{"vulnerability": "cve-2024-4324", "sightings": [{"uuid": "45b92267-184e-48c8-ac7d-199e0f57bc9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43243", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113786912396755275", "content": "", "creation_timestamp": "2025-01-07T11:48:15.299515Z"}, {"uuid": "cfc58caa-7cf4-41c8-ac9e-19c42063290c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43243", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf5ldfpvs52q", "content": "", "creation_timestamp": "2025-01-07T11:48:30.434557Z"}, {"uuid": "5d6e33a8-d4ab-482b-868a-4624db6be9ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43243", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113786703646335979", "content": "", "creation_timestamp": "2025-01-07T10:55:10.257841Z"}, {"uuid": "d2f1b80a-6508-4995-9e5b-0d1dce29d58c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43243", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jid6wkf2f", "content": "", "creation_timestamp": "2025-01-07T11:15:25.672881Z"}, {"uuid": "1ca7f1d5-f31f-4097-a79f-f4c143dbded0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43247", "type": "seen", "source": "https://t.me/cvedetector/3551", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43247 - Creativeon WHMpress Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43247 \nPublished : Aug. 19, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T21:03:03.000000Z"}, {"uuid": "c97b218b-a73d-4b2e-874c-4f5c3ddddb34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/395", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43243\n\ud83d\udd39 Description: Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGlow JobBoard Job listing allows Upload a Web Shell to a Web Server.This issue affects JobBoard Job listing: from n/a through 1.2.6.\n\ud83d\udccf Published: 2025-01-07T10:49:36.445Z\n\ud83d\udccf Modified: 2025-01-07T10:49:36.445Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/job-board-light/vulnerability/wordpress-jobboard-job-listing-plugin-1-2-6-arbitrary-file-upload-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T11:37:34.000000Z"}, {"uuid": "cd990fbf-c70b-4942-9fee-7fe1db88a912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43245", "type": "seen", "source": "https://t.me/cvedetector/3550", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43245 - EYECIX JobSearch Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-43245 \nPublished : Aug. 19, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T21:03:02.000000Z"}, {"uuid": "080c25d3-658c-4aac-985e-9a4001201689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43242", "type": "seen", "source": "https://t.me/cvedetector/3549", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43242 - Azzaroco Ultimate Membership Pro Deserialization Object Injection\", \n  \"Content\": \"CVE ID : CVE-2024-43242 \nPublished : Aug. 19, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6. \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T21:03:01.000000Z"}, {"uuid": "865b8b39-f0d7-4628-b7e0-0e8d30531660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43248", "type": "seen", "source": "https://t.me/cvedetector/3548", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43248 - Bit Apps Bit Form Pro Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43248 \nPublished : Aug. 19, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T21:03:00.000000Z"}, {"uuid": "6767edc6-7809-41c0-95fa-f21bf08b238a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43249", "type": "seen", "source": "https://t.me/cvedetector/3544", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43249 - Bit Apps Bit Form Pro Unrestricted File Upload Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43249 \nPublished : Aug. 19, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T21:02:54.000000Z"}, {"uuid": "8b109715-e636-4012-8211-94ec08f79dea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43241", "type": "seen", "source": "https://t.me/cvedetector/3497", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43241 - Azzaroco Ultimate Membership Pro Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-43241 \nPublished : Aug. 18, 2024, 10:15 p.m. | 34\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azzaroco Ultimate Membership Pro allows Reflected XSS.This issue affects Ultimate Membership Pro: from n/a through 12.6. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T00:58:45.000000Z"}, {"uuid": "974994db-e391-404b-a985-1c73ef45dcca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43243", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mmxhayoqf62w", "content": "CVE-2024-43243 - Critical Arbitrary File Upload in Themeglow JobBoard plugin. CVSS 10. Upload a web shell to the server. No patch available. Disable immediately. #CVE #WordPress #infosec\n\nhttps://www.valtersit.com/cve/CVE-2024-43243/", "creation_timestamp": "2026-05-29T02:07:19.121134Z"}, {"uuid": "30b3b66f-81eb-4a7d-9352-a5e8f208f27c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43240", "type": "seen", "source": "https://t.me/cvedetector/3531", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43240 - Azzaroco Ultimate Membership Pro Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43240 \nPublished : Aug. 19, 2024, 5:15 p.m. | 40\u00a0minutes ago \nDescription : Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege Escalation.This issue affects Ultimate Membership Pro: from n/a through 12.6. \nSeverity: 9.4 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-19T20:12:29.000000Z"}]}