{"vulnerability": "CVE-2024-3901", "sightings": [{"uuid": "5fc17f6b-6fa6-4dfe-8547-598d365a8e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39012", "type": "seen", "source": "https://t.me/cvedetector/2068", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39012 - AIS-LTD Strategyen Prototype Pollution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39012 \nPublished : July 30, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function mergeObjects. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T23:16:23.000000Z"}, {"uuid": "249508af-9d60-4879-aee8-0165b43c0aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3901", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16562", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3901\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts (like those with the contributor role) to conduct Stored XSS attacks.\n\ud83d\udccf Published: 2025-05-15T20:09:44.744Z\n\ud83d\udccf Modified: 2025-05-15T20:09:44.744Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/9502e1ac-346e-4431-90a6-61143d2df37b/", "creation_timestamp": "2025-05-15T20:33:47.000000Z"}, {"uuid": "d8b5d257-bdb5-455d-9e18-d928faecdbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39010", "type": "seen", "source": "https://t.me/cvedetector/2073", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39010 - Snapstate Prototype Pollution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39010 \nPublished : July 30, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T23:16:31.000000Z"}, {"uuid": "05a5cdce-625f-4a9c-aef8-c7b6bfaf75eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39011", "type": "seen", "source": "https://t.me/cvedetector/2071", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39011 - Chargeover Redoc Prototype Pollution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39011 \nPublished : July 30, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the function mergeObjects. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T23:16:26.000000Z"}, {"uuid": "32e14fec-fe20-41d5-9a69-a1583b1dea05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39019", "type": "seen", "source": "https://t.me/cvedetector/134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39019 - idccms v1.35 was discovered to contain a Cross-Sit\", \n  \"Content\": \"CVE ID : CVE-2024-39019 \nPublished : July 5, 2024, 7:15 p.m. | 46\u00a0minutes ago \nDescription : idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-05T22:07:04.000000Z"}]}