{"vulnerability": "CVE-2024-4922", "sightings": [{"uuid": "e686c72b-5d1f-402a-bc1e-2154c181bcb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49222", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113786703661822248", "content": "", "creation_timestamp": "2025-01-07T10:55:10.749794Z"}, {"uuid": "d409a05b-14d5-4bd0-adff-76d48162dd4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49222", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/396", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49222\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object Injection.This issue affects WPGuppy: from n/a through 1.1.0.\n\ud83d\udccf Published: 2025-01-07T10:49:35.656Z\n\ud83d\udccf Modified: 2025-01-07T10:49:35.656Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wpguppy-lite/vulnerability/wordpress-wpguppy-plugin-1-1-0-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T11:37:40.000000Z"}, {"uuid": "99fe3fb6-46ca-4972-9d4f-59a4ec7e3213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49227", "type": "seen", "source": "https://t.me/cvedetector/8075", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49227 - Innovaweb Free Stock Photos Foter Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49227 \nPublished : Oct. 16, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through 1.5.4. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T17:13:27.000000Z"}, {"uuid": "16f020f1-73d3-4ba2-94f0-974a097b1fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49226", "type": "seen", "source": "https://t.me/cvedetector/8074", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49226 - TAKETIN To WP Membership Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49226 \nPublished : Oct. 16, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through 2.8.0. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T17:13:24.000000Z"}, {"uuid": "fe6aa684-4ba1-4539-ad1f-8d485346cf3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49222", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113786912453263607", "content": "", "creation_timestamp": "2025-01-07T11:48:15.877806Z"}, {"uuid": "b9985214-71fe-44d1-932f-5ced83f31ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49222", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jigds4v22", "content": "", "creation_timestamp": "2025-01-07T11:15:29.369006Z"}, {"uuid": "9596295a-b96a-43ba-9d04-1f35cda47146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49222", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jigds4v22", "content": "", "creation_timestamp": "2025-01-07T11:15:29.385686Z"}, {"uuid": "a9ba2142-3da1-43fe-bc11-16112b4f3853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4922", "type": "seen", "source": "Telegram/_U689gNLE2sR6d2Wnhr_87NisgzHEAVeydp41nAzqxSi_kKT", "content": "", "creation_timestamp": "2025-02-14T09:46:58.000000Z"}, {"uuid": "bac44f59-423c-47bf-a641-c1dfa75b9d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49225", "type": "seen", "source": "https://t.me/cvedetector/8325", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49225 - Swebdeveloper wpPricing Builder Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-49225 \nPublished : Oct. 18, 2024, 10:15 a.m. | 20\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Swebdeveloper wpPricing Builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through 1.5.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T12:44:38.000000Z"}, {"uuid": "96746ead-1086-4773-964b-ce08ca394c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49224", "type": "seen", "source": "https://t.me/cvedetector/8324", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49224 - Mahesh Patel Mitm Bug Tracker Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-49224 \nPublished : Oct. 18, 2024, 10:15 a.m. | 20\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mahesh Patel Mitm Bug Tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T12:44:38.000000Z"}, {"uuid": "cfc4e109-098a-47b2-be91-a9047fd24121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49228", "type": "seen", "source": "https://t.me/cvedetector/8323", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49228 - CrossedCode bVerse Convert Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49228 \nPublished : Oct. 18, 2024, 10:15 a.m. | 20\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrossedCode bVerse Convert allows Stored XSS.This issue affects bVerse Convert: from n/a through 1.3.7.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T12:44:37.000000Z"}]}