https://vulnerability.circl.lu/sightings/feed 2026-06-05T00:28:56.857124+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/aa991d85-bf09-436c-9b39-cbac57914c57/export 2026-06-05T00:28:57.087833+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "aa991d85-bf09-436c-9b39-cbac57914c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10176", "type": "seen", "source": "https://t.me/cvedetector/8786", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10176 - \"Compact WP Audio Player Stored Cross-Site Scripting Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-10176 \nPublished : Oct. 24, 2024, 11:15 a.m. | 40\u00a0minutes ago \nDescription : The Compact WP Audio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's \nsc_embed_player shortcode in all versions up to, and including, 1.9.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T14:18:32.000000Z"} 2024-10-24T14:18:32+00:00 https://vulnerability.circl.lu/sighting/cbba414e-3777-49b9-b167-8ba164f9d09b/export 2026-06-05T00:28:57.087768+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "cbba414e-3777-49b9-b167-8ba164f9d09b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10179", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113468664403749745", "content": "", "creation_timestamp": "2024-11-12T06:53:35.909040Z"} 2024-11-12T06:53:35.909040+00:00 https://vulnerability.circl.lu/sighting/fe9c5648-250a-410f-b0fb-be83ff77e4f9/export 2026-06-05T00:28:57.087680+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "fe9c5648-250a-410f-b0fb-be83ff77e4f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10179", "type": "seen", "source": "https://t.me/cvedetector/10593", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10179 - Slickstream Engagement and Conversions: Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10179 \nPublished : Nov. 12, 2024, 7:15 a.m. | 30\u00a0minutes ago \nDescription : The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T08:50:25.000000Z"} 2024-11-12T08:50:25+00:00 https://vulnerability.circl.lu/sighting/572a16df-538d-42ad-9091-694f4eb0d38a/export 2026-06-05T00:28:57.087596+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "572a16df-538d-42ad-9091-694f4eb0d38a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10174", "type": "seen", "source": "https://t.me/cvedetector/10796", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10174 - WordPress Project Manager Insecure Direct Object Reference\", \n \"Content\": \"CVE ID : CVE-2024-10174 \nPublished : Nov. 13, 2024, 4:15 a.m. | 23\u00a0minutes ago \nDescription : The WP Project Manager \u2013 Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.13 via the 'Abstract_Permission' class due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to spoof their identity to that of an administrator and access all of the plugins REST routes. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T05:48:04.000000Z"} 2024-11-13T05:48:04+00:00 https://vulnerability.circl.lu/sighting/824bbb0c-6520-48b2-87e1-cd52f3a753ab/export 2026-06-05T00:28:57.087519+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "824bbb0c-6520-48b2-87e1-cd52f3a753ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10172", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518619341005576", "content": "", "creation_timestamp": "2024-11-21T02:37:47.956736Z"} 2024-11-21T02:37:47.956736+00:00 https://vulnerability.circl.lu/sighting/8620ab08-8799-40ad-b492-b875a41f446c/export 2026-06-05T00:28:57.087443+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "8620ab08-8799-40ad-b492-b875a41f446c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10177", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113518619354920860", "content": "", "creation_timestamp": "2024-11-21T02:37:48.628659Z"} 2024-11-21T02:37:48.628659+00:00 https://vulnerability.circl.lu/sighting/be6ea750-7719-4083-9c6c-6b2f4e8c2ed6/export 2026-06-05T00:28:57.087360+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "be6ea750-7719-4083-9c6c-6b2f4e8c2ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10175", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113553563418668231", "content": "", "creation_timestamp": "2024-11-27T06:44:33.823127Z"} 2024-11-27T06:44:33.823127+00:00 https://vulnerability.circl.lu/sighting/3a3daa43-2f1c-4730-b0a1-b0052a1e8c39/export 2026-06-05T00:28:57.087271+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3a3daa43-2f1c-4730-b0a1-b0052a1e8c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10178", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113598339968002118", "content": "", "creation_timestamp": "2024-12-05T04:31:47.927111Z"} 2024-12-05T04:31:47.927111+00:00 https://vulnerability.circl.lu/sighting/565ec300-28c6-4511-be6c-7939adb86c9d/export 2026-06-05T00:28:57.087166+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "565ec300-28c6-4511-be6c-7939adb86c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10178", "type": "seen", "source": "https://t.me/cvedetector/12063", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10178 - The Gutentor \u2013 Gutenberg Blocks \u2013 Page Builder for\", \n \"Content\": \"CVE ID : CVE-2024-10178 \nPublished : Dec. 5, 2024, 5:15 a.m. | 36\u00a0minutes ago \nDescription : The Gutentor \u2013 Gutenberg Blocks \u2013 Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 3.3.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T06:59:16.000000Z"} 2024-12-05T06:59:16+00:00 https://vulnerability.circl.lu/sighting/b5555f77-fd85-4dbe-a80c-fb18641b7c4a/export 2026-06-05T00:28:57.084528+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b5555f77-fd85-4dbe-a80c-fb18641b7c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10174", "type": "seen", "source": "Telegram/jG0qnbvX7fTNybHA2Dm9xh0V2CY1RIXz7iuktVVzWNHDLRcS", "content": "", "creation_timestamp": "2025-02-06T02:44:19.000000Z"} 2025-02-06T02:44:19+00:00