Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 17:21:20 +0000 1b2ff581-f5eb-4ed0-bd9c-3845e09d7228 https://vulnerability.circl.lu/sighting/1b2ff581-f5eb-4ed0-bd9c-3845e09d7228/export {"uuid": "1b2ff581-f5eb-4ed0-bd9c-3845e09d7228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13468", "type": "seen", "source": "Telegram/rff-tJCtuJ46yvxQW4LLz6LSbaZzNG_Lz1Yi2Ll1Xlt18CW7", "content": "", "creation_timestamp": "2025-02-19T15:39:51.000000Z"} {"uuid": "1b2ff581-f5eb-4ed0-bd9c-3845e09d7228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13468", "type": "seen", "source": "Telegram/rff-tJCtuJ46yvxQW4LLz6LSbaZzNG_Lz1Yi2Ll1Xlt18CW7", "content": "", "creation_timestamp": "2025-02-19T15:39:51.000000Z"} https://vulnerability.circl.lu/sighting/1b2ff581-f5eb-4ed0-bd9c-3845e09d7228/export Wed, 19 Feb 2025 15:39:51 +0000 4b2ffdbd-9fab-4ba6-a1c0-eca4ca244faf https://vulnerability.circl.lu/sighting/4b2ffdbd-9fab-4ba6-a1c0-eca4ca244faf/export {"uuid": "4b2ffdbd-9fab-4ba6-a1c0-eca4ca244faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13461", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4874", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13461\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'autoship-create-scheduled-order-action' shortcode in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-21T09:21:05.066Z\n\ud83d\udccf Modified: 2025-02-21T09:21:05.066Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/0ae16c4e-0151-4414-8612-ec8eb92505fd?source=cve\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3242136%40autoship-cloud&new=3242136%40autoship-cloud&sfp_email=&sfph_mail=", "creation_timestamp": "2025-02-21T10:20:23.000000Z"} {"uuid": "4b2ffdbd-9fab-4ba6-a1c0-eca4ca244faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13461", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4874", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13461\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'autoship-create-scheduled-order-action' shortcode in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-21T09:21:05.066Z\n\ud83d\udccf Modified: 2025-02-21T09:21:05.066Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/0ae16c4e-0151-4414-8612-ec8eb92505fd?source=cve\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3242136%40autoship-cloud&new=3242136%40autoship-cloud&sfp_email=&sfph_mail=", "creation_timestamp": "2025-02-21T10:20:23.000000Z"} https://vulnerability.circl.lu/sighting/4b2ffdbd-9fab-4ba6-a1c0-eca4ca244faf/export Fri, 21 Feb 2025 10:20:23 +0000 74440143-2b9a-4dde-830f-23cdf032a07d https://vulnerability.circl.lu/sighting/74440143-2b9a-4dde-830f-23cdf032a07d/export {"uuid": "74440143-2b9a-4dde-830f-23cdf032a07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13461", "type": "seen", "source": "Telegram/A-pofhxUOYPGw641gkjHKGHd-AV-9FAmSJHnetNvNqh4uW74", "content": "", "creation_timestamp": "2025-02-21T12:35:18.000000Z"} {"uuid": "74440143-2b9a-4dde-830f-23cdf032a07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13461", "type": "seen", "source": "Telegram/A-pofhxUOYPGw641gkjHKGHd-AV-9FAmSJHnetNvNqh4uW74", "content": "", "creation_timestamp": "2025-02-21T12:35:18.000000Z"} https://vulnerability.circl.lu/sighting/74440143-2b9a-4dde-830f-23cdf032a07d/export Fri, 21 Feb 2025 12:35:18 +0000 08b5d09d-e7b3-4a8b-a299-5c9b869d967c https://vulnerability.circl.lu/sighting/08b5d09d-e7b3-4a8b-a299-5c9b869d967c/export {"uuid": "08b5d09d-e7b3-4a8b-a299-5c9b869d967c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13461", "type": "seen", "source": "https://t.me/cvedetector/18645", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13461 - Autoship Cloud for WooCommerce Subscription Products Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13461 \nPublished : Feb. 21, 2025, 10:15 a.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'autoship-create-scheduled-order-action' shortcode in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T13:55:33.000000Z"} {"uuid": "08b5d09d-e7b3-4a8b-a299-5c9b869d967c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13461", "type": "seen", "source": "https://t.me/cvedetector/18645", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13461 - Autoship Cloud for WooCommerce Subscription Products Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13461 \nPublished : Feb. 21, 2025, 10:15 a.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'autoship-create-scheduled-order-action' shortcode in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T13:55:33.000000Z"} https://vulnerability.circl.lu/sighting/08b5d09d-e7b3-4a8b-a299-5c9b869d967c/export Fri, 21 Feb 2025 13:55:33 +0000 91593dc9-c208-4b90-bbdd-8046593ccb92 https://vulnerability.circl.lu/sighting/91593dc9-c208-4b90-bbdd-8046593ccb92/export {"uuid": "91593dc9-c208-4b90-bbdd-8046593ccb92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13465", "type": "seen", "source": "Telegram/54Tpp5BNRg2I7n1sBztHm0SCcq8j8DyUQs6Ws4usItbp0zYP", "content": "", "creation_timestamp": "2025-02-21T22:10:24.000000Z"} {"uuid": "91593dc9-c208-4b90-bbdd-8046593ccb92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13465", "type": "seen", "source": "Telegram/54Tpp5BNRg2I7n1sBztHm0SCcq8j8DyUQs6Ws4usItbp0zYP", "content": "", "creation_timestamp": "2025-02-21T22:10:24.000000Z"} https://vulnerability.circl.lu/sighting/91593dc9-c208-4b90-bbdd-8046593ccb92/export Fri, 21 Feb 2025 22:10:24 +0000 f4d32fc9-1a86-452f-ba75-18216af6814a https://vulnerability.circl.lu/sighting/f4d32fc9-1a86-452f-ba75-18216af6814a/export {"uuid": "f4d32fc9-1a86-452f-ba75-18216af6814a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5863", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13469\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-28T08:23:15.555Z\n\ud83d\udccf Modified: 2025-02-28T08:23:15.555Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/5239c414-cd1d-4257-9f8e-e7a92c2119f9?source=cve\n2. https://wordpress.org/plugins/pricingtable/", "creation_timestamp": "2025-02-28T09:27:36.000000Z"} {"uuid": "f4d32fc9-1a86-452f-ba75-18216af6814a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5863", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13469\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-28T08:23:15.555Z\n\ud83d\udccf Modified: 2025-02-28T08:23:15.555Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/5239c414-cd1d-4257-9f8e-e7a92c2119f9?source=cve\n2. https://wordpress.org/plugins/pricingtable/", "creation_timestamp": "2025-02-28T09:27:36.000000Z"} https://vulnerability.circl.lu/sighting/f4d32fc9-1a86-452f-ba75-18216af6814a/export Fri, 28 Feb 2025 09:27:36 +0000 fcc457a0-f840-4d18-b0ca-07df13ce130e https://vulnerability.circl.lu/sighting/fcc457a0-f840-4d18-b0ca-07df13ce130e/export {"uuid": "fcc457a0-f840-4d18-b0ca-07df13ce130e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lja4mexiwb2y", "content": "", "creation_timestamp": "2025-02-28T09:43:49.600479Z"} {"uuid": "fcc457a0-f840-4d18-b0ca-07df13ce130e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lja4mexiwb2y", "content": "", "creation_timestamp": "2025-02-28T09:43:49.600479Z"} https://vulnerability.circl.lu/sighting/fcc457a0-f840-4d18-b0ca-07df13ce130e/export Fri, 28 Feb 2025 09:43:49 +0000 c1c17dfc-803c-4b19-b6fa-2d15c6449880 https://vulnerability.circl.lu/sighting/c1c17dfc-803c-4b19-b6fa-2d15c6449880/export {"uuid": "c1c17dfc-803c-4b19-b6fa-2d15c6449880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "https://t.me/cvedetector/19146", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13469 - WordPress PickPlugins Pricing Table Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13469 \nPublished : Feb. 28, 2025, 9:15 a.m. | 51\u00a0minutes ago \nDescription : The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T11:10:39.000000Z"} {"uuid": "c1c17dfc-803c-4b19-b6fa-2d15c6449880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "https://t.me/cvedetector/19146", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13469 - WordPress PickPlugins Pricing Table Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13469 \nPublished : Feb. 28, 2025, 9:15 a.m. | 51\u00a0minutes ago \nDescription : The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T11:10:39.000000Z"} https://vulnerability.circl.lu/sighting/c1c17dfc-803c-4b19-b6fa-2d15c6449880/export Fri, 28 Feb 2025 11:10:39 +0000 147ecd45-55b7-47fa-a5af-7b6a2a3f136c https://vulnerability.circl.lu/sighting/147ecd45-55b7-47fa-a5af-7b6a2a3f136c/export {"uuid": "147ecd45-55b7-47fa-a5af-7b6a2a3f136c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "Telegram/ds_oPvImO8eDTy436x3EIYX6iAtNWnfUR2DNRBr-lJx0f3lB", "content": "", "creation_timestamp": "2025-03-02T11:44:22.000000Z"} {"uuid": "147ecd45-55b7-47fa-a5af-7b6a2a3f136c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13469", "type": "seen", "source": "Telegram/ds_oPvImO8eDTy436x3EIYX6iAtNWnfUR2DNRBr-lJx0f3lB", "content": "", "creation_timestamp": "2025-03-02T11:44:22.000000Z"} https://vulnerability.circl.lu/sighting/147ecd45-55b7-47fa-a5af-7b6a2a3f136c/export Sun, 02 Mar 2025 11:44:22 +0000 82770d7c-6f11-457d-b01f-314df7827950 https://vulnerability.circl.lu/sighting/82770d7c-6f11-457d-b01f-314df7827950/export {"uuid": "82770d7c-6f11-457d-b01f-314df7827950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13466", "type": "seen", "source": "MISP/ca7dfd4e-d0b5-4d10-8982-36d9f6e53c8e", "content": "", "creation_timestamp": "2025-09-01T13:53:38.000000Z"} {"uuid": "82770d7c-6f11-457d-b01f-314df7827950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13466", "type": "seen", "source": "MISP/ca7dfd4e-d0b5-4d10-8982-36d9f6e53c8e", "content": "", "creation_timestamp": "2025-09-01T13:53:38.000000Z"} https://vulnerability.circl.lu/sighting/82770d7c-6f11-457d-b01f-314df7827950/export Mon, 01 Sep 2025 13:53:38 +0000