{"vulnerability": "cve-2024-10285", "sightings": [{"uuid": "d49cc1d6-6170-4162-9f72-c2a8fc3f2adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10285", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113450679730462510", "content": "", "creation_timestamp": "2024-11-09T02:39:51.486347Z"}, {"uuid": "8b1c51f5-6a35-4def-8874-6ead7c092a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10285", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3394", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10285\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-11-09T03:15:04.410\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/browser/ce21-suite/trunk/single-sign-on-ce21.php?rev=3097700#L237\n2. https://plugins.trac.wordpress.org/browser/ce21-suite/trunk/single-sign-on-ce21.php?rev=3097700#L281\n3. https://www.wordfence.com/threat-intel/vulnerabilities/id/618a9ad7-3a13-43e6-84f4-35287f07e1c0?source=cve", "creation_timestamp": "2025-01-29T19:18:36.000000Z"}, {"uuid": "82be25e7-b178-4d98-83d6-b5b6fb24db94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10285", "type": "seen", "source": "https://t.me/cvedetector/10261", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10285 - WordPress CE21 Suite Plugin JWT Sensitive Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-10285 \nPublished : Nov. 9, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to log in the user associated with the JWT token. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T04:55:26.000000Z"}]}