud83d\udd39 Description: The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_condition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-01-15T03:22:29.099Z\n\ud83d\udccf Modified: 2025-01-15T03:22:29.099Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/6d50b1c0-9687-4ce2-bfba-c2d6a2fc28dd?source=cve\n2. https://plugins.trac.wordpress.org/browser/car-demon/trunk/search/search-form.php", "creation_timestamp": "2025-01-15T04:14:44.000000Z"}, {"uuid": "e90c4c2f-8ca0-4c7d-a314-0500163d4da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13333", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2098", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13333\n\ud83d\udd39 Description: The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fma_local_file_system' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload permissions granted by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. The function can be exploited only if the \"Display .htaccess?\" setting is enabled.\n\ud83d\udccf Published: 2025-01-17T05:29:27.068Z\n\ud83d\udccf Modified: 2025-01-17T05:29:27.068Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/1c8bcbf8-1848-4f7a-89d8-5894de0bb18b?source=cve\n2. https://plugins.trac.wordpress.org/browser/file-manager-advanced/trunk/application/class_fma_connector.php?rev=3200092#L78\n3. https://plugins.trac.wordpress.org/changeset/3222740/", "creation_timestamp": "2025-01-17T05:56:42.000000Z"}, {"uuid": "aaec5692-4415-4616-a510-32b0fc12e004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13337", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11547", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13337\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Clearfy Cache \u2013 WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcr_clearfy' page. This makes it possible for unauthenticated attackers to update the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-04-12T06:37:18.373Z\n\ud83d\udccf Modified: 2025-04-12T06:37:18.373Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/d7f21dbe-f300-4336-9980-a69d40395f39?source=cve\n2. https://github.dev/WordPressPluginDirectory/clearfy\n3. https://plugins.trac.wordpress.org/changeset/3268278/clearfy/trunk/libs/factory/templates/pages/setup-parts/class-step-form.php", "creation_timestamp": "2025-04-12T06:51:44.000000Z"}, {"uuid": "8ce99ef3-bda3-41a4-b46c-77550cb1fbf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13338", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11545", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13338\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Clearfy Cache \u2013 WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfy_cache_delete functionality . This makes it possible for unauthenticated attackers to clear the cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-04-12T06:37:19.675Z\n\ud83d\udccf Modified: 2025-04-12T06:37:19.675Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e0a37ce4-9860-415e-bb88-545c30c95fc1?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3268278/clearfy/trunk/components/cache/includes/cache.php", "creation_timestamp": "2025-04-12T06:51:43.000000Z"}, {"uuid": "97cb662c-238e-428a-8bcf-5111932eaaa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13338", "type": "seen", "source": "https://t.me/cvedetector/22797", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13338 - Clearfy Cache - WordPress CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-13338 \nPublished : April 12, 2025, 7:15 a.m. | 59\u00a0minutes ago \nDescription : The Clearfy Cache \u2013 WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation on the wclearfy_cache_delete functionality . This makes it possible for unauthenticated attackers to clear the cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-12T10:50:29.000000Z"}, {"uuid": "8658fe01-50ab-44e2-8b40-a789b81fa2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13337", "type": "seen", "source": "https://t.me/cvedetector/22796", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13337 - Clearfy Cache \u2013 WordPress optimization plugin Cross-Site Request Forgery (CSRF) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13337 \nPublished : April 12, 2025, 7:15 a.m. | 59\u00a0minutes ago \nDescription : The Clearfy Cache \u2013 WordPress optimization plugin, Minify HTML, CSS &amp; JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.2. This is due to missing or incorrect nonce validation on the 'setup-wbcr_clearfy' page. This makes it possible for unauthenticated attackers to update the plugins settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-12T10:50:28.000000Z"}, {"uuid": "b877d434-7a95-41e7-8896-9567d77a111f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13332", "type": "seen", "source": "https://t.me/cvedetector/17152", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13332 - TransFinanz WordPress Plugin Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13332 \nPublished : Feb. 4, 2025, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The TransFinanz WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T08:02:12.000000Z"}, {"uuid": "456da244-bf79-48ae-b7b5-5225a0b3ec08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "seen", "source": "https://t.me/cvedetector/17151", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13331 - \"WP Dream Carousel Reflected Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13331 \nPublished : Feb. 4, 2025, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T08:02:11.000000Z"}, {"uuid": "e6b65182-8250-4d24-b64b-babf861bd244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "seen", "source": "https://t.me/cvedetector/17150", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13330 - JustRows Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13330 \nPublished : Feb. 4, 2025, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The JustRows free WordPress plugin through 0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T08:02:11.000000Z"}, {"uuid": "8cd32925-174b-4eac-bf61-468d92442ebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13333", "type": "seen", "source": "https://t.me/cvedetector/15682", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13333 - WordPress Advanced File Manager Plugin Remote File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13333 \nPublished : Jan. 17, 2025, 6:15 a.m. | 41\u00a0minutes ago \nDescription : The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fma_local_file_system' function in versions 5.2.12 to 5.2.13. This makes it possible for authenticated attackers, with Subscriber-level access and above and upload permissions granted by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. The function can be exploited only if the \"Display .htaccess?\" setting is enabled. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-17T08:25:44.000000Z"}, {"uuid": "5f7274a0-cb03-4b83-b290-32d017d870ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13332", "type": "seen", "source": "Telegram/51e2dW2LHv8TlXiZ2c5gKE8o0cZYHiBHlfHVF7mfFqJShHs4", "content": "", "creation_timestamp": "2025-02-06T02:40:21.000000Z"}, {"uuid": "7decccda-865c-4969-b1d5-20805192185a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13331", "type": "seen", "source": "Telegram/iYHmcUyUGBzZ455AbIThM8gs-yPn1regJsueYnK_kNhncMjJ", "content": "", "creation_timestamp": "2025-02-06T02:40:21.000000Z"}, {"uuid": "05c63e17-f873-4780-b711-eeaf99daeda6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13330", "type": "seen", "source": "Telegram/YLj3n4y0YaCCMlBIvUpYGxMyVfvdHPP3MqBvj5hXQzgVy_Nb", "content": "", "creation_timestamp": "2025-02-06T02:40:21.000000Z"}, {"uuid": "2bd94f32-7e11-4aac-bcfe-0f8263f7a824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13339", "type": "seen", "source": "Telegram/3cyM9pvUY2a1yqRlJYw75vl03Qf6SHtmeG4O2buOJhfdOLER", "content": "", "creation_timestamp": "2025-02-19T15:39:58.000000Z"}, {"uuid": "1278220c-dc32-43d6-a43a-9b8162a9999a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13336", "type": "seen", "source": "Telegram/BOl-ElAC7JkOZ-ESooRIOvRVfi7XSkqzCfws2DEM5MTh0EQV", "content": "", "creation_timestamp": "2025-02-19T15:39:53.000000Z"}, {"uuid": "46e6b7f1-c1da-4389-9759-a1a6f814b69e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1333", "type": "seen", "source": "https://t.me/ctinow/210756", "content": "https://ift.tt/NP4nVGM\nCVE-2024-1333", "creation_timestamp": "2024-03-18T17:26:53.000000Z"}, {"uuid": "944a249c-8b84-4e0e-960c-06a8a10d7104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1333", "type": "seen", "source": "https://t.me/ctinow/210770", "content": "https://ift.tt/NP4nVGM\nCVE-2024-1333", "creation_timestamp": "2024-03-18T17:31:58.000000Z"}]}