{"vulnerability": "cve-2024-1158", "sightings": [{"uuid": "c279aa0a-14cf-4b22-9384-75a40dc8e655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11585", "type": "seen", "source": "https://t.me/cvedetector/12172", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11585 - The WP Hide & Security Enhancer plugin for WordPre\", \n  \"Content\": \"CVE ID : CVE-2024-11585 \nPublished : Dec. 6, 2024, 6:15 a.m. | 44\u00a0minutes ago \nDescription : The WP Hide & Security Enhancer plugin for WordPress is vulnerable to arbitrary file contents deletion due to a missing authorization and insufficient file path validation in the file-process.php in all versions up to, and including, 2.5.1. This makes it possible for unauthenticated attackers to delete the contents of arbitrary files on the server, which can break the site or lead to data loss. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T08:05:27.000000Z"}, {"uuid": "9e732d15-4274-4b93-8726-470a46efca1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11587", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113520958826476639", "content": "", "creation_timestamp": "2024-11-21T12:32:45.822072Z"}, {"uuid": "cef89727-462f-4587-9883-0c5adbcec0aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11588", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113520958841515486", "content": "", "creation_timestamp": "2024-11-21T12:32:46.101751Z"}, {"uuid": "a6fa1ebf-5bb4-4399-a822-0204fb74601b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11587", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lu6tdltpk52x", "content": "", "creation_timestamp": "2025-07-17T21:02:24.952854Z"}, {"uuid": "3a325a82-7b29-4ae2-9861-5862f93c757f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11584", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvboxubaac2z", "content": "", "creation_timestamp": "2025-07-31T17:47:23.550353Z"}, {"uuid": "9c090bac-8176-4a9b-b927-19f053153702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11586", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113529895114901796", "content": "", "creation_timestamp": "2024-11-23T02:25:22.323168Z"}, {"uuid": "5286b153-36ee-42cc-a5f0-0fae8577c28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11585", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113604243254897725", "content": "", "creation_timestamp": "2024-12-06T05:33:05.126561Z"}, {"uuid": "d23d8bce-b314-4d3a-89f1-a953ad3aa11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11583", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxod25fil2n", "content": "", "creation_timestamp": "2025-01-30T14:16:22.340022Z"}, {"uuid": "54cb6f40-778d-45e9-91ff-b46df2e3f3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11582", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liiwbtstfq2t", "content": "", "creation_timestamp": "2025-02-19T04:19:19.126017Z"}, {"uuid": "9bcedaa3-d6a1-4e10-82ac-8d4fe75a126a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11582", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lijcz5fter2a", "content": "", "creation_timestamp": "2025-02-19T08:07:07.830418Z"}, {"uuid": "88b89206-5de6-4c67-a566-8a3000fdbcf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11587", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvh2scoish2z", "content": "", "creation_timestamp": "2025-08-02T21:02:20.865696Z"}, {"uuid": "2750188e-9bfa-4945-bfd1-6e5d103152af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11582", "type": "seen", "source": "https://t.me/cvedetector/18404", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11582 - WordPress Subscribe2 Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11582 \nPublished : Feb. 19, 2025, 4:15 a.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : The Subscribe2 \u2013 Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ip parameter in all versions up to, and including, 10.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T07:52:23.000000Z"}, {"uuid": "3529a050-9170-4b09-becf-2106ad27c1cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11584", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19582", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11584\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: cloud-init\u00a0through 25.1.2 includes the systemd socket unit\u00a0cloud-init-hotplugd.socket with default\u00a0SocketMode\u00a0that grants 0666 permissions, making it world-writable.\u00a0This being used for the \"/run/cloud-init/hook-hotplug-cmd\" FIFO. An unprivelege user could trigger\u00a0hotplug-hook commands.\n\ud83d\udccf Published: 2025-06-26T09:25:20.199Z\n\ud83d\udccf Modified: 2025-06-26T09:25:20.199Z\n\ud83d\udd17 References:\n1. https://github.com/canonical/cloud-init/pull/6265/commits/6e10240a7f0a2d6110b398640b3fd46cfa9a7cf3\n2. https://github.com/canonical/cloud-init/releases/tag/25.1.3", "creation_timestamp": "2025-06-26T09:50:41.000000Z"}, {"uuid": "b89d127c-e6db-403a-8063-529156c12671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11580", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1611/", "content": "", "creation_timestamp": "2024-11-21T05:00:00.000000Z"}, {"uuid": "cbee7c44-b868-4772-94d4-c7f1878195ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11581", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1612/", "content": "", "creation_timestamp": "2024-11-21T05:00:00.000000Z"}, {"uuid": "96673c81-1684-4ea5-b761-5a8a1cff53e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11583", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113917612320957740", "content": "", "creation_timestamp": "2025-01-30T13:46:57.417125Z"}, {"uuid": "0d62ede1-3e91-4215-8a0f-dc4f52227192", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11584", "type": "seen", "source": "https://infosec.exchange/users/harrysintonen/statuses/114727017412317995", "content": "", "creation_timestamp": "2025-06-22T12:29:19.058176Z"}, {"uuid": "ecb82261-8734-4ff1-91ad-279bf0e4341e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11584", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjkutaqxv2u", "content": "", "creation_timestamp": "2025-06-26T16:39:47.041400Z"}, {"uuid": "a5e407f4-f4c6-4b8e-a3f7-c2eb88962ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11587", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-11587.yaml", "content": "", "creation_timestamp": "2025-07-16T13:29:38.000000Z"}, {"uuid": "1cf6c6e7-fa0b-414f-b528-27c1ae4d6bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11582", "type": "seen", "source": "Telegram/8JSf9dGyHtxfQa0eQg_oCjhO0CCSYBU2rs_y1XvYFYOwvqgd", "content": "", "creation_timestamp": "2025-02-19T15:39:49.000000Z"}]}