{"vulnerability": "CVE-2024-2348", "sightings": [{"uuid": "ebb65ab0-8a9c-4bfd-a164-7ffde8e3ad60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23486", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkon27ncrj2g", "content": "", "creation_timestamp": "2025-03-18T21:40:20.892528Z"}, {"uuid": "16476393-5d6f-4413-bd5c-a9e269d8766d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2348", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5561", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2348\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Meta widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2024-04-09T18:59:13.691Z\n\ud83d\udccf Modified: 2025-02-26T18:17:00.952Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/ade1eddf-cfcc-4956-8015-8d9a592cc252?source=cve\n2. https://plugins.trac.wordpress.org/browser/gum-elementor-addon/trunk/widgets/blog_post_meta.php#L1171\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3051383%40gum-elementor-addon&new=3051383%40gum-elementor-addon&sfp_email=&sfph_mail=", "creation_timestamp": "2025-02-26T18:24:05.000000Z"}, {"uuid": "7ebba2a7-1d7b-4b36-9c88-6dab2266370f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23485", "type": "seen", "source": "https://t.me/cvedetector/625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-23485 - Improperly Preserved Integrity of Hardware Configu\", \n  \"Content\": \"CVE ID : CVE-2024-23485 \nPublished : July 11, 2024, 3:15 a.m. | 23\u00a0minutes ago \nDescription : Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation (CWE-1304) in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access.\u00a0  \n  \nThis issue affects:\u00a0Gallagher Controller 6000 and 7000\u00a09.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)), \u00a08.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)),\u00a08.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior. \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T05:46:24.000000Z"}, {"uuid": "c4ba2a65-e042-4f0f-ae7b-98584bab708d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23488", "type": "seen", "source": "https://t.me/ctinow/196410", "content": "https://ift.tt/PIv43OC\nCVE-2024-23488", "creation_timestamp": "2024-02-29T09:31:45.000000Z"}, {"uuid": "844fcdfe-5b87-4cd9-bfe0-56a69fdb5586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23488", "type": "seen", "source": "https://t.me/ctinow/196386", "content": "https://ift.tt/PIv43OC\nCVE-2024-23488", "creation_timestamp": "2024-02-29T09:26:54.000000Z"}]}