https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 11:30:12 +0000 https://vulnerability.circl.lu/sighting/cddc64f2-ec5a-4095-b50e-6becd274bc20/export {"uuid": "cddc64f2-ec5a-4095-b50e-6becd274bc20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3leyac2jt3c2y", "content": "", "creation_timestamp": "2025-01-05T08:47:34.006672Z"} {"uuid": "cddc64f2-ec5a-4095-b50e-6becd274bc20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3leyac2jt3c2y", "content": "", "creation_timestamp": "2025-01-05T08:47:34.006672Z"} https://vulnerability.circl.lu/sighting/cddc64f2-ec5a-4095-b50e-6becd274bc20/export Sun, 05 Jan 2025 08:47:34 +0000 https://vulnerability.circl.lu/sighting/fe5dad09-017b-41cc-b463-7e66f173b583/export {"uuid": "fe5dad09-017b-41cc-b463-7e66f173b583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "exploited", "source": "https://t.me/CyberBulletin/27046", "content": "\u26a1\ufe0fCVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-05T11:43:31.000000Z"} {"uuid": "fe5dad09-017b-41cc-b463-7e66f173b583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "exploited", "source": "https://t.me/CyberBulletin/27046", "content": "\u26a1\ufe0fCVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-05T11:43:31.000000Z"} https://vulnerability.circl.lu/sighting/fe5dad09-017b-41cc-b463-7e66f173b583/export Sun, 05 Jan 2025 11:43:31 +0000 https://vulnerability.circl.lu/sighting/33b1eaab-877c-4b00-a8b2-3f44d83c285c/export {"uuid": "33b1eaab-877c-4b00-a8b2-3f44d83c285c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://t.me/CyberBulletin/1941", "content": "\u26a1\ufe0fCVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-05T12:10:02.000000Z"} {"uuid": "33b1eaab-877c-4b00-a8b2-3f44d83c285c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://t.me/CyberBulletin/1941", "content": "\u26a1\ufe0fCVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-05T12:10:02.000000Z"} https://vulnerability.circl.lu/sighting/33b1eaab-877c-4b00-a8b2-3f44d83c285c/export Sun, 05 Jan 2025 12:10:02 +0000 https://vulnerability.circl.lu/sighting/3612db89-7d0b-48f0-a24a-b6fd3c92ee11/export {"uuid": "3612db89-7d0b-48f0-a24a-b6fd3c92ee11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3leyymygeac26", "content": "", "creation_timestamp": "2025-01-05T16:03:09.869948Z"} {"uuid": "3612db89-7d0b-48f0-a24a-b6fd3c92ee11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/elhackernet.extwitter.link/post/3leyymygeac26", "content": "", "creation_timestamp": "2025-01-05T16:03:09.869948Z"} https://vulnerability.circl.lu/sighting/3612db89-7d0b-48f0-a24a-b6fd3c92ee11/export Sun, 05 Jan 2025 16:03:09 +0000 https://vulnerability.circl.lu/sighting/20beb845-0dab-4491-9eef-c84c0122362a/export {"uuid": "20beb845-0dab-4491-9eef-c84c0122362a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://t.me/CyberBulletin/9354", "content": "\u26a1\ufe0fCVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-06T06:36:04.000000Z"} {"uuid": "20beb845-0dab-4491-9eef-c84c0122362a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://t.me/CyberBulletin/9354", "content": "\u26a1\ufe0fCVE-2024-10957 Exposes Over 3 Million WordPress Sites to Unauthenticated PHP Object Injection Exploits.\n\n#CyberBulletin", "creation_timestamp": "2025-01-06T06:36:04.000000Z"} https://vulnerability.circl.lu/sighting/20beb845-0dab-4491-9eef-c84c0122362a/export Mon, 06 Jan 2025 06:36:04 +0000 https://vulnerability.circl.lu/sighting/3fd26650-7fde-4c01-bba8-21ff858e829b/export {"uuid": "3fd26650-7fde-4c01-bba8-21ff858e829b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf33xdavto22", "content": "", "creation_timestamp": "2025-01-06T12:07:57.934431Z"} {"uuid": "3fd26650-7fde-4c01-bba8-21ff858e829b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf33xdavto22", "content": "", "creation_timestamp": "2025-01-06T12:07:57.934431Z"} https://vulnerability.circl.lu/sighting/3fd26650-7fde-4c01-bba8-21ff858e829b/export Mon, 06 Jan 2025 12:07:57 +0000 https://vulnerability.circl.lu/sighting/2215467b-3914-4e23-90f9-d126b900edd1/export {"uuid": "2215467b-3914-4e23-90f9-d126b900edd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://t.me/hackyourmom/10059", "content": "\ud83d\udd10 3 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0438 \u0441\u0430\u0439\u0442\u0456\u0432 WordPress \u0443 \u043d\u0435\u0431\u0435\u0437\u043f\u0435\u0446\u0456 \u0447\u0435\u0440\u0435\u0437 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c CVE-2024-10957. \u0423\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0443 \u043f\u043b\u0430\u0433\u0456\u043d\u0456 UpdraftPlus Backup & Migration \u043c\u043e\u0436\u0435 \u0434\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u0438 \u0437\u043b\u043e\u0432\u043c\u0438\u0441\u043d\u0438\u043a\u0430\u043c \u0432\u0438\u043a\u0440\u0430\u0441\u0442\u0438 \u0434\u0430\u043d\u0456 \u0430\u0431\u043e \u0432\u0438\u043a\u043e\u043d\u0430\u0442\u0438 \u0448\u043a\u0456\u0434\u043b\u0438\u0432\u0438\u0439 \u043a\u043e\u0434 \ud83c\udf10 #cybernews", "creation_timestamp": "2025-01-06T13:16:28.000000Z"} {"uuid": "2215467b-3914-4e23-90f9-d126b900edd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://t.me/hackyourmom/10059", "content": "\ud83d\udd10 3 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0438 \u0441\u0430\u0439\u0442\u0456\u0432 WordPress \u0443 \u043d\u0435\u0431\u0435\u0437\u043f\u0435\u0446\u0456 \u0447\u0435\u0440\u0435\u0437 \u0443\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c CVE-2024-10957. \u0423\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0443 \u043f\u043b\u0430\u0433\u0456\u043d\u0456 UpdraftPlus Backup & Migration \u043c\u043e\u0436\u0435 \u0434\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u0438 \u0437\u043b\u043e\u0432\u043c\u0438\u0441\u043d\u0438\u043a\u0430\u043c \u0432\u0438\u043a\u0440\u0430\u0441\u0442\u0438 \u0434\u0430\u043d\u0456 \u0430\u0431\u043e \u0432\u0438\u043a\u043e\u043d\u0430\u0442\u0438 \u0448\u043a\u0456\u0434\u043b\u0438\u0432\u0438\u0439 \u043a\u043e\u0434 \ud83c\udf10 #cybernews", "creation_timestamp": "2025-01-06T13:16:28.000000Z"} https://vulnerability.circl.lu/sighting/2215467b-3914-4e23-90f9-d126b900edd1/export Mon, 06 Jan 2025 13:16:28 +0000 https://vulnerability.circl.lu/sighting/5e0358ff-b157-43c8-b358-a5fb4088d8cb/export {"uuid": "5e0358ff-b157-43c8-b358-a5fb4088d8cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/ethicalhack3r.bsky.social/post/3lf5eb5afqs2y", "content": "", "creation_timestamp": "2025-01-07T09:41:57.331167Z"} {"uuid": "5e0358ff-b157-43c8-b358-a5fb4088d8cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/ethicalhack3r.bsky.social/post/3lf5eb5afqs2y", "content": "", "creation_timestamp": "2025-01-07T09:41:57.331167Z"} https://vulnerability.circl.lu/sighting/5e0358ff-b157-43c8-b358-a5fb4088d8cb/export Tue, 07 Jan 2025 09:41:57 +0000 https://vulnerability.circl.lu/sighting/bf533f97-e2ca-401b-b61f-5042f88e4f88/export {"uuid": "bf533f97-e2ca-401b-b61f-5042f88e4f88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lgaaqd3mgd2i", "content": "", "creation_timestamp": "2025-01-21T06:42:02.011563Z"} {"uuid": "bf533f97-e2ca-401b-b61f-5042f88e4f88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10957", "type": "seen", "source": "https://bsky.app/profile/decrypt.lol/post/3lgaaqd3mgd2i", "content": "", "creation_timestamp": "2025-01-21T06:42:02.011563Z"} https://vulnerability.circl.lu/sighting/bf533f97-e2ca-401b-b61f-5042f88e4f88/export Tue, 21 Jan 2025 06:42:02 +0000 https://vulnerability.circl.lu/sighting/b9956592-c8fe-4da0-811e-ff8aa30947d6/export {"uuid": "b9956592-c8fe-4da0-811e-ff8aa30947d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10956", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8180", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10956\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L)\n\ud83d\udd39 Description: GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). This vulnerability allows an attacker to hijack an existing WebSocket connection between the victim's browser and the server, enabling unauthorized actions such as deleting conversation history without the victim's consent. The issue arises due to insufficient WebSocket authentication and lack of origin validation.\n\ud83d\udccf Published: 2025-03-20T10:11:39.829Z\n\ud83d\udccf Modified: 2025-03-20T10:11:39.829Z\n\ud83d\udd17 References:\n1. https://huntr.com/bounties/0f8403ad-5f60-4eb9-9f51-8fbd2e41eda4", "creation_timestamp": "2025-03-20T10:19:17.000000Z"} {"uuid": "b9956592-c8fe-4da0-811e-ff8aa30947d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10956", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8180", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10956\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L)\n\ud83d\udd39 Description: GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). This vulnerability allows an attacker to hijack an existing WebSocket connection between the victim's browser and the server, enabling unauthorized actions such as deleting conversation history without the victim's consent. The issue arises due to insufficient WebSocket authentication and lack of origin validation.\n\ud83d\udccf Published: 2025-03-20T10:11:39.829Z\n\ud83d\udccf Modified: 2025-03-20T10:11:39.829Z\n\ud83d\udd17 References:\n1. https://huntr.com/bounties/0f8403ad-5f60-4eb9-9f51-8fbd2e41eda4", "creation_timestamp": "2025-03-20T10:19:17.000000Z"} https://vulnerability.circl.lu/sighting/b9956592-c8fe-4da0-811e-ff8aa30947d6/export Thu, 20 Mar 2025 10:19:17 +0000