{"vulnerability": "CVE-2024-1372", "sightings": [{"uuid": "357a2add-5f1f-4188-acd5-f317e90f10fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113918025705481072", "content": "", "creation_timestamp": "2025-01-30T15:32:05.958747Z"}, {"uuid": "f11f3f4c-b949-4dbc-badd-ad73962e0432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113918327619055081", "content": "", "creation_timestamp": "2025-01-30T16:50:57.338022Z"}, {"uuid": "26abd47b-f5a2-4b86-8bd1-9f3aa1ee192d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13723", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947890930352527", "content": "", "creation_timestamp": "2025-02-04T22:07:13.045211Z"}, {"uuid": "466b5b16-9f15-4ef0-a085-f5cf256dbb0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13722", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947890915225546", "content": "", "creation_timestamp": "2025-02-04T22:07:13.125324Z"}, {"uuid": "e8a453a7-47b4-429d-ab41-9cbff92fc2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13722", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhf3hjuolo2f", "content": "", "creation_timestamp": "2025-02-04T22:16:08.112035Z"}, {"uuid": "10a68443-3ba9-4138-946c-dfcc90466330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13723", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhf3hmblbc2c", "content": "", "creation_timestamp": "2025-02-04T22:16:10.884815Z"}, {"uuid": "5ce7a689-72b1-4ef8-8b4c-7772f72b11fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lh27ntfylv2m", "content": "", "creation_timestamp": "2025-01-31T14:31:57.806955Z"}, {"uuid": "d6ab3eeb-cb9f-4f2a-991e-34715c4b5ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13722", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhfjcgyzro2v", "content": "", "creation_timestamp": "2025-02-05T02:23:51.272498Z"}, {"uuid": "32c7fdae-6f4a-4147-b458-39cbadc82a07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13723", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhfjchpcrc2q", "content": "", "creation_timestamp": "2025-02-05T02:23:55.032557Z"}, {"uuid": "231fc8ef-085c-4eb3-88db-3227b6470ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13724", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljkcp34vim27", "content": "", "creation_timestamp": "2025-03-04T10:59:21.425574Z"}, {"uuid": "811c481c-8881-4a2e-ba2c-721d0dc76f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13725", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3liihtllt6i2z", "content": "", "creation_timestamp": "2025-02-19T00:00:48.144390Z"}, {"uuid": "8361b5b4-f178-4ca1-8331-824a5a6abd8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13726", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13726.yaml", "content": "", "creation_timestamp": "2025-02-17T09:10:57.000000Z"}, {"uuid": "c60e9b73-ee45-4e4d-a68a-aec1e8c1985f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13724", "type": "seen", "source": "https://t.me/cvedetector/19487", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13724 - WooCommerce Wallet Unauthenticated Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13724 \nPublished : March 4, 2025, 9:15 a.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : The Wallet System for WooCommerce \u2013 Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to increase their own wallet balance, transfer balances between arbitrary users and initiate transfer requests from other users' wallets. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T12:30:03.000000Z"}, {"uuid": "426a8ece-53f0-447f-aee6-bad154e7f5d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13721", "type": "seen", "source": "https://t.me/cvedetector/16361", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13721 - Plethora Plugins Tabs + Accordions WordPress Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13721 \nPublished : Jan. 25, 2025, 6:15 a.m. | 32\u00a0minutes ago \nDescription : The Plethora Plugins Tabs + Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the anchor parameter in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T07:58:10.000000Z"}, {"uuid": "e9bc451a-4b61-4945-bf29-bc1cf5863bc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgxyudbn5v2g", "content": "", "creation_timestamp": "2025-01-30T17:25:03.504381Z"}, {"uuid": "28bad12d-a460-4fb7-b6a9-61b06b8be2c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxofak4jv27", "content": "", "creation_timestamp": "2025-01-30T14:17:35.689972Z"}, {"uuid": "d7ad138e-d259-4f79-865b-195aae899d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13721", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113887351219803626", "content": "", "creation_timestamp": "2025-01-25T05:31:09.809816Z"}, {"uuid": "0e706d53-4db8-4a3d-8dcd-c335fa4d350f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13728", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3litm557mrh2r", "content": "", "creation_timestamp": "2025-02-23T10:17:00.822641Z"}, {"uuid": "34178365-030a-4a4f-aa8c-58445b9d58e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13726", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lie3ufwumy2t", "content": "", "creation_timestamp": "2025-02-17T06:15:51.874741Z"}, {"uuid": "3aa06ec6-fe8c-4f59-a8a3-992bc4ad9b62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13726", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114017767487537657", "content": "", "creation_timestamp": "2025-02-17T06:17:44.004657Z"}, {"uuid": "f8bd8843-c6b2-4150-95d9-9d4f3dc1b52e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13726", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liefeml62w2y", "content": "", "creation_timestamp": "2025-02-17T09:06:02.027985Z"}, {"uuid": "b7a8722e-32b8-4f38-abdb-f7a8571da394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13725", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ligj252nkd2k", "content": "", "creation_timestamp": "2025-02-18T05:17:02.178325Z"}, {"uuid": "3ed51c3e-b060-46a7-898b-dea62f0e1563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13725", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ligm2xnhgo2c", "content": "", "creation_timestamp": "2025-02-18T06:11:11.730556Z"}, {"uuid": "c604fcc9-6816-4431-8d7e-aee82e3783d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13725", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114023552671740574", "content": "", "creation_timestamp": "2025-02-18T06:48:59.110194Z"}, {"uuid": "ea7f714b-2e5d-4eb7-9647-ac72fc87237f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13727", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3meovceca5b2c", "content": "", "creation_timestamp": "2026-02-12T21:03:25.528967Z"}, {"uuid": "310637c3-2685-46d4-b8b0-11810f2fac27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13728", "type": "seen", "source": "Telegram/KNbjqZHHZ5qH6bG8X7Tp7RHysYt-M8VATVrrpTtkmiYVdvdA", "content": "", "creation_timestamp": "2025-02-23T17:38:05.000000Z"}, {"uuid": "f0e3c43d-8cdd-4efc-b474-f42e09429f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13728", "type": "seen", "source": "https://t.me/cvedetector/18739", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13728 - WordPress Accept Donations with PayPal & Stripe Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13728 \nPublished : Feb. 23, 2025, 6:15 a.m. | 1\u00a0hour, 40\u00a0minutes ago \nDescription : The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the rf parameter in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-23T09:22:05.000000Z"}, {"uuid": "12a7d522-1c58-4dd3-8220-7385c3e354c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13723", "type": "seen", "source": "https://t.me/cvedetector/17245", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13723 - Checkmk NagVis Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13723 \nPublished : Feb. 4, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : The \"NagVis\" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T00:45:46.000000Z"}, {"uuid": "79704d22-546b-4df0-98cf-c11da87ea747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13722", "type": "seen", "source": "https://t.me/cvedetector/17244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13722 - NagVis Checkmk Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13722 \nPublished : Feb. 4, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : The \"NagVis\" component within Checkmk is vulnerable to reflected cross-site scripting. An attacker can craft a malicious link that will execute arbitrary JavaScript in the context of the browser once clicked. The attack can be performed on both authenticated and unauthenticated users. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T00:45:45.000000Z"}, {"uuid": "b5f54712-7814-4494-9eef-a48d34fa03e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13725", "type": "seen", "source": "https://t.me/cvedetector/18285", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13725 - Keap Official Opt-in Forms WordPress Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13725 \nPublished : Feb. 18, 2025, 5:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included. If register_argc_argv is enabled on the server and pearcmd.php is installed, this issue might lead to Remote Code Execution. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T09:16:57.000000Z"}, {"uuid": "f4c23255-dba0-423e-a543-a2d3a31977c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13721", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13721\n\ud83d\udd39 Description: The Plethora Plugins Tabs + Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the anchor parameter in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-25T05:30:07.128Z\n\ud83d\udccf Modified: 2025-01-25T05:30:07.128Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/9755e5d4-dbf6-4778-84d6-cc967e8afb48?source=cve\n2. https://plugins.trac.wordpress.org/browser/plethora-tabs-accordions/trunk/plethoraplugins-tabs.php#L423", "creation_timestamp": "2025-01-25T06:05:28.000000Z"}, {"uuid": "7ce2045a-adea-4555-95eb-fe5c0160f1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3516", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13720\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-30T14:15:36.660\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/browser/wp-image-uploader/trunk/index.php#L85\n2. https://www.wordfence.com/threat-intel/vulnerabilities/id/4af41f69-1335-4199-bf29-c9699de50a16?source=cve", "creation_timestamp": "2025-01-30T19:19:50.000000Z"}, {"uuid": "f25459c9-283d-4e5b-b73c-2eac5fe30350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13724", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6360", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13724\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Wallet System for WooCommerce \u2013 Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to increase their own wallet balance, transfer balances between arbitrary users and initiate transfer requests from other users' wallets.\n\ud83d\udccf Published: 2025-03-04T08:23:42.467Z\n\ud83d\udccf Modified: 2025-03-04T08:23:42.467Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/bda326b0-9049-496a-a600-fa65151ce98f?source=cve\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3244479%40wallet-system-for-woocommerce%2Ftrunk&old=3231275%40wallet-system-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=", "creation_timestamp": "2025-03-04T09:31:56.000000Z"}, {"uuid": "b03f1df8-8c42-4b0f-8b00-8b4ac9b1c3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13722", "type": "seen", "source": "Telegram/KyXpNaGSt77xKmd0Nk8dHw88PaE58vwtoAYJsW_m9Sp6t8sl", "content": "", "creation_timestamp": "2025-02-06T02:43:27.000000Z"}, {"uuid": "892fee03-0542-468b-9a07-4972e55b3fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1372", "type": "seen", "source": "https://t.me/ctinow/199813", "content": "https://ift.tt/d3pf7gP\nCVE-2024-1372 | GitHub Enterprise Server up to 3.8.14/3.9.9/3.10.6/3.11.4 Management Console access control", "creation_timestamp": "2024-03-05T02:01:55.000000Z"}, {"uuid": "ec2e1055-dc48-402f-b8b4-16968f76cd0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1372", "type": "seen", "source": "https://t.me/ctinow/184141", "content": "https://ift.tt/0TLcilp\nCVE-2024-1372", "creation_timestamp": "2024-02-13T20:22:16.000000Z"}, {"uuid": "3586834e-58dc-4a02-9b51-72c5544537e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13722", "type": "seen", "source": "https://bsky.app/profile/jimbecher.bsky.social/post/3lhfgmvvazc23", "content": "", "creation_timestamp": "2025-02-05T01:35:59.915984Z"}, {"uuid": "e934fd89-150a-43f7-ba25-c0acf2e26897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13723", "type": "seen", "source": "https://bsky.app/profile/jimbecher.bsky.social/post/3lhfgnjo7vk23", "content": "", "creation_timestamp": "2025-02-05T01:36:20.279120Z"}, {"uuid": "02b40bfc-288f-47c7-937d-9e10fbe2261e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13726", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3likodr3qps2k", "content": "", "creation_timestamp": "2025-02-19T21:02:38.465686Z"}, {"uuid": "5fa53738-dce0-4139-a0a9-546b4ec2ab43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13727", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13727.yaml", "content": "", "creation_timestamp": "2026-02-11T16:17:23.000000Z"}, {"uuid": "4da0a450-a356-4a00-aac6-31595bfd9681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13725", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4744", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13725\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included. If register_argc_argv is enabled on the server and pearcmd.php is installed, this issue might lead to Remote Code Execution.\n\ud83d\udccf Published: 2025-02-18T04:21:16.466Z\n\ud83d\udccf Modified: 2025-02-18T04:21:16.466Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/692a5838-4a32-4444-b1a0-018fa25594a9?source=cve\n2. https://wordpress.org/plugins/infusionsoft-official-opt-in-forms/\n3. https://plugins.trac.wordpress.org/browser/infusionsoft-official-opt-in-forms/trunk/infusionsoft.php#L2540", "creation_timestamp": "2025-02-18T07:56:55.000000Z"}, {"uuid": "594ffe4a-5339-4349-83f4-2e27f05d4900", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13728", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5083", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13728\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the rf parameter in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-02-23T05:22:33.304Z\n\ud83d\udccf Modified: 2025-02-23T05:22:33.304Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/3891a807-aace-460a-ad49-6a282af16084?source=cve\n2. https://plugins.trac.wordpress.org/browser/easy-paypal-donation/tags/1.4.4/core/Base/Stripe.php#L227", "creation_timestamp": "2025-02-23T06:22:42.000000Z"}, {"uuid": "197270db-1b0f-44e2-bc40-6bd557eff629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1372", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15807", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1372\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the  GitHub Bug Bounty program https://bounty.github.com .\n\n\ud83d\udccf Published: 2024-02-13T18:54:03.413Z\n\ud83d\udccf Modified: 2025-05-09T18:18:10.070Z\n\ud83d\udd17 References:\n1. https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15\n2. https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10\n3. https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7\n4. https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5", "creation_timestamp": "2025-05-09T18:26:18.000000Z"}, {"uuid": "ca4ee65f-fb0a-4c9b-bbb1-47de27ad08a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13726", "type": "seen", "source": "https://t.me/cvedetector/18229", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13726 - \"WordPress Coder Plugin SQL Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13726 \nPublished : Feb. 17, 2025, 6:15 a.m. | 25\u00a0minutes ago \nDescription : The  Coder  WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-17T08:10:55.000000Z"}, {"uuid": "62625fd0-354c-49da-a209-55ddcab9f446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13723", "type": "seen", "source": "Telegram/-O0gm-KBQfEqAHn52vcgH0Vcaug6O9f7T6PD7p3r_qDDfVzq", "content": "", "creation_timestamp": "2025-02-06T02:43:27.000000Z"}, {"uuid": "5a8b3807-d985-4e3a-99fd-1b2201863af9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13720", "type": "seen", "source": "https://t.me/cvedetector/16774", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13720 - \"WordPress WP Image Uploader Remote File Deletion\"\", \n  \"Content\": \"CVE ID : CVE-2024-13720 \nPublished : Jan. 30, 2025, 2:15 p.m. | 46\u00a0minutes ago \nDescription : The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the gky_image_uploader_main_function() function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T16:46:22.000000Z"}]}