{"vulnerability": "CVE-2024-1362", "sightings": [{"uuid": "9a13601e-c69a-45ee-8908-68126c980668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13623", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzhbuymmm2i", "content": "", "creation_timestamp": "2025-01-31T07:15:46.630926Z"}, {"uuid": "496d6611-07ec-42cc-97f0-b4064a8c2727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13624", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2024-13624.yaml", "content": "", "creation_timestamp": "2025-03-12T12:59:25.000000Z"}, {"uuid": "0c809d38-12a1-427d-9c43-9a10b6ed1fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13626", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lie3uaywwa2t", "content": "", "creation_timestamp": "2025-02-17T06:15:46.869569Z"}, {"uuid": "2e256ab0-5bc0-4356-ad78-b0631ba3de52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13627", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lie3uddor72g", "content": "", "creation_timestamp": "2025-02-17T06:15:49.070113Z"}, {"uuid": "22cb4c8a-a2db-4e5f-9270-dfccd5e947ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lie3u6qjqq2n", "content": "", "creation_timestamp": "2025-02-17T06:15:44.346038Z"}, {"uuid": "ce174afc-f2bf-4897-b301-52d8a7e2e6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liefctntbc2p", "content": "", "creation_timestamp": "2025-02-17T09:05:00.186158Z"}, {"uuid": "785128ee-2a49-4ed6-b424-367c4006600d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13626", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liefem5uc32y", "content": "", "creation_timestamp": "2025-02-17T09:05:59.874364Z"}, {"uuid": "3d5a253c-81e0-409a-94c9-854f788b3f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114017708458038008", "content": "", "creation_timestamp": "2025-02-17T06:02:43.364513Z"}, {"uuid": "aa4a7b80-b77e-423d-b690-3df45a60e4a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13626", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114017708471446669", "content": "", "creation_timestamp": "2025-02-17T06:02:43.455555Z"}, {"uuid": "671a62bc-b19e-4cfe-aaf7-ca542201a444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13627", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114017767473909832", "content": "", "creation_timestamp": "2025-02-17T06:17:43.779377Z"}, {"uuid": "404d1d8b-e0c4-4e23-8c88-0c438e16a751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13627", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liefembcxg2z", "content": "", "creation_timestamp": "2025-02-17T09:06:00.392507Z"}, {"uuid": "aac05063-532c-407e-b122-6ec447de9417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13622", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ligizthwnk2y", "content": "", "creation_timestamp": "2025-02-18T05:16:51.877528Z"}, {"uuid": "19411864-fd51-4597-87a0-5b2701b10bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13624", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lkbyl6xfzi2a", "content": "", "creation_timestamp": "2025-03-13T21:02:07.982787Z"}, {"uuid": "99e08105-a6df-4f41-91e8-79388324483e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3memet7rb4b2q", "content": "", "creation_timestamp": "2026-02-11T21:03:05.649835Z"}, {"uuid": "7ca54915-49be-4851-b597-31fc4542967a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13628", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13628.yaml", "content": "", "creation_timestamp": "2026-02-07T03:41:56.000000Z"}, {"uuid": "ed80011c-107e-411b-b1c5-a3feec5f8212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13627", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3memet7tqtn2s", "content": "", "creation_timestamp": "2026-02-11T21:03:06.130214Z"}, {"uuid": "e3a5ca57-5177-48db-aec1-cd9f254c379a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13627", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13627.yaml", "content": "", "creation_timestamp": "2026-02-07T03:34:54.000000Z"}, {"uuid": "d789e1f1-8d6d-4c5b-8987-521dd950d8e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13626", "type": "seen", "source": "https://t.me/cvedetector/18233", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13626 - \"VR-Frases WordPress Plugin Reflected Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13626 \nPublished : Feb. 17, 2025, 6:15 a.m. | 25\u00a0minutes ago \nDescription : The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T08:11:01.000000Z"}, {"uuid": "abbbc3c2-f405-435f-976a-3dd7a6a25e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13625.yaml", "content": "", "creation_timestamp": "2026-02-06T16:10:26.000000Z"}, {"uuid": "655c4603-8723-4d44-9c87-a49fe443500d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13622", "type": "seen", "source": "https://t.me/cvedetector/18288", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13622 - WooCommerce File Uploads Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-13622 \nPublished : Feb. 18, 2025, 5:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : The File Uploads Addon for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments uploaded by customers. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T09:17:00.000000Z"}, {"uuid": "05986149-98bf-4a34-ad0b-b60971f389d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13622", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4737", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13622\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: The File Uploads Addon for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments uploaded by customers.\n\ud83d\udccf Published: 2025-02-18T04:21:19.028Z\n\ud83d\udccf Modified: 2025-02-18T04:21:19.028Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/9f86bb77-7194-4a8d-b862-6f04d850017b?source=cve\n2. https://plugins.trac.wordpress.org/browser/woo-addon-uploads/trunk/woocommerce-addon-uploads.php#L80\n3. https://plugins.trac.wordpress.org/browser/woo-addon-uploads/trunk/includes/class-wau-front-end.php#L81", "creation_timestamp": "2025-02-18T07:56:47.000000Z"}, {"uuid": "6f778ce9-82a8-4906-9f9a-b47481b76b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "seen", "source": "https://t.me/cvedetector/18232", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13625 - \"Tube Video Ads Lite WordPress Reflected Cross-Site Scripting\"\", \n  \"Content\": \"CVE ID : CVE-2024-13625 \nPublished : Feb. 17, 2025, 6:15 a.m. | 25\u00a0minutes ago \nDescription : The Tube Video Ads Lite WordPress plugin through 1.5.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T08:11:00.000000Z"}, {"uuid": "501502b8-20e2-47c4-bb26-9a94aee24d53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13628", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5466", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13628\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP Pricing Table WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-02-26T06:00:09.177Z\n\ud83d\udccf Modified: 2025-02-26T06:00:09.177Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/34d6c8a2-e70d-485c-a217-4a569c16b079/", "creation_timestamp": "2025-02-26T06:25:17.000000Z"}, {"uuid": "cf56a2a2-7d02-4a89-876f-3d346f30dec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13624", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5467", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13624\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WPMovieLibrary WordPress plugin through 2.1.4.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-02-26T06:00:08.816Z\n\ud83d\udccf Modified: 2025-02-26T06:00:08.816Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c19b56cc-634f-420f-b6a0-9a10ad159049/", "creation_timestamp": "2025-02-26T06:25:18.000000Z"}, {"uuid": "f5a173cf-2310-4350-8c8e-c9afbe63b0f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13629", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5465", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13629\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The pushBIZ  WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-02-26T06:00:09.634Z\n\ud83d\udccf Modified: 2025-02-26T06:00:09.634Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/5ffb548c-14f1-499d-8bbf-6ecc632cbb8c/", "creation_timestamp": "2025-02-26T06:25:16.000000Z"}, {"uuid": "057d0620-4231-4bd7-99cc-5b1da091fe33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13623", "type": "seen", "source": "https://t.me/cvedetector/16886", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13623 - WooCommerce Order Export Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-13623 \nPublished : Jan. 31, 2025, 7:15 a.m. | 29\u00a0minutes ago \nDescription : The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.24 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain exported order information. The plugin is only vulnerable when 'Order data storage' is set to 'WordPress posts storage (legacy)', and cannot be exploited when the default option of 'High-performance order storage' is enabled. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T09:30:48.000000Z"}, {"uuid": "241e3480-8324-4c9c-9053-8e93c81e9c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13627", "type": "seen", "source": "https://t.me/cvedetector/18228", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13627 - \"OWL Carousel Slider WordPress Reflected Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13627 \nPublished : Feb. 17, 2025, 6:15 a.m. | 25\u00a0minutes ago \nDescription : The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T08:10:54.000000Z"}, {"uuid": "8946a271-e7cb-4f3e-905f-232814a81e4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1362", "type": "seen", "source": "https://t.me/ctinow/206916", "content": "https://ift.tt/a6HvJuL\nCVE-2024-1362 | Colibri Page Builder Plugin up to 1.0.253 on WordPress cp_shortcode_refresh cross-site request forgery (ID 3039597)", "creation_timestamp": "2024-03-13T17:11:56.000000Z"}, {"uuid": "4bede0bf-8111-44b8-b2dd-7ff12059b3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13625", "type": "seen", "source": "Telegram/BCjHr1BnuqgKO8Yp6a9IUq3UflwNLNm0Z4UZ2vzQGdQ2XnBy", "content": "", "creation_timestamp": "2025-02-17T15:38:32.000000Z"}, {"uuid": "6967f502-d76c-47ae-8887-6dfa61d2057f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1362", "type": "seen", "source": "https://t.me/ctinow/191682", "content": "https://ift.tt/9v4iGCY\nCVE-2024-1362", "creation_timestamp": "2024-02-23T12:26:24.000000Z"}, {"uuid": "5aff05f1-ade5-4613-bd1e-b2243c7d68be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1362", "type": "seen", "source": "https://t.me/ctinow/191678", "content": "https://ift.tt/9v4iGCY\nCVE-2024-1362", "creation_timestamp": "2024-02-23T12:26:20.000000Z"}]}