{"vulnerability": "CVE-2024-1197", "sightings": [{"uuid": "44071430-a7cb-4373-b553-4ae0d2fed120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1197", "type": "seen", "source": "https://t.me/ctinow/178336", "content": "https://ift.tt/WKOembZ\nCVE-2024-1197", "creation_timestamp": "2024-02-03T00:31:38.000000Z"}, {"uuid": "14d542a4-b004-474d-b77a-4c78ece1a70d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11978", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113563832998323833", "content": "", "creation_timestamp": "2024-11-29T02:16:14.046124Z"}, {"uuid": "195b484d-5cd0-4c11-9b00-c193f5684519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11979", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113563833013964238", "content": "", "creation_timestamp": "2024-11-29T02:16:14.492450Z"}, {"uuid": "1cd5bafc-8031-4da2-a5ab-132aace0d09a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11970", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113562855088023402", "content": "", "creation_timestamp": "2024-11-28T22:07:31.621955Z"}, {"uuid": "be401608-ce4e-43d3-8eab-0faf5f6f1e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11971", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113562855124391282", "content": "", "creation_timestamp": "2024-11-28T22:07:32.354755Z"}, {"uuid": "b1f4a008-866e-416e-959d-d16dbe80450b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11973", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113627836194244480", "content": "", "creation_timestamp": "2024-12-10T09:33:04.788827Z"}, {"uuid": "e1d433f7-70af-4e9d-8898-845928bd1287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11977", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113689178079591745", "content": "", "creation_timestamp": "2024-12-21T05:33:07.653420Z"}, {"uuid": "c31f684f-e405-47a4-8b1b-e35560d1f4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html", "content": "", "creation_timestamp": "2024-12-12T08:18:00.000000Z"}, {"uuid": "218b9b3a-0400-4181-aa2a-5e7893839aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113652359388170754", "content": "", "creation_timestamp": "2024-12-14T17:29:43.037232Z"}, {"uuid": "13e628ca-b2f4-4f12-8995-f716f22e0686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://social.circl.lu/users/vulnerability_lookup/statuses/113655498042293128", "content": "", "creation_timestamp": "2024-12-15T06:47:51.610721Z"}, {"uuid": "78d93019-4cc0-4fd7-a898-c38c4664feb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113745941952359157", "content": "", "creation_timestamp": "2024-12-31T06:08:55.693586Z"}, {"uuid": "3b468ad9-1029-4e66-a2bf-8107b1d0fd49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3m4aq7tb2mr2j", "content": "", "creation_timestamp": "2025-10-28T10:33:24.987715Z"}, {"uuid": "a8ab1702-3e19-4088-b279-a5e1102373c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-91df1732-73af074958dee773", "content": "", "creation_timestamp": "2025-10-29T07:57:31.889384Z"}, {"uuid": "167e81d5-b420-45d4-8099-4168b2eb8648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-11972.yaml", "content": "", "creation_timestamp": "2025-08-29T15:47:56.000000Z"}, {"uuid": "e8f3709a-2d0f-4373-a5d1-dbde43648d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lxuzbcklf62b", "content": "", "creation_timestamp": "2025-09-02T21:02:34.277786Z"}, {"uuid": "be372c3d-be45-4e0d-ae39-96a443647a42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11976", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f70c78d37356986e9bbe7eac93b9d71e", "content": "", "creation_timestamp": "2026-01-23T07:43:54.000000Z"}, {"uuid": "5714f488-eb38-4283-8502-b5355ef66698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11976", "type": "seen", "source": "https://gist.github.com/Darkcrai86/937853a754acb94821530e1119327db3", "content": "", "creation_timestamp": "2026-01-23T08:46:15.000000Z"}, {"uuid": "c671dcfd-a291-4101-be18-66445491bc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://t.me/CyberBulletin/1742", "content": "\u26a1\ufe0fActive Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-13T12:45:24.000000Z"}, {"uuid": "48e2bae9-3189-4608-a336-02998e442955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11974", "type": "seen", "source": "https://t.me/cvedetector/14269", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11974 - WordPress Media Library Assistant Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-11974 \nPublished : Jan. 4, 2025, 8:15 a.m. | 26\u00a0minutes ago \nDescription : The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018smc_settings_tab', 'unattachfixit-action', and 'woofixit-action\u2019 parameters in all versions up to, and including, 3.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-04T09:44:33.000000Z"}, {"uuid": "f0c66c8f-637b-4843-b270-164346ad07a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11973", "type": "seen", "source": "https://t.me/cvedetector/12489", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11973 - \"Quran Multilanguage Text & Audio for WordPress Reflected Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11973 \nPublished : Dec. 10, 2024, 10:15 a.m. | 19\u00a0minutes ago \nDescription : The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versions up to, and including, 2.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T11:37:13.000000Z"}, {"uuid": "16013336-1dbd-4a42-9f13-37cd0ec8ffd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://t.me/cvedetector/13971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11972 - WordPress Hunk Companion Unauthorized Plugin Installation and Activation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11972 \nPublished : Dec. 31, 2024, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T07:51:01.000000Z"}, {"uuid": "9fa857c6-4f51-48f9-95bb-b0f17f1177f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "Telegram/w325E41di4scLZAZeav1H5x7KtwWQEG9CnYV1IaJHJrRvx4", "content": "", "creation_timestamp": "2025-01-30T04:00:07.000000Z"}, {"uuid": "33d31dcb-d05f-470a-8a4c-6361cb11a4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ln6ztjogvx2t", "content": "", "creation_timestamp": "2025-04-19T21:02:17.791926Z"}, {"uuid": "ac0f33a4-6eb4-4165-b155-98bddd8bb0d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://www.wordfence.com/blog/2025/10/mass-exploit-campaign-targeting-arbitrary-plugin-installation-vulnerabilities/", "content": "", "creation_timestamp": "2025-10-24T07:29:32.722937Z"}, {"uuid": "75dcdc6b-a2d0-4a2a-bf19-454f2935d908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://gist.github.com/Darkcrai86/95fecaab4bd13df2c4a53b0485496346", "content": "", "creation_timestamp": "2025-10-27T09:33:51.000000Z"}, {"uuid": "47d4c206-6360-4537-8b47-e981d40654fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10527", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-11972 in Hunk Companion <1.9.0 allows unauthenticated attackers to exploit insecure REST API endpoints and install vulnerable plugins, risking RCE, SQLi, XSS, and backdoors.\nURL\uff1ahttps://github.com/RonF98/CVE-2024-11972-POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-16T10:16:29.000000Z"}, {"uuid": "78033d33-6362-44a3-ba66-2429532a0049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11975", "type": "seen", "source": "https://t.me/cvedetector/13488", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11975 - Reactflow WordPress CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-11975 \nPublished : Dec. 21, 2024, 7:15 a.m. | 16\u00a0minutes ago \nDescription : The Reactflow Visitor Recording and Heatmaps plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.10. This is due to missing or incorrect nonce validation affecting the _wpnonce parameter. This makes it possible for unauthenticated attackers to inject malicious web scripts  via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-21T08:38:44.000000Z"}, {"uuid": "4f88df6f-a54f-42da-b4e9-5d8a2fe26588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11977", "type": "seen", "source": "https://t.me/cvedetector/13478", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11977 - WordPress kk Star Ratings - Rate Post & Collect User Feedbacks Arbitrary Shortcode Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11977 \nPublished : Dec. 21, 2024, 6:15 a.m. | 26\u00a0minutes ago \nDescription : The The kk Star Ratings \u2013 Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-21T07:48:24.000000Z"}, {"uuid": "55104245-5f22-4c2e-b8d2-dd935b6b5362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/six5zeroexploit/99", "content": "Hunk Companion Plugin (CVE-2024-11972) < 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "111a3e3e-2667-4d21-b260-2112c24df9aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "Telegram/XIN-Y3hp1jfTcvV6CwOqxxQXZ4MmKS7rtpP9E0VrlY837nw", "content": "", "creation_timestamp": "2025-01-30T04:00:12.000000Z"}, {"uuid": "dce2fe0c-2c11-41c4-a00a-f66d0cbe6a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/bads_community/1619", "content": "Hunk Companion Plugin (CVE-2024-11972) < 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "16f568d5-9263-44cd-bbb3-2a28058035b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/bads_community/88882", "content": "Hunk Companion Plugin (CVE-2024-11972) < 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "2c6b85a5-771c-4319-93e2-c8dcc4338311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/bads_group/88881", "content": "Hunk Companion Plugin (CVE-2024-11972) < 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:11.000000Z"}, {"uuid": "025ae5d3-59de-4a78-99e8-6d057f152671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/mad_hackers_community/452", "content": "Hunk Companion Plugin (CVE-2024-11972) < 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "76422140-d1dd-46c4-9761-c4f066389e9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1197", "type": "seen", "source": "https://t.me/ctinow/192775", "content": "https://ift.tt/yrT2ow6\nCVE-2024-1197 | SourceCodester Testimonial Page Manager 1.0 HTTP GET Request delete-testimonial.php testimony sql injection", "creation_timestamp": "2024-02-25T08:46:42.000000Z"}, {"uuid": "436324f2-e6ad-4a7c-8bcc-1a3f300269d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://t.me/thehackernews/6031", "content": "Critical flaw in Hunk Companion plugin (CVE-2024-11972, CVSS: 9.8) allows attackers to install vulnerable plugins, potentially leading to Remote Code Execution (RCE), SQL Injection, and administrative backdoors.\n\nOver 10,000 WordPress sites are at risk. Learn steps to secure your site now: https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html", "creation_timestamp": "2024-12-12T10:21:49.000000Z"}, {"uuid": "9cd6db63-2726-4a33-abff-610ae26859b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://t.me/CyberBulletin/26773", "content": "\u26a1\ufe0fActive Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-13T12:45:24.000000Z"}, {"uuid": "54f20eff-1f24-48ea-8f04-ab207c9c945f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/120", "content": "https://github.com/JunTakemura/exploit-CVE-2024-11972\n\nExploit for CVE-2024-11972, Hunk Companion < 1.9.0 Unauthenticated Plugin Installation\n#github #exploit", "creation_timestamp": "2024-12-16T15:22:06.000000Z"}, {"uuid": "5f1dc03a-dbac-4b11-91ee-17e66f9a8902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11977", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldsasqi2z525", "content": "", "creation_timestamp": "2024-12-21T06:15:42.972365Z"}, {"uuid": "9d7b5024-9646-4fee-936a-e11d46069381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11975", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113689636519016726", "content": "", "creation_timestamp": "2024-12-21T07:29:42.896507Z"}, {"uuid": "ae6e8984-3fee-45d6-aac3-e349895d856f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11975", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldse5t67pk2l", "content": "", "creation_timestamp": "2024-12-21T07:15:35.843231Z"}, {"uuid": "66ede060-0dbf-4ec5-a214-8d3decf47956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11974", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113768895235763086", "content": "", "creation_timestamp": "2025-01-04T07:26:19.629070Z"}, {"uuid": "bf963e03-1faa-47bc-952f-0fb67cada232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://vulnerability.circl.lu/comment/5e1cc667-8f06-4cde-b167-203c95a1038c", "content": "", "creation_timestamp": "2024-12-15T06:47:50.105587Z"}, {"uuid": "cc49b1f6-cc3a-4493-93c2-900c1adc7fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for CVE-2024-11972, Hunk Companion < 1.9.0 Unauthorized Plugin Installation\nURL\uff1ahttps://github.com/JunTakemura/exploit-CVE-2024-11972\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-15T23:57:11.000000Z"}, {"uuid": "d7722777-0b28-4209-b1c7-88c172159f8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/754", "content": "https://github.com/JunTakemura/exploit-CVE-2024-11972\n\nExploit for CVE-2024-11972, Hunk Companion < 1.9.0 Unauthenticated Plugin Installation\n#github #exploit", "creation_timestamp": "2024-12-18T10:36:45.000000Z"}, {"uuid": "36db9583-e735-404d-94ca-9a52a7553ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "Telegram/RBa58q_idYjvO_jZM7OsJuDtBOJrKzALplfH6PDIRDzGtw", "content": "", "creation_timestamp": "2024-12-12T14:52:32.000000Z"}]}