{"vulnerability": "CVE-2024-4400", "sightings": [{"uuid": "ec92fe07-5ef4-40e8-80b4-3783f4985416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "MISP/d6639616-08d7-4807-9d94-ef5575e155f4", "content": "", "creation_timestamp": "2024-10-24T13:07:13.000000Z"}, {"uuid": "e8f6dbb4-0bcb-41de-807e-31aa2f9c3e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "92cc0614-b907-40ff-9dad-7a36d850e37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3llh3yaimss2e", "content": "", "creation_timestamp": "2025-03-28T15:11:35.156123Z"}, {"uuid": "c6d3f915-f31f-4574-861e-2ae16273ba92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mii35wqqtw27", "content": "", "creation_timestamp": "2026-04-02T01:40:09.565283Z"}, {"uuid": "37791733-eb9a-49d7-a357-8d0a882da138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8900", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-44000\nURL\uff1ahttps://github.com/zgimszhd61/CVE-2024-44000\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-31T11:07:41.000000Z"}, {"uuid": "287bccf5-122b-48e8-a34a-f83593ab865f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://t.me/itsec_news/4674", "content": "\u200b\u26a1\ufe0fCVE-2024-44000: \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u0434\u043b\u044f WordPress \u0432\u043d\u043e\u0432\u044c \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c\n\n\ud83d\udcac \u0412 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0434\u043b\u044f WordPress \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2024-44000 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0432 7.5 \u0431\u0430\u043b\u043b\u043e\u0432, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 6.4.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Patchstack \u0420\u0430\u0444\u0438 \u041c\u0443\u0445\u0430\u043c\u043c\u0430\u0434 \u043e\u0442\u043c\u0435\u0442\u0438\u043b \u0432 \u0441\u0432\u043e\u0451\u043c \u043e\u0442\u0447\u0451\u0442\u0435, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u044e\u0431\u043e\u043c\u0443 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043b\u044e\u0431\u043e\u0433\u043e \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u043d\u0430 \u0441\u0430\u0439\u0442 \u0438 \u043f\u0440\u043e\u0447\u0438\u043c \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f\u043c.\n\n\u041f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0443 \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u043e\u0442\u043b\u0430\u0434\u043a\u0438 \u00ab/wp-content/debug.log\u00bb, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u0441\u044f \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e cookie \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0430\u043d\u0441\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u042d\u0442\u043e \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0431\u0435\u0437 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u043d\u043e\u0441\u0438\u0442 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u044b, \u0442\u0430\u043a \u043a\u0430\u043a \u0434\u043b\u044f \u0435\u0451 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 \u0431\u044b\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043e\u0442\u043b\u0430\u0434\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432\u044b\u043a\u043b\u044e\u0447\u0435\u043d\u0430. \u041e\u0434\u043d\u0430\u043a\u043e, \u0441\u0430\u0439\u0442\u044b, \u0433\u0434\u0435 \u044d\u0442\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u0431\u044b\u043b\u0430 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0440\u0430\u043d\u0435\u0435 \u0438 \u0444\u0430\u0439\u043b \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u043d\u0435 \u0431\u044b\u043b \u0443\u0434\u0430\u043b\u0451\u043d, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0440\u0438\u0441\u043a\u0443.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 LiteSpeed Cache 6.5.0.1 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0430\u0435\u0442 \u0444\u0430\u0439\u043b \u0436\u0443\u0440\u043d\u0430\u043b\u0430 \u0432 \u043d\u043e\u0432\u0443\u044e \u043f\u0430\u043f\u043a\u0443, \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442 \u0438\u043c\u044f \u0444\u0430\u0439\u043b\u0430 \u0438 \u0438\u0441\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u043e cookie. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0444\u0430\u0439\u043b\u0430 \u00ab/wp-content/debug.log\u00bb \u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0435\u0433\u043e, \u0435\u0441\u043b\u0438 \u043e\u0442\u043b\u0430\u0434\u043a\u0430 \u0431\u044b\u043b\u0430 \u043a\u043e\u0433\u0434\u0430-\u043b\u0438\u0431\u043e \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0432 \u00ab.htaccess\u00bb, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u0430. \u042d\u0442\u043e \u0441\u043d\u0438\u0437\u0438\u0442 \u0440\u0438\u0441\u043a, \u0435\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u0433\u0430\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u043e\u0435 \u0438\u043c\u044f \u0444\u0430\u0439\u043b\u0430 \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u043f\u043e\u0434\u0431\u043e\u0440\u0430. \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-44000 \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u044e\u0442 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043e\u0442\u043b\u0430\u0434\u043a\u0438 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u043c\u0438, \u0447\u0442\u043e\u0431\u044b \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u0443\u0442\u0435\u0447\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u044d\u0442\u043e \u043d\u0435 \u043f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043c\u0435\u0441\u044f\u0446. \u0422\u0430\u043a, \u0440\u0430\u043d\u0435\u0435 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-28000, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0443\u0440\u043e\u0432\u043d\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-09-06T16:54:22.000000Z"}, {"uuid": "67517298-8e66-4db9-9ff9-dfcb7e96289c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2026", "content": "https://github.com/ifqygazhar/CVE-2024-44000-LiteSpeed-Cache\n\nCVE-2024-44000 is a vulnerability in LiteSpeed Cache, a popular WordPress plug-in.\n#github #exploit", "creation_timestamp": "2024-09-19T07:50:04.000000Z"}, {"uuid": "69886229-0020-434d-a9d4-2d5da9cfce25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44009", "type": "seen", "source": "https://t.me/cvedetector/5874", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44009 - WCFM Marketplace Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-44009 \nPublished : Sept. 17, 2024, 11:15 p.m. | 15\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from n/a through 3.6.10. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T01:39:28.000000Z"}, {"uuid": "08033051-4537-40b0-a080-ffeab68b7dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44008", "type": "seen", "source": "https://t.me/cvedetector/5873", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44008 - Dylan Kuhn Geo Mashup Stored Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-44008 \nPublished : Sept. 17, 2024, 11:15 p.m. | 15\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through 1.13.12. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T01:39:24.000000Z"}, {"uuid": "7986aaae-6a49-4f60-92eb-9a48b5d78f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44007", "type": "seen", "source": "https://t.me/cvedetector/5872", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44007 - SKT Templates Elementor Gutenberg Template Reflection XSS\", \n  \"Content\": \"CVE ID : CVE-2024-44007 \nPublished : Sept. 17, 2024, 11:15 p.m. | 15\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Templates \u2013 Elementor & Gutenberg templates allows Reflected XSS.This issue affects SKT Templates \u2013 Elementor & Gutenberg templates: from n/a through 6.14. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T01:39:23.000000Z"}, {"uuid": "d6200bc5-1980-4405-8bb4-702146bff8b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44004", "type": "seen", "source": "https://t.me/cvedetector/5871", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44004 - WPTaskForce WPCargo Track & Trace SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-44004 \nPublished : Sept. 17, 2024, 11:15 p.m. | 15\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through 7.0.6. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T01:39:22.000000Z"}, {"uuid": "dce2ec98-55a1-4c68-8264-933ea30e3d5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15736", "content": "CVE-2024-44000 - WordPress Debug Log Exposure Leading to Session Cookie Hijacking: https://infosecwriteups.com/cve-2024-44000-wordpress-debug-log-exposure-leading-to-session-cookie-hijacking-afcfada02c44?source=rss------bug_bounty-5", "creation_timestamp": "2024-10-12T06:30:24.000000Z"}, {"uuid": "8a3b0a01-fe17-48cb-9ea5-5384095a7b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "Telegram/Ps-VKN7DUelYkabx9tAVrWbeJ-AoGkZyCUEtr_LLfMOyIQ", "content": "", "creation_timestamp": "2024-09-06T10:43:16.000000Z"}, {"uuid": "6fc7d22a-c5a2-4bf7-abb2-2cd403b4d77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/19765", "content": "The Hacker News\nCritical Security Flaw Found in LiteSpeed Cache Plugin for WordPress\n\nCybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts.\nThe vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. \n\"The plugin suffers from an", "creation_timestamp": "2024-09-06T10:43:14.000000Z"}, {"uuid": "c95b7b3c-5c1f-4c95-8cb2-dcfc681f5fad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "Telegram/iiRfbkOGKtpnvYek2Bt69TLmk7TsVdpcWhjd4Wgzl0X5ng", "content": "", "creation_timestamp": "2024-09-06T11:38:55.000000Z"}, {"uuid": "4f792c29-31fa-49e6-a02f-35766dcd465a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "Telegram/iqzr0evsZIMMy3NnASIGxZl2nBENTlvbGPIFKVphLoM3UsM", "content": "", "creation_timestamp": "2024-09-05T16:31:47.000000Z"}, {"uuid": "c030c5c9-756f-4e36-b975-465f35b2e33c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3988", "content": "The Hacker News\nCritical Security Flaw Found in LiteSpeed Cache Plugin for WordPress\n\nCybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts.\nThe vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. \n\"The plugin suffers from an", "creation_timestamp": "2024-09-06T10:43:14.000000Z"}, {"uuid": "ec39867d-536b-4fc7-8fdb-b612b1eeb796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://t.me/KomunitiSiber/2524", "content": "Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress\nhttps://thehackernews.com/2024/09/critical-security-flaw-found-in.html\n\nCybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts.\nThe vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.\u00a0\n\"The plugin suffers from an", "creation_timestamp": "2024-09-06T17:07:01.000000Z"}, {"uuid": "b441a34b-60be-4dae-aeb3-189d9f20f1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://t.me/thehackernews/5533", "content": "New LiteSpeed Cache flaw (CVE-2024-44000) risks unauthorized access to WordPress sites via exposed debug logs.\n\nRead: https://thehackernews.com/2024/09/critical-security-flaw-found-in.html\n\nEven old logs can be exploited. Update and purge now!", "creation_timestamp": "2024-09-06T12:40:36.000000Z"}, {"uuid": "9b5b51e0-d818-4ea9-aa64-fecb148305d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llk7zvgdkv2n", "content": "", "creation_timestamp": "2025-03-29T21:02:06.065268Z"}, {"uuid": "6ccff7bb-d2fc-4455-a6e1-e74058f1c933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8538", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-44000-LiteSpeed-Cache\nURL\uff1ahttps://github.com/ifqygazhar/CVE-2024-44000-LiteSpeed-Cache\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-16T14:20:21.000000Z"}, {"uuid": "80a2383a-1892-457e-9d71-a3358f1ad855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12450", "content": "\u200aCVE-2024-44000 (CVSS 9.8): Litespeed Cache flaw exposes millions of WordPress sites to takeover attacks\n\nhttps://securityonline.info/cve-2024-44000-cvss-9-8-litespeed-cache-flaw-exposes-millions-of-wordpress-sites-to-takeover-attacks/", "creation_timestamp": "2024-09-08T17:47:59.000000Z"}, {"uuid": "ae9b4e46-ad73-4312-96fd-3ca21558b1f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "Telegram/tVTL6_oBQTN-MPg3AZJxeqt1QJ_avoYVCvaCVHQqJMgjt1ea", "content": "", "creation_timestamp": "2024-09-09T14:31:10.000000Z"}, {"uuid": "e6b2bdee-a2cd-40dc-ab53-7603f1551fbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/4554", "content": "CVE-2024-44000: Unauthenticated Account Takeover in LiteSpeed Cache plugin for WordPress, 9.8 rating \n\nA vulnerability in the debug log allows attackers to gain access to user sessions, potentially leading to complete control over a website.\n\nSearch at Netlas.io:\n Link: https://nt.ls/syLAy\n Dork: http.body:\"plugins/litespeed-cache\"\n\nRead more: https://securityonline.info/cve-2024-44000-cvss-9-8-litespeed-cache-flaw-exposes-millions-of-wordpress-sites-to-takeover-attacks/", "creation_timestamp": "2024-09-05T14:18:45.000000Z"}, {"uuid": "bafc935b-b69e-413d-9776-23e09137a89d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3192", "content": "https://github.com/ifqygazhar/CVE-2024-44000-LiteSpeed-Cache\n\nCVE-2024-44000 is a vulnerability in LiteSpeed Cache, a popular WordPress plug-in.\n#github #exploit", "creation_timestamp": "2024-09-19T04:11:49.000000Z"}, {"uuid": "982ddcbd-e618-4d77-baff-f61b300eef84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:03.000000Z"}, {"uuid": "82b57456-ef73-43e4-8b15-54cc43d3cf85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:03.000000Z"}, {"uuid": "8fdc938a-4f2c-417c-82a6-706425936d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_litespeed_cookie_theft.rb", "content": "", "creation_timestamp": "2024-09-17T11:15:03.000000Z"}, {"uuid": "d33c93e0-8a35-4617-8d48-df716b707715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8462", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/absholi7ly/CVE-2024-44000-LiteSpeed-Cache\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-06T03:57:32.000000Z"}, {"uuid": "783b9c96-e990-43b5-8311-554691f07806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8461", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/absholi7ly/LiteSpeed-Cache-CVE-2024-44000-\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-10T04:33:38.000000Z"}, {"uuid": "59591ba1-d62f-47df-abc5-81f7f4eaf81b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44006", "type": "seen", "source": "https://t.me/cvedetector/9601", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44006 - WooCommerce Multilingual & Multicurrency Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44006 \nPublished : Nov. 1, 2024, 3:15 p.m. | 40\u00a0minutes ago \nDescription : Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.6. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T17:01:23.000000Z"}, {"uuid": "c557cf05-0a66-4d6a-897e-1bcfba5ec611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "seen", "source": "https://t.me/cvedetector/8441", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44000 - LiteSpeed Technologies LiteSpeed Cache Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-44000 \nPublished : Oct. 20, 2024, 12:15 p.m. | 35\u00a0minutes ago \nDescription : Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T14:55:29.000000Z"}, {"uuid": "e502dac5-1714-4778-9d7e-e6c5e4f31f12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44005", "type": "seen", "source": "https://t.me/cvedetector/5886", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44005 - Wpsoul Greenshift Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-44005 \nPublished : Sept. 18, 2024, 12:15 a.m. | 35\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wpsoul Greenshift \u2013 animation and page builder blocks allows Stored XSS.This issue affects Greenshift \u2013 animation and page builder blocks: from n/a through 9.3.7. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T03:19:49.000000Z"}, {"uuid": "c27b26e5-03d0-4512-b322-91a8c521de94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44002", "type": "seen", "source": "https://t.me/cvedetector/5885", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44002 - PickPlugins Team Showcase Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-44002 \nPublished : Sept. 18, 2024, 12:15 a.m. | 35\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Reflected XSS.This issue affects Team Showcase: from n/a through 1.22.25. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T03:19:48.000000Z"}, {"uuid": "04699bac-70eb-4708-87b2-b39e5ba6244e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44001", "type": "seen", "source": "https://t.me/cvedetector/5884", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44001 - Royal Elementor Addons Cross-site Scriptinglash; Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44001 \nPublished : Sept. 18, 2024, 12:15 a.m. | 35\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.982. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T03:19:48.000000Z"}, {"uuid": "4b821b1e-7727-48c4-bb37-200b859a1f45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44003", "type": "seen", "source": "https://t.me/cvedetector/5883", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44003 - Spice Starter Sites Input Injection XSS\", \n  \"Content\": \"CVE ID : CVE-2024-44003 \nPublished : Sept. 18, 2024, 12:15 a.m. | 35\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in spicethemes Spice Starter Sites allows Reflected XSS.This issue affects Spice Starter Sites: from n/a through 1.2.5. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T03:19:47.000000Z"}, {"uuid": "a0dc9558-1a73-4799-b8cf-a8028f257e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44000", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18785", "content": "https://github.com/ifqygazhar/CVE-2024-44000-LiteSpeed-Cache\n\nCVE-2024-44000 is a vulnerability in LiteSpeed Cache, a popular WordPress plug-in.\n#github #exploit", "creation_timestamp": "2024-09-19T07:50:04.000000Z"}]}