Search criteria
6 vulnerabilities found for infility_global by infility
CVE-2024-12723 (GCVE-0-2024-12723)
Vulnerability from nvd – Published: 2025-01-28 06:00 – Updated: 2025-01-28 15:15
VLAI?
Title
Infility Global <= 2.9.8 - Reflected XSS
Summary
The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Severity ?
6.1 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Infility Global |
Affected:
0 , ≤ 2.9.8
(semver)
|
Credits
Hassan Khan Yusufzai - Splint3r7
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12723",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T15:12:50.776241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:15:18.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Infility Global",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hassan Khan Yusufzai - Splint3r7"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T06:00:04.840Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/d9053b8b-c05c-42fd-913e-f85c799df807/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Infility Global \u003c= 2.9.8 - Reflected XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-12723",
"datePublished": "2025-01-28T06:00:04.840Z",
"dateReserved": "2024-12-17T17:50:31.368Z",
"dateUpdated": "2025-01-28T15:15:18.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12290 (GCVE-0-2024-12290)
Vulnerability from nvd – Published: 2025-01-07 04:22 – Updated: 2025-01-07 16:23
VLAI?
Title
Infility Global <= 2.9.8 - Reflected Cross-Site Scripting via set_type Parameter
Summary
The Infility Global plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘set_type’ parameter in all versions up to, and including, 2.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| infility | Infility Global |
Affected:
* , ≤ 2.9.8
(semver)
|
Credits
Dale Mavers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12290",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T15:54:10.930693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T16:23:24.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Infility Global",
"vendor": "infility",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dale Mavers"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Infility Global plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018set_type\u2019 parameter in all versions up to, and including, 2.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T04:22:00.720Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6127576b-5ce2-4a3e-95de-8a2b3d90d3a0?source=cve"
},
{
"url": "https://wordpress.org/plugins/infility-global/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-06T16:09:03.000+00:00",
"value": "Disclosed"
}
],
"title": "Infility Global \u003c= 2.9.8 - Reflected Cross-Site Scripting via set_type Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12290",
"datePublished": "2025-01-07T04:22:00.720Z",
"dateReserved": "2024-12-05T22:11:30.770Z",
"dateUpdated": "2025-01-07T16:23:24.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11496 (GCVE-0-2024-11496)
Vulnerability from nvd – Published: 2025-01-07 04:22 – Updated: 2025-01-07 16:19
VLAI?
Title
Infility Global <= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options Update
Summary
The Infility Global plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the infility_global_ajax function in all versions up to, and including, 2.9.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options and potentially break the site.
Severity ?
6.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| infility | Infility Global |
Affected:
* , ≤ 2.9.8
(semver)
|
Credits
Francesco Carlucci
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T15:53:32.288942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T16:19:18.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Infility Global",
"vendor": "infility",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Infility Global plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the infility_global_ajax function in all versions up to, and including, 2.9.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options and potentially break the site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T04:22:20.164Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0fd1c19-b752-4562-9365-165d709b91b2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/infility-global/trunk/infility_global.php#L121"
},
{
"url": "https://plugins.trac.wordpress.org/browser/infility-global/trunk/include/class/action.class.php#L80"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-02T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-01-06T16:09:04.000+00:00",
"value": "Disclosed"
}
],
"title": "Infility Global \u003c= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-11496",
"datePublished": "2025-01-07T04:22:20.164Z",
"dateReserved": "2024-11-20T09:50:53.415Z",
"dateUpdated": "2025-01-07T16:19:18.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12723 (GCVE-0-2024-12723)
Vulnerability from cvelistv5 – Published: 2025-01-28 06:00 – Updated: 2025-01-28 15:15
VLAI?
Title
Infility Global <= 2.9.8 - Reflected XSS
Summary
The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Severity ?
6.1 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Infility Global |
Affected:
0 , ≤ 2.9.8
(semver)
|
Credits
Hassan Khan Yusufzai - Splint3r7
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12723",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T15:12:50.776241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:15:18.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Infility Global",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hassan Khan Yusufzai - Splint3r7"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T06:00:04.840Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/d9053b8b-c05c-42fd-913e-f85c799df807/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Infility Global \u003c= 2.9.8 - Reflected XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-12723",
"datePublished": "2025-01-28T06:00:04.840Z",
"dateReserved": "2024-12-17T17:50:31.368Z",
"dateUpdated": "2025-01-28T15:15:18.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-11496 (GCVE-0-2024-11496)
Vulnerability from cvelistv5 – Published: 2025-01-07 04:22 – Updated: 2025-01-07 16:19
VLAI?
Title
Infility Global <= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options Update
Summary
The Infility Global plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the infility_global_ajax function in all versions up to, and including, 2.9.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options and potentially break the site.
Severity ?
6.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| infility | Infility Global |
Affected:
* , ≤ 2.9.8
(semver)
|
Credits
Francesco Carlucci
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T15:53:32.288942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T16:19:18.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Infility Global",
"vendor": "infility",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Infility Global plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the infility_global_ajax function in all versions up to, and including, 2.9.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin options and potentially break the site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T04:22:20.164Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d0fd1c19-b752-4562-9365-165d709b91b2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/infility-global/trunk/infility_global.php#L121"
},
{
"url": "https://plugins.trac.wordpress.org/browser/infility-global/trunk/include/class/action.class.php#L80"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-02T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-01-06T16:09:04.000+00:00",
"value": "Disclosed"
}
],
"title": "Infility Global \u003c= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-11496",
"datePublished": "2025-01-07T04:22:20.164Z",
"dateReserved": "2024-11-20T09:50:53.415Z",
"dateUpdated": "2025-01-07T16:19:18.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12290 (GCVE-0-2024-12290)
Vulnerability from cvelistv5 – Published: 2025-01-07 04:22 – Updated: 2025-01-07 16:23
VLAI?
Title
Infility Global <= 2.9.8 - Reflected Cross-Site Scripting via set_type Parameter
Summary
The Infility Global plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘set_type’ parameter in all versions up to, and including, 2.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| infility | Infility Global |
Affected:
* , ≤ 2.9.8
(semver)
|
Credits
Dale Mavers
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12290",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T15:54:10.930693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T16:23:24.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Infility Global",
"vendor": "infility",
"versions": [
{
"lessThanOrEqual": "2.9.8",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dale Mavers"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Infility Global plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018set_type\u2019 parameter in all versions up to, and including, 2.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T04:22:00.720Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6127576b-5ce2-4a3e-95de-8a2b3d90d3a0?source=cve"
},
{
"url": "https://wordpress.org/plugins/infility-global/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-06T16:09:03.000+00:00",
"value": "Disclosed"
}
],
"title": "Infility Global \u003c= 2.9.8 - Reflected Cross-Site Scripting via set_type Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12290",
"datePublished": "2025-01-07T04:22:00.720Z",
"dateReserved": "2024-12-05T22:11:30.770Z",
"dateUpdated": "2025-01-07T16:23:24.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}