{"vulnerability": "cve-2024-4932", "sightings": [{"uuid": "b7afaf5a-4567-42d1-b906-9cc0a14f7051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49328", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3422", "content": "https://github.com/RandomRobbieBF/CVE-2024-49328\n\nWP REST API FNS <= 1.0.0 - Privilege Escalation\n#github #exploit #poc", "creation_timestamp": "2024-11-07T17:02:41.000000Z"}, {"uuid": "1e343615-8f2d-4f8c-b95c-3558f49e970f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49328", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11404", "content": "#exploit\n1. CVE-2024-49328\nWP REST API FNS <= 1.0 - Privilege Escalation\nhttps://github.com/RandomRobbieBF/CVE-2024-49328\n\n2. CVE-2024-44258:\nSymlink Vulnerability in Apple ManagedConfiguration Framework\nhttps://github.com/ifpdz/CVE-2024-44258", "creation_timestamp": "2024-11-07T18:35:05.000000Z"}, {"uuid": "7c6967c8-7bb2-40ad-bbbb-95b4aa39c135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49327", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miibuj4owf2r", "content": "", "creation_timestamp": "2026-04-02T03:40:09.075306Z"}, {"uuid": "b3cef187-ecfa-4a30-9b20-2af435252674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49329", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miicygng222u", "content": "", "creation_timestamp": "2026-04-02T04:00:14.319769Z"}, {"uuid": "9b6bab41-f77b-4706-9630-59f120cdcd80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49326", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miie42ndia23", "content": "", "creation_timestamp": "2026-04-02T04:20:09.854678Z"}, {"uuid": "c455bdd2-6827-4702-8a6a-138a952fb5c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49328", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miiil3eltr23", "content": "", "creation_timestamp": "2026-04-02T05:40:09.001954Z"}, {"uuid": "d9353c8d-0f35-4787-8feb-ca3b4d3eee8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49328", "type": "seen", "source": "https://t.me/cvedetector/8396", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49328 - Vivek Tamrakar WP REST API FNS Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49328 \nPublished : Oct. 20, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T10:44:06.000000Z"}, {"uuid": "9f9cd8a2-8bb6-4043-9ddd-5519207ae961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49321", "type": "seen", "source": "https://t.me/cvedetector/8462", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49321 - Colorlib Simple Custom Post Order Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49321 \nPublished : Oct. 21, 2024, 12:15 p.m. | 41\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Colorlib Simple Custom Post Order allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Custom Post Order: from n/a through 2.5.7. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T15:09:45.000000Z"}, {"uuid": "7c943e52-237e-416c-91d2-216cd53f3813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49326", "type": "seen", "source": "https://t.me/cvedetector/8414", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49326 - Vasilis Kerasiotis Affiliator Remote File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49326 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:35.000000Z"}, {"uuid": "94a30d96-1107-4e91-94e1-ce5081833561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49324", "type": "seen", "source": "https://t.me/cvedetector/8413", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49324 - Sovratec Case Management Unvalidated File Upload RCE\", \n  \"Content\": \"CVE ID : CVE-2024-49324 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:34.000000Z"}, {"uuid": "056206f2-3610-4ce9-b798-ee1fbd645881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49322", "type": "seen", "source": "https://t.me/cvedetector/8203", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49322 - CodePassenger Job Board Manager for WordPress Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49322 \nPublished : Oct. 17, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : Incorrect Privilege Assignment vulnerability in CodePassenger Job Board Manager for WordPress allows Privilege Escalation.This issue affects Job Board Manager for WordPress: from n/a through 1.0. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T20:49:34.000000Z"}, {"uuid": "e03faa60-f74d-4317-b766-9b252f1542ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49320", "type": "seen", "source": "https://t.me/cvedetector/8165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49320 - Dennis Hoppe Encyclopedia Diagram XSS\", \n  \"Content\": \"CVE ID : CVE-2024-49320 \nPublished : Oct. 17, 2024, 12:15 p.m. | 40\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dennis Hoppe Encyclopedia / Glossary / Wiki allows Reflected XSS.This issue affects Encyclopedia / Glossary / Wiki: from n/a through 1.7.60. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T14:58:08.000000Z"}, {"uuid": "0555e3fc-577b-4c41-bf98-c9c24b23fe4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49325", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miksdfzxke2r", "content": "", "creation_timestamp": "2026-04-03T03:40:08.391891Z"}, {"uuid": "5cb01e0e-bf19-47ef-9bd1-cf0fdd2cb259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49325", "type": "seen", "source": "https://t.me/cvedetector/8436", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49325 - Adobe Photo Gallery Builder Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49325 \nPublished : Oct. 20, 2024, 11:15 a.m. | 44\u00a0minutes ago \nDescription : Subscriber Broken Access Control in Photo Gallery Builder <=\nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T14:05:13.000000Z"}, {"uuid": "7944e727-597d-45f2-929a-395f332049d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49327", "type": "seen", "source": "https://t.me/cvedetector/8412", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49327 - Woostagram Connect File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49327 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:33.000000Z"}, {"uuid": "e7d57e37-31dd-4d48-b946-c3e6dc8140e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49329", "type": "seen", "source": "https://t.me/cvedetector/8411", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49329 - Vivek Tamrakar WP REST API FNS Unrestricted Upload of File with Dangerous Type RCE\", \n  \"Content\": \"CVE ID : CVE-2024-49329 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:33.000000Z"}, {"uuid": "3be1b4e2-2f0a-4b65-9daf-65a761b40ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49323", "type": "seen", "source": "https://t.me/cvedetector/8395", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49323 - Sourav All in One Slider Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-49323 \nPublished : Oct. 20, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sourav All in One Slider allows Reflected XSS.This issue affects All in One Slider: from n/a through 1.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T10:44:05.000000Z"}]}