https://vulnerability.circl.lu/sightings/feed 2026-06-26T21:23:33.589980+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/e2985d88-58fd-45bb-b9fc-a75c4f68f01d/export 2026-06-26T21:23:33.618479+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e2985d88-58fd-45bb-b9fc-a75c4f68f01d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49296", "type": "seen", "source": "https://t.me/cvedetector/8230", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49296 - Coder426 Custom Add to Cart Button XSS Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-49296 \nPublished : Oct. 17, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Coder426 Custom Add to Cart Button Label and Link allows Stored XSS.This issue affects Custom Add to Cart Button Label and Link: from n/a through 1.6.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T21:40:19.000000Z"} 2024-10-17T21:40:19+00:00 https://vulnerability.circl.lu/sighting/005e94fc-df7f-45af-b4d6-1a46853a33ae/export 2026-06-26T21:23:33.618367+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "005e94fc-df7f-45af-b4d6-1a46853a33ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49298", "type": "seen", "source": "https://t.me/cvedetector/8231", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49298 - PeproDev Ultimate Invoice Cross-site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2024-49298 \nPublished : Oct. 17, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice allows Stored XSS.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T21:40:20.000000Z"} 2024-10-17T21:40:20+00:00 https://vulnerability.circl.lu/sighting/293e9019-93fd-41f1-9185-1691a502f183/export 2026-06-26T21:23:33.618258+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "293e9019-93fd-41f1-9185-1691a502f183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49292", "type": "seen", "source": "https://t.me/cvedetector/8234", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49292 - Exclusive Addons Elementor Stored XSS\", \n \"Content\": \"CVE ID : CVE-2024-49292 \nPublished : Oct. 17, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.7.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T21:40:25.000000Z"} 2024-10-17T21:40:25+00:00 https://vulnerability.circl.lu/sighting/947a78f9-ccc6-4a8c-8bea-f0d689e4bd3e/export 2026-06-26T21:23:33.618147+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "947a78f9-ccc6-4a8c-8bea-f0d689e4bd3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49295", "type": "seen", "source": "https://t.me/cvedetector/8236", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49295 - PressTigers Simple Testimonials Showcase Cross-site Scripting\", \n \"Content\": \"CVE ID : CVE-2024-49295 \nPublished : Oct. 17, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PressTigers Simple Testimonials Showcase.This issue affects Simple Testimonials Showcase: from n/a through 1.1.6. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T21:40:27.000000Z"} 2024-10-17T21:40:27+00:00 https://vulnerability.circl.lu/sighting/d3c918ba-a410-4507-87d9-b9c6c2ccf776/export 2026-06-26T21:23:33.618036+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "d3c918ba-a410-4507-87d9-b9c6c2ccf776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49290", "type": "seen", "source": "https://t.me/cvedetector/8434", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49290 - Gora Tech LLC Cooked Pro CSRF\", \n \"Content\": \"CVE ID : CVE-2024-49290 \nPublished : Oct. 20, 2024, 11:15 a.m. | 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"20 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T14:05:08.000000Z"} 2024-10-20T14:05:08+00:00 https://vulnerability.circl.lu/sighting/03ee21c1-4ce2-4557-adf8-b247025efb3b/export 2026-06-26T21:23:33.617916+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "03ee21c1-4ce2-4557-adf8-b247025efb3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49293", "type": "seen", "source": "https://t.me/cvedetector/8455", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49293 - Rextheme WP VR Missing Authorization Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-49293 \nPublished : Oct. 21, 2024, 12:15 p.m. | 41\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through 8.5.4. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T15:09:36.000000Z"} 2024-10-21T15:09:36+00:00 https://vulnerability.circl.lu/sighting/3e1cd4bc-19da-427b-bbb1-dd2ac42f62b0/export 2026-06-26T21:23:33.617804+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3e1cd4bc-19da-427b-bbb1-dd2ac42f62b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49294", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113786703691101687", "content": "", "creation_timestamp": "2025-01-07T10:55:10.582850Z"} 2025-01-07T10:55:10.582850+00:00 https://vulnerability.circl.lu/sighting/b1e9dac5-c99f-4043-b784-23a7051249f5/export 2026-06-26T21:23:33.617696+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b1e9dac5-c99f-4043-b784-23a7051249f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49294", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jimb4f625", "content": "", "creation_timestamp": "2025-01-07T11:15:35.172736Z"} 2025-01-07T11:15:35.172736+00:00 https://vulnerability.circl.lu/sighting/b9bad33d-9d82-4ffc-ba2b-98be241e04c5/export 2026-06-26T21:23:33.617526+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b9bad33d-9d82-4ffc-ba2b-98be241e04c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49294", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jimb4f625", "content": "", "creation_timestamp": "2025-01-07T11:15:35.187310Z"} 2025-01-07T11:15:35.187310+00:00 https://vulnerability.circl.lu/sighting/e16fff23-ffd5-4944-947c-73ff09cbcb4c/export 2026-06-26T21:23:33.614285+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e16fff23-ffd5-4944-947c-73ff09cbcb4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49294", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/398", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49294\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.4.3.\n\ud83d\udccf Published: 2025-01-07T10:49:34.068Z\n\ud83d\udccf Modified: 2025-01-07T10:49:34.068Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/bus-ticket-booking-with-seat-reservation/vulnerability/wordpress-wpbusticketly-plugin-5-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T11:37:55.000000Z"} 2025-01-07T11:37:55+00:00