https://vulnerability.circl.lu/sightings/feed 2026-05-09T22:39:35.045823+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4e88cf9f-9992-410c-b219-b53fbb816177/export 2026-05-09T22:39:35.292372+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "4e88cf9f-9992-410c-b219-b53fbb816177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11406", "type": "seen", "source": "https://t.me/cvedetector/11601", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-11406 - django CMS Association Stored XSS Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-11406 \nPublished : Nov. 20, 2024, 12:15 p.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This issue affects django CMS Attributes Fields: before 4.0. \nSeverity: 6.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"20 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T13:44:41.000000Z"} 2024-11-20T13:44:41+00:00 https://vulnerability.circl.lu/sighting/654f9cc8-b83b-4754-8bd2-5b387efdce34/export 2026-05-09T22:39:35.292268+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "654f9cc8-b83b-4754-8bd2-5b387efdce34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11409", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518855520040446", "content": "", "creation_timestamp": "2024-11-21T03:37:51.513407Z"} 2024-11-21T03:37:51.513407+00:00 https://vulnerability.circl.lu/sighting/3e6858e6-d9b4-4259-8963-d7ac7a896252/export 2026-05-09T22:39:35.292161+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "3e6858e6-d9b4-4259-8963-d7ac7a896252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11408", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113530475419129493", "content": "", "creation_timestamp": "2024-11-23T04:52:57.491837Z"} 2024-11-23T04:52:57.491837+00:00 https://vulnerability.circl.lu/sighting/725f1d9d-ce9e-452c-8fb8-93633e755a14/export 2026-05-09T22:39:35.292039+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "725f1d9d-ce9e-452c-8fb8-93633e755a14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11403", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113543793898596252", "content": "", "creation_timestamp": "2024-11-25T13:20:00.997656Z"} 2024-11-25T13:20:00.997656+00:00 https://vulnerability.circl.lu/sighting/71247eb6-763a-45f7-9183-d5c48df36bd7/export 2026-05-09T22:39:35.291734+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "71247eb6-763a-45f7-9183-d5c48df36bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11407", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113550360990438733", "content": "", "creation_timestamp": "2024-11-26T17:10:06.786483Z"} 2024-11-26T17:10:06.786483+00:00 https://vulnerability.circl.lu/sighting/8caeb11d-42a5-4b88-ac7c-b19f502dd084/export 2026-05-09T22:39:35.291478+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8caeb11d-42a5-4b88-ac7c-b19f502dd084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11401", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113633574304637564", "content": "", "creation_timestamp": "2024-12-11T09:52:21.326907Z"} 2024-12-11T09:52:21.326907+00:00 https://vulnerability.circl.lu/sighting/8ae47910-329a-407b-8305-e9fd0d6d2573/export 2026-05-09T22:39:35.291373+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8ae47910-329a-407b-8305-e9fd0d6d2573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11401", "type": "seen", "source": "https://t.me/cvedetector/12626", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-11401 - Rapid7 Insight Platform Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-11401 \nPublished : Dec. 11, 2024, 10:15 a.m. | 59\u00a0minutes ago \nDescription : Rapid7 Insight Platform versions prior to November 13th 2024, suffer from a privilege escalation vulnerability whereby, due to a lack of authorization checks, an attacker can successfully update the password policy in the platform settings as a standard user by crafting an API (the functionality was not possible through the platform's User Interface). This vulnerability has been fixed as of November 13th 2024. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-11T12:43:53.000000Z"} 2024-12-11T12:43:53+00:00 https://vulnerability.circl.lu/sighting/3aa318f3-1c49-494f-abf3-7166cad905e7/export 2026-05-09T22:39:35.291257+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "3aa318f3-1c49-494f-abf3-7166cad905e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11405", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/20092", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11405\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The WP Front-end login and register plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the email and wpmp_reset_password_token parameters in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-07-02T03:47:26.444Z\n\ud83d\udccf Modified: 2025-07-02T03:47:26.444Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e54c1a85-13f6-48c0-9db8-860b4b1f3e45?source=cve\n2. https://plugins.trac.wordpress.org/browser/wp-front-end-login-and-register/trunk/public/partials/wpmp-resetpassword-form.php#L58", "creation_timestamp": "2025-07-02T04:12:17.000000Z"} 2025-07-02T04:12:17+00:00 https://vulnerability.circl.lu/sighting/85494a77-a5c0-4ead-bbd5-e0d691033e66/export 2026-05-09T22:39:35.291112+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "85494a77-a5c0-4ead-bbd5-e0d691033e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11401", "type": "seen", "source": "MISP/be792712-f638-4d7d-b62d-4f5032e86764", "content": "", "creation_timestamp": "2025-09-16T23:16:38.000000Z"} 2025-09-16T23:16:38+00:00 https://vulnerability.circl.lu/sighting/f9f65a18-877f-4d32-b583-e15daa4f69be/export 2026-05-09T22:39:35.289157+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f9f65a18-877f-4d32-b583-e15daa4f69be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11401", "type": "seen", "source": "MISP/be792712-f638-4d7d-b62d-4f5032e86764", "content": "", "creation_timestamp": "2025-09-18T16:44:35.000000Z"} 2025-09-18T16:44:35+00:00