Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 12:41:48 +0000 f05c9dc9-68ae-4008-942c-886a51b1283c https://vulnerability.circl.lu/sighting/f05c9dc9-68ae-4008-942c-886a51b1283c/export {"uuid": "f05c9dc9-68ae-4008-942c-886a51b1283c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113808537703434993", "content": "", "creation_timestamp": "2025-01-11T07:27:51.665653Z"} {"uuid": "f05c9dc9-68ae-4008-942c-886a51b1283c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113808537703434993", "content": "", "creation_timestamp": "2025-01-11T07:27:51.665653Z"} https://vulnerability.circl.lu/sighting/f05c9dc9-68ae-4008-942c-886a51b1283c/export Sat, 11 Jan 2025 07:27:51 +0000 75a1ee16-5eac-4ab1-b618-4058d2b9091d https://vulnerability.circl.lu/sighting/75a1ee16-5eac-4ab1-b618-4058d2b9091d/export {"uuid": "75a1ee16-5eac-4ab1-b618-4058d2b9091d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1287", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11874\n\ud83d\udd39 Description: The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-11T07:21:51.502Z\n\ud83d\udccf Modified: 2025-01-11T07:21:51.502Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/7fc20069-5c1d-481a-b0fd-6f29ed6b41ee?source=cve\n2. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L98\n3. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L445\n4. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L310\n5. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-accordion-renderer.php#L172", "creation_timestamp": "2025-01-11T08:04:15.000000Z"} {"uuid": "75a1ee16-5eac-4ab1-b618-4058d2b9091d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1287", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11874\n\ud83d\udd39 Description: The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-11T07:21:51.502Z\n\ud83d\udccf Modified: 2025-01-11T07:21:51.502Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/7fc20069-5c1d-481a-b0fd-6f29ed6b41ee?source=cve\n2. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L98\n3. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L445\n4. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-grid-accordion.php#L310\n5. https://plugins.trac.wordpress.org/browser/grid-accordion-lite/tags/1.5.1/public/class-accordion-renderer.php#L172", "creation_timestamp": "2025-01-11T08:04:15.000000Z"} https://vulnerability.circl.lu/sighting/75a1ee16-5eac-4ab1-b618-4058d2b9091d/export Sat, 11 Jan 2025 08:04:15 +0000 764788cc-d44c-48d7-a91a-e858453cd7b0 https://vulnerability.circl.lu/sighting/764788cc-d44c-48d7-a91a-e858453cd7b0/export {"uuid": "764788cc-d44c-48d7-a91a-e858453cd7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhbctciua25", "content": "", "creation_timestamp": "2025-01-11T08:15:48.691188Z"} {"uuid": "764788cc-d44c-48d7-a91a-e858453cd7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhbctciua25", "content": "", "creation_timestamp": "2025-01-11T08:15:48.691188Z"} https://vulnerability.circl.lu/sighting/764788cc-d44c-48d7-a91a-e858453cd7b0/export Sat, 11 Jan 2025 08:15:48 +0000 8c15ab88-f6de-4455-ac0b-b72bbd671650 https://vulnerability.circl.lu/sighting/8c15ab88-f6de-4455-ac0b-b72bbd671650/export {"uuid": "8c15ab88-f6de-4455-ac0b-b72bbd671650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://t.me/cvedetector/15050", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-11874 - Wordpress Grid Accordion Lite Stored Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2024-11874 \nPublished : Jan. 11, 2025, 8:15 a.m. | 33\u00a0minutes ago \nDescription : The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T09:54:16.000000Z"} {"uuid": "8c15ab88-f6de-4455-ac0b-b72bbd671650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11874", "type": "seen", "source": "https://t.me/cvedetector/15050", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-11874 - Wordpress Grid Accordion Lite Stored Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2024-11874 \nPublished : Jan. 11, 2025, 8:15 a.m. | 33\u00a0minutes ago \nDescription : The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T09:54:16.000000Z"} https://vulnerability.circl.lu/sighting/8c15ab88-f6de-4455-ac0b-b72bbd671650/export Sat, 11 Jan 2025 09:54:16 +0000 c0c8193c-d87f-4033-9000-8d5cb44cab0b https://vulnerability.circl.lu/sighting/c0c8193c-d87f-4033-9000-8d5cb44cab0b/export {"uuid": "c0c8193c-d87f-4033-9000-8d5cb44cab0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113831144031216859", "content": "", "creation_timestamp": "2025-01-15T07:16:56.197643Z"} {"uuid": "c0c8193c-d87f-4033-9000-8d5cb44cab0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113831144031216859", "content": "", "creation_timestamp": "2025-01-15T07:16:56.197643Z"} https://vulnerability.circl.lu/sighting/c0c8193c-d87f-4033-9000-8d5cb44cab0b/export Wed, 15 Jan 2025 07:16:56 +0000 8b1db30b-a1ce-471e-bfed-646a63c5fed8 https://vulnerability.circl.lu/sighting/8b1db30b-a1ce-471e-bfed-646a63c5fed8/export {"uuid": "8b1db30b-a1ce-471e-bfed-646a63c5fed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrd6be66w2p", "content": "", "creation_timestamp": "2025-01-15T08:15:40.975797Z"} {"uuid": "8b1db30b-a1ce-471e-bfed-646a63c5fed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrd6be66w2p", "content": "", "creation_timestamp": "2025-01-15T08:15:40.975797Z"} https://vulnerability.circl.lu/sighting/8b1db30b-a1ce-471e-bfed-646a63c5fed8/export Wed, 15 Jan 2025 08:15:40 +0000 71053ef2-e896-44ff-a674-e59e16d82c1d https://vulnerability.circl.lu/sighting/71053ef2-e896-44ff-a674-e59e16d82c1d/export {"uuid": "71053ef2-e896-44ff-a674-e59e16d82c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1712", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11870\n\ud83d\udd39 Description: The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-15T07:10:46.770Z\n\ud83d\udccf Modified: 2025-01-15T07:10:46.770Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e8cadb97-2f3e-4b00-ad00-118cf23d1592?source=cve\n2. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L22\n3. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L50\n4. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L91\n5. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L129", "creation_timestamp": "2025-01-15T08:29:35.000000Z"} {"uuid": "71053ef2-e896-44ff-a674-e59e16d82c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1712", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11870\n\ud83d\udd39 Description: The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-15T07:10:46.770Z\n\ud83d\udccf Modified: 2025-01-15T07:10:46.770Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e8cadb97-2f3e-4b00-ad00-118cf23d1592?source=cve\n2. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L22\n3. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L50\n4. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L91\n5. https://plugins.trac.wordpress.org/browser/event-registration-calendar-by-vcita/trunk/core/shortcodes.php#L129", "creation_timestamp": "2025-01-15T08:29:35.000000Z"} https://vulnerability.circl.lu/sighting/71053ef2-e896-44ff-a674-e59e16d82c1d/export Wed, 15 Jan 2025 08:29:35 +0000 fa8b2c06-b2c3-4e51-914f-97ef700c97ee https://vulnerability.circl.lu/sighting/fa8b2c06-b2c3-4e51-914f-97ef700c97ee/export {"uuid": "fa8b2c06-b2c3-4e51-914f-97ef700c97ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfreywewnc2w", "content": "", "creation_timestamp": "2025-01-15T08:48:29.686727Z"} {"uuid": "fa8b2c06-b2c3-4e51-914f-97ef700c97ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfreywewnc2w", "content": "", "creation_timestamp": "2025-01-15T08:48:29.686727Z"} https://vulnerability.circl.lu/sighting/fa8b2c06-b2c3-4e51-914f-97ef700c97ee/export Wed, 15 Jan 2025 08:48:29 +0000 7cd40cc0-5e6e-4d36-a7ec-8ac07ea890e0 https://vulnerability.circl.lu/sighting/7cd40cc0-5e6e-4d36-a7ec-8ac07ea890e0/export {"uuid": "7cd40cc0-5e6e-4d36-a7ec-8ac07ea890e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://t.me/cvedetector/15413", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-11870 - Vcita Event Registration Calendar by WordPress Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-11870 \nPublished : Jan. 15, 2025, 8:15 a.m. | 45\u00a0minutes ago \nDescription : The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T10:05:22.000000Z"} {"uuid": "7cd40cc0-5e6e-4d36-a7ec-8ac07ea890e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11870", "type": "seen", "source": "https://t.me/cvedetector/15413", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-11870 - Vcita Event Registration Calendar by WordPress Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-11870 \nPublished : Jan. 15, 2025, 8:15 a.m. | 45\u00a0minutes ago \nDescription : The Event Registration Calendar By vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T10:05:22.000000Z"} https://vulnerability.circl.lu/sighting/7cd40cc0-5e6e-4d36-a7ec-8ac07ea890e0/export Wed, 15 Jan 2025 10:05:22 +0000 e2355df0-9748-428e-818a-35d58f5d5abf https://vulnerability.circl.lu/sighting/e2355df0-9748-428e-818a-35d58f5d5abf/export {"uuid": "e2355df0-9748-428e-818a-35d58f5d5abf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11879", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7714", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11879\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-12-14T04:23:40.550Z\n\ud83d\udccf Modified: 2025-03-16T14:46:33.264Z\n\ud83d\udd17 References:\nNo references available.", "creation_timestamp": "2025-03-16T15:46:19.000000Z"} {"uuid": "e2355df0-9748-428e-818a-35d58f5d5abf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11879", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7714", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11879\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-12-14T04:23:40.550Z\n\ud83d\udccf Modified: 2025-03-16T14:46:33.264Z\n\ud83d\udd17 References:\nNo references available.", "creation_timestamp": "2025-03-16T15:46:19.000000Z"} https://vulnerability.circl.lu/sighting/e2355df0-9748-428e-818a-35d58f5d5abf/export Sun, 16 Mar 2025 15:46:19 +0000