{"uuid": "16013336-1dbd-4a42-9f13-37cd0ec8ffd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://t.me/cvedetector/13971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11972 - WordPress Hunk Companion Unauthorized Plugin Installation and Activation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11972 \nPublished : Dec. 31, 2024, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T07:51:01.000000Z"}