{"vulnerability": "CVE-2024-4968", "sightings": [{"uuid": "8c4ecdfa-ccb7-47ba-8f28-377c8a0cf69c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49686", "type": "seen", "source": "https://t.me/cvedetector/14035", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49686 - Fatcat Apps Landing Page Cat Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49686 \nPublished : Dec. 31, 2024, 2:15 p.m. | 39\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Fatcat Apps Landing Page Cat.This issue affects Landing Page Cat: from n/a through 1.7.4. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T16:13:34.000000Z"}, {"uuid": "35d702f3-bdbf-4340-9adf-b1ab587cbda5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49687", "type": "seen", "source": "https://t.me/cvedetector/14031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49687 - StoreApps Smart Manager Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49687 \nPublished : Dec. 31, 2024, 2:15 p.m. | 39\u00a0minutes ago \nDescription : Missing Authorization vulnerability in StoreApps Smart Manager.This issue affects Smart Manager: from n/a through 8.45.0. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T16:13:28.000000Z"}, {"uuid": "3beb3939-7fad-4b22-8720-b4bdade5e6b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/9113", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-10T04:28:56.000000Z"}, {"uuid": "9ebe82b2-4755-4e0a-a003-5bf753ac9cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/7705", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:49:57.000000Z"}, {"uuid": "01d702ff-31b1-4c9f-936a-2cfcdfc4fca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/7706", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-10T04:28:56.000000Z"}, {"uuid": "0f3ca3aa-d02c-4086-8b1d-3ac922cee05d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49688", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866702044507179", "content": "", "creation_timestamp": "2025-01-21T13:59:48.251877Z"}, {"uuid": "9de70795-ee0c-4646-80a3-5cd7257691bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49688", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb244w4at27", "content": "", "creation_timestamp": "2025-01-21T14:16:00.834820Z"}, {"uuid": "5d1addbd-37e2-446b-ac30-0f4e5882d8db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49688", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113866894181032190", "content": "", "creation_timestamp": "2025-01-21T14:48:46.513205Z"}, {"uuid": "cf482ef5-bd96-4ab8-9792-a7f9894b7ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49688", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lgdlb3jrqo2n", "content": "", "creation_timestamp": "2025-01-22T14:28:21.256417Z"}, {"uuid": "8e457089-1bb6-4d5a-a35b-f2a80e9490d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/CyberDilara/1286", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:36:04.000000Z"}, {"uuid": "e0e1571c-b168-40b3-ab14-6e5474188db0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/9111", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:49:57.000000Z"}, {"uuid": "c5df7ef2-819b-42bb-8f23-617a4c50fe10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/dilagrafie/3963", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:37:01.000000Z"}, {"uuid": "c50a117a-1ea9-4259-9dc7-f21d905ff24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11414", "content": "#exploit\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\nhttps://github.com/imnotcha0s/CVE-2024-10914\n]-> Exploitation + Fix\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\nhttps://github.com/RandomRobbieBF/CVE-2024-50483", "creation_timestamp": "2025-01-15T00:36:56.000000Z"}, {"uuid": "0360608f-a5ca-43ab-b472-f7b1d682ba25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49689", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113510596099314574", "content": "", "creation_timestamp": "2024-11-19T16:37:23.256837Z"}, {"uuid": "00a5f6cf-eb0b-4da8-a22b-cfebae5aa302", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49680", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113510596085646150", "content": "", "creation_timestamp": "2024-11-19T16:37:22.728200Z"}, {"uuid": "d701cc16-2c11-4449-a97f-93c06fd5d406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49685", "type": "seen", "source": "https://t.me/cvedetector/9499", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49685 - Smash Balloon Custom Twitter Feeds Tweets Widget CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49685 \nPublished : Oct. 31, 2024, 10:15 a.m. | 32\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds (Tweets Widget): from n/a through 2.2.3. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T11:55:49.000000Z"}, {"uuid": "f96d79dc-6a82-4807-8c75-ba87ad5ccd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/cvedetector/8796", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49681 - SWIT WP Sessions Time Monitoring Full Automatic SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49681 \nPublished : Oct. 24, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.0.9. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T15:08:51.000000Z"}, {"uuid": "f819a233-c851-4843-b7d5-8d890bf5e81f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49683", "type": "seen", "source": "https://t.me/cvedetector/8793", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49683 - \"AMP Schema & Structured Data Authorization Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-49683 \nPublished : Oct. 24, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Schema & Structured Data for WP & AMP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.3.5. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T15:08:45.000000Z"}, {"uuid": "205087c0-d65d-4ef9-844b-df4bfb0d4ceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49682", "type": "seen", "source": "https://t.me/cvedetector/8792", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49682 - \"SMP7 Open Redirect Vulnerability Allows Phishing Attacks\"\", \n  \"Content\": \"CVE ID : CVE-2024-49682 \nPublished : Oct. 24, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership allows Phishing.This issue affects Simple Membership: from n/a through 4.5.3. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T15:08:44.000000Z"}, {"uuid": "ca2dbd3a-53e4-4fe1-ad0d-0dc39ca68f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49684", "type": "seen", "source": "https://t.me/cvedetector/8710", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49684 - Revmakx WP Time Capsule Untrusted Object Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49684 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Object Injection.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.21. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:03:51.000000Z"}, {"uuid": "f70b8e6d-4fd1-454b-bb0d-58877ab2fb58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4968", "type": "seen", "source": "Telegram/2Yp_YtvE99eXGgJCT1E6ZFM5IKzsaokkU_c3k7GJSG2yxmZv", "content": "", "creation_timestamp": "2025-02-14T09:46:59.000000Z"}, {"uuid": "5044fc3a-753e-4c88-924c-c0fd19275213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49686", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemacaryxs2m", "content": "", "creation_timestamp": "2024-12-31T14:15:42.754907Z"}, {"uuid": "034e2b76-d88e-4346-a542-3ca22b9cf665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49687", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemacd7nek25", "content": "", "creation_timestamp": "2024-12-31T14:15:45.235657Z"}, {"uuid": "67f4fcc8-0d43-4da2-91f6-8fec1d3c5a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49685", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mijposm3gs2v", "content": "", "creation_timestamp": "2026-04-02T17:20:09.734297Z"}, {"uuid": "37fd8a59-171e-4d7d-a07d-86aa1ad9cb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49688\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3.\n\ud83d\udccf Published: 2025-01-21T13:40:33.140Z\n\ud83d\udccf Modified: 2025-01-21T13:40:33.140Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-unauthenticated-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:51.000000Z"}]}