{"vulnerability": "cve-2024-1057", "sightings": [{"uuid": "ed70504d-da3e-4866-9479-e7f4ed325c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10577", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113473200294964819", "content": "", "creation_timestamp": "2024-11-13T02:07:08.099001Z"}, {"uuid": "fcfc448e-8552-4338-bfb6-19df96a794db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113480997635286335", "content": "", "creation_timestamp": "2024-11-14T11:10:06.680663Z"}, {"uuid": "6991a262-c808-4d42-9abf-662c82e03dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10575", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-05", "content": "", "creation_timestamp": "2024-11-21T11:00:00.000000Z"}, {"uuid": "3ddcd765-6b55-4213-89a7-5fec99145886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10578", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113604243225658875", "content": "", "creation_timestamp": "2024-12-06T05:33:04.588452Z"}, {"uuid": "ff186e7a-687c-49b2-b5ba-c704eab1af3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10576", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113594500316651908", "content": "", "creation_timestamp": "2024-12-04T12:15:19.490441Z"}, {"uuid": "469824c5-5d25-45e4-92ed-04bc039e3f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10570", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113547632650646510", "content": "", "creation_timestamp": "2024-11-26T05:36:15.711299Z"}, {"uuid": "4771ab26-f3d9-486f-bdb4-635a64fa5444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10579", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113548955801403342", "content": "", "creation_timestamp": "2024-11-26T11:12:45.409004Z"}, {"uuid": "16370f2d-731e-4f2d-ac27-9050e81a4f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lg7ad5fpno2n", "content": "", "creation_timestamp": "2025-01-20T21:02:01.492960Z"}, {"uuid": "382f62c6-7282-4389-977c-42ccac9ae1cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113892999626667547", "content": "", "creation_timestamp": "2025-01-26T05:27:37.620216Z"}, {"uuid": "4529e876-a409-476c-a073-06ea90567803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgmzfjzd732e", "content": "", "creation_timestamp": "2025-01-26T08:35:19.875494Z"}, {"uuid": "b9765314-1f20-43be-9d2c-cbc5698d6971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/114059640645483808", "content": "", "creation_timestamp": "2025-02-24T15:46:37.408393Z"}, {"uuid": "40ea2845-e8af-47ee-a6a5-838595ed18ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqingcczwb2s", "content": "", "creation_timestamp": "2025-05-31T21:02:22.076190Z"}, {"uuid": "4dc56f36-c9a8-4eea-854f-f47326e1f189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miz7vijs5x23", "content": "", "creation_timestamp": "2026-04-08T21:20:09.836252Z"}, {"uuid": "4b3c1c68-ab16-404d-bb0a-ce655eab13a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10578", "type": "seen", "source": "https://t.me/cvedetector/12170", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10578 - The Pubnews theme for WordPress is vulnerable to u\", \n  \"Content\": \"CVE ID : CVE-2024-10578 \nPublished : Dec. 6, 2024, 6:15 a.m. | 44\u00a0minutes ago \nDescription : The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pubnews_importer_plugin_action_for_notice() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary plugins that can be leveraged to exploit other vulnerabilities. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T08:05:26.000000Z"}, {"uuid": "717f6c26-238a-46c1-bbc1-0c1bf745f3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10576", "type": "seen", "source": "https://t.me/cvedetector/11985", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10576 - \"Infinix Mobile Unsecured Broadcast Receiver Factory Reset Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10576 \nPublished : Dec. 4, 2024, 12:15 p.m. | 1\u00a0hour, 31\u00a0minutes ago \nDescription : Infinix devices contain a pre-loaded \"com.transsion.agingfunction\" application, that\u00a0exposes an unsecured broadcast receiver. An attacker can communicate with the receiver and force the device to perform a factory reset without any Android system permissions.\u00a0  \n  \nAfter multiple attempts to contact the vendor we did not receive any answer. We suppose this issue affects all Infinix Mobile devices. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T15:04:50.000000Z"}, {"uuid": "8e3fe730-326a-4e1e-bdc8-074854ba7691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://t.me/cvedetector/10927", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10571 - Chartify WordPress Chart Plugin Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10571 \nPublished : Nov. 14, 2024, 11:15 a.m. | 37\u00a0minutes ago \nDescription : The Chartify \u2013 WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T13:18:35.000000Z"}, {"uuid": "35a35441-7aa2-4ada-a1c6-2e1e06ded976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "published-proof-of-concept", "source": "Telegram/nQrdilQjQl99lIMRwlBIzfx1gXvNFdI2V5simBs1rgDfZ-k", "content": "", "creation_timestamp": "2025-01-14T22:00:06.000000Z"}, {"uuid": "d3894885-1b52-4947-8903-a743dde2259f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/113826790624097702", "content": "", "creation_timestamp": "2025-01-14T12:49:49.800352Z"}, {"uuid": "e58a7710-ef05-4747-b31c-b1fff9a9eb55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://bsky.app/profile/abrahack.bsky.social/post/3lglepvo3h22z", "content": "", "creation_timestamp": "2025-01-25T16:52:40.873287Z"}, {"uuid": "b3124561-b9be-4a09-a954-32d17e11c00f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113893015274158799", "content": "", "creation_timestamp": "2025-01-26T05:31:36.399299Z"}, {"uuid": "461cf9ac-c411-4c0f-a0c0-39a10b9341f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgmrltcomi2n", "content": "", "creation_timestamp": "2025-01-26T06:15:41.208431Z"}, {"uuid": "89f80d8b-2d58-4aad-88c7-76e27b2bacc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10571", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-10571.yaml", "content": "", "creation_timestamp": "2025-05-28T12:44:45.000000Z"}, {"uuid": "aade0af2-ae08-4cf8-b31c-bacdde428cb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10578", "type": "published-proof-of-concept", "source": "Telegram/w1bL0ZfQbZjC6kNLjY6qJg4sGK5mjn3UxkyFp-Fo5l10hpw", "content": "", "creation_timestamp": "2025-03-24T04:00:05.000000Z"}, {"uuid": "c0dfc5ed-0e62-4ee2-866c-8c07dfec9f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10578", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmuxxz75nb2e", "content": "", "creation_timestamp": "2025-04-15T21:02:22.442544Z"}, {"uuid": "473b3735-54e3-4f0e-bdc2-52d5ecd26f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3117", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-4gv5-8ww7-7mf6\n\ud83d\udd25 CVSS Score: N/A (CVSS_V3)\n\ud83d\udd39 Description: The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ays_save_google_credentials' function in all versions up to, and including, 8.8.0 (Business), up to, and including, 21.8.0 (Developer), and up to, and including, 31.8.0 (Agency). This makes it possible for unauthenticated attackers to modify the Google Sheets integration credentials within the plugin's settings. Because the 'client_id' parameter is not sanitized or escaped when used in output, this vulnerability could also be leveraged to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-26T06:30:48Z\n\ud83d\udccf Modified: 2025-01-26T06:30:48Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-10574\n2. https://ays-pro.com/changelog-for-quiz-maker-pro\n3. https://ays-pro.com/wordpress/quiz-maker\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/d8a4feb3-908f-4fff-84f2-099f56d46f5b?source=cve", "creation_timestamp": "2025-01-26T07:06:06.000000Z"}, {"uuid": "7f06d92e-3f35-4962-a32a-8d0804157768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10575", "type": "seen", "source": "https://t.me/ics_cert/961", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0628\u0631\u0627\u06cc \u0628\u0631\u0642\u0631\u0627\u0631\u06cc \u0627\u0631\u062a\u0628\u0627\u0637 \u0628\u0627 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644\u200c\u0634\u062f\u0647 Schneider Electric EcoStruxure IT Gateway \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0648\u062c\u0648\u062f \u0631\u0648\u06cc\u0647 \u0645\u062c\u0648\u0632 \u0627\u0633\u062a. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0645\u0644 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f.\n\n\u200fBDU: 09318-2024\n\u200fCVE-2024-10575\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\n\u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a) \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0628\u062e\u0634 \u0635\u0646\u0639\u062a\u06cc \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0631\u0627\u0628\u0637 \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\n\u200fhttps://download.schneider-electric.com/doc/SEVD-2024-317-04/SEVD-2024-317-04.pdf\n\u26a0\ufe0f\u0628\u06cc\u0627\u0646\u06cc\u0647 \u0633\u0644\u0628 \u0645\u0633\u0626\u0648\u0644\u06cc\u062a\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2024-11-22T08:33:11.000000Z"}, {"uuid": "cefe0a3e-4732-47da-95a5-aa28876bd21e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10574", "type": "seen", "source": "https://t.me/cvedetector/16411", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10574 - \"Quiz Maker Business, Developer, and Agency WordPress Unauthorized Modification and Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10574 \nPublished : Jan. 26, 2025, 6:15 a.m. | 1\u00a0hour, 36\u00a0minutes ago \nDescription : The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ays_save_google_credentials' function in all versions up to, and including, 8.8.0 (Business), up to, and including, 21.8.0 (Developer), and up to, and including, 31.8.0 (Agency). This makes it possible for unauthenticated attackers to modify the Google Sheets integration credentials within the plugin's settings. Because the 'client_id' parameter is not sanitized or escaped when used in output, this vulnerability could also be leveraged to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-26T09:03:18.000000Z"}, {"uuid": "c3140472-a1a7-4f90-98fb-565610ddf98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10575", "type": "seen", "source": "https://t.me/cvedetector/10806", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10575 - NetSentry Missing AuthorizationAuthentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-10575 \nPublished : Nov. 13, 2024, 5:15 a.m. | 43\u00a0minutes ago \nDescription : CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on  \nthe network and potentially impacting connected devices. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T07:28:23.000000Z"}, {"uuid": "f688c8d0-2b04-48ae-b64f-d718ed88ac94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10573", "type": "seen", "source": "https://t.me/cvedetector/9529", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10573 - \"OneBox: mpg123 Heap Corruption RCE\"\", \n  \"Content\": \"CVE ID : CVE-2024-10573 \nPublished : Oct. 31, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T21:07:25.000000Z"}, {"uuid": "628af9f1-8444-4347-bfa4-179c59e33b49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10578", "type": "published-proof-of-concept", "source": "Telegram/Bv5dxy_V5soxsvLh8l7xGypCiAqkJocQ9bLW1ZDnBcCxd0M", "content": "", "creation_timestamp": "2025-03-24T20:00:05.000000Z"}]}