{"vulnerability": "CVE-2024-11972", "sightings": [{"uuid": "16013336-1dbd-4a42-9f13-37cd0ec8ffd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://t.me/cvedetector/13971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11972 - WordPress Hunk Companion Unauthorized Plugin Installation and Activation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11972 \nPublished : Dec. 31, 2024, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T07:51:01.000000Z"}, {"uuid": "d7722777-0b28-4209-b1c7-88c172159f8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/754", "content": "https://github.com/JunTakemura/exploit-CVE-2024-11972\n\nExploit for CVE-2024-11972, Hunk Companion &lt; 1.9.0 Unauthenticated Plugin Installation\n#github #exploit", "creation_timestamp": "2024-12-18T10:36:45.000000Z"}, {"uuid": "55104245-5f22-4c2e-b8d2-dd935b6b5362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/six5zeroexploit/99", "content": "Hunk Companion Plugin (CVE-2024-11972) &lt; 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "36db9583-e735-404d-94ca-9a52a7553ae5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "Telegram/RBa58q_idYjvO_jZM7OsJuDtBOJrKzALplfH6PDIRDzGtw", "content": "", "creation_timestamp": "2024-12-12T14:52:32.000000Z"}, {"uuid": "9fa857c6-4f51-48f9-95bb-b0f17f1177f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "Telegram/w325E41di4scLZAZeav1H5x7KtwWQEG9CnYV1IaJHJrRvx4", "content": "", "creation_timestamp": "2025-01-30T04:00:07.000000Z"}, {"uuid": "111a3e3e-2667-4d21-b260-2112c24df9aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "Telegram/XIN-Y3hp1jfTcvV6CwOqxxQXZ4MmKS7rtpP9E0VrlY837nw", "content": "", "creation_timestamp": "2025-01-30T04:00:12.000000Z"}, {"uuid": "dce2fe0c-2c11-41c4-a00a-f66d0cbe6a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/bads_community/1619", "content": "Hunk Companion Plugin (CVE-2024-11972) &lt; 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "16f568d5-9263-44cd-bbb3-2a28058035b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/bads_community/88882", "content": "Hunk Companion Plugin (CVE-2024-11972) &lt; 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "2c6b85a5-771c-4319-93e2-c8dcc4338311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/bads_group/88881", "content": "Hunk Companion Plugin (CVE-2024-11972) &lt; 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:11.000000Z"}, {"uuid": "025ae5d3-59de-4a78-99e8-6d057f152671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/mad_hackers_community/452", "content": "Hunk Companion Plugin (CVE-2024-11972) &lt; 1.9.0 - Unauthenticated Plugin Installation Exploit\n\n\u26a1\ufe0f Join Channel :- @team_threefox \ud83e\udd8a\n\n\ud83e\udd8a Dm for Buy :- @ThreeFoxBot", "creation_timestamp": "2024-12-19T16:29:14.000000Z"}, {"uuid": "9cd6db63-2726-4a33-abff-610ae26859b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://t.me/CyberBulletin/26773", "content": "\u26a1\ufe0fActive Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-13T12:45:24.000000Z"}, {"uuid": "54f20eff-1f24-48ea-8f04-ab207c9c945f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/120", "content": "https://github.com/JunTakemura/exploit-CVE-2024-11972\n\nExploit for CVE-2024-11972, Hunk Companion &lt; 1.9.0 Unauthenticated Plugin Installation\n#github #exploit", "creation_timestamp": "2024-12-16T15:22:06.000000Z"}, {"uuid": "c31f684f-e405-47a4-8b1b-e35560d1f4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html", "content": "", "creation_timestamp": "2024-12-12T08:18:00.000000Z"}, {"uuid": "218b9b3a-0400-4181-aa2a-5e7893839aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113652359388170754", "content": "", "creation_timestamp": "2024-12-14T17:29:43.037232Z"}, {"uuid": "13e628ca-b2f4-4f12-8995-f716f22e0686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://social.circl.lu/users/vulnerability_lookup/statuses/113655498042293128", "content": "", "creation_timestamp": "2024-12-15T06:47:51.610721Z"}, {"uuid": "33d31dcb-d05f-470a-8a4c-6361cb11a4ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ln6ztjogvx2t", "content": "", "creation_timestamp": "2025-04-19T21:02:17.791926Z"}, {"uuid": "3b468ad9-1029-4e66-a2bf-8107b1d0fd49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3m4aq7tb2mr2j", "content": "", "creation_timestamp": "2025-10-28T10:33:24.987715Z"}, {"uuid": "75dcdc6b-a2d0-4a2a-bf19-454f2935d908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://gist.github.com/Darkcrai86/95fecaab4bd13df2c4a53b0485496346", "content": "", "creation_timestamp": "2025-10-27T09:33:51.000000Z"}, {"uuid": "e8f3709a-2d0f-4373-a5d1-dbde43648d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lxuzbcklf62b", "content": "", "creation_timestamp": "2025-09-02T21:02:34.277786Z"}, {"uuid": "47d4c206-6360-4537-8b47-e981d40654fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/10527", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-11972 in Hunk Companion &lt;1.9.0 allows unauthenticated attackers to exploit insecure REST API endpoints and install vulnerable plugins, risking RCE, SQLi, XSS, and backdoors.\nURL\uff1ahttps://github.com/RonF98/CVE-2024-11972-POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-16T10:16:29.000000Z"}, {"uuid": "c671dcfd-a291-4101-be18-66445491bc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://t.me/CyberBulletin/1742", "content": "\u26a1\ufe0fActive Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-13T12:45:24.000000Z"}, {"uuid": "78d93019-4cc0-4fd7-a898-c38c4664feb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113745941952359157", "content": "", "creation_timestamp": "2024-12-31T06:08:55.693586Z"}, {"uuid": "a8ab1702-3e19-4088-b279-a5e1102373c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-91df1732-73af074958dee773", "content": "", "creation_timestamp": "2025-10-29T07:57:31.889384Z"}, {"uuid": "cc49b1f6-cc3a-4493-93c2-900c1adc7fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for CVE-2024-11972, Hunk Companion &lt; 1.9.0 Unauthorized Plugin Installation\nURL\uff1ahttps://github.com/JunTakemura/exploit-CVE-2024-11972\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-15T23:57:11.000000Z"}, {"uuid": "436324f2-e6ad-4a7c-8bcc-1a3f300269d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://t.me/thehackernews/6031", "content": "Critical flaw in Hunk Companion plugin (CVE-2024-11972, CVSS: 9.8) allows attackers to install vulnerable plugins, potentially leading to Remote Code Execution (RCE), SQL Injection, and administrative backdoors.\n\nOver 10,000 WordPress sites are at risk. Learn steps to secure your site now: https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html", "creation_timestamp": "2024-12-12T10:21:49.000000Z"}, {"uuid": "ac0f33a4-6eb4-4165-b155-98bddd8bb0d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "exploited", "source": "https://www.wordfence.com/blog/2025/10/mass-exploit-campaign-targeting-arbitrary-plugin-installation-vulnerabilities/", "content": "", "creation_timestamp": "2025-10-24T07:29:32.722937Z"}, {"uuid": "167e81d5-b420-45d4-8099-4168b2eb8648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-11972.yaml", "content": "", "creation_timestamp": "2025-08-29T15:47:56.000000Z"}, {"uuid": "bf963e03-1faa-47bc-952f-0fb67cada232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11972", "type": "seen", "source": "https://vulnerability.circl.lu/comment/5e1cc667-8f06-4cde-b167-203c95a1038c", "content": "", "creation_timestamp": "2024-12-15T06:47:50.105587Z"}]}