https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 03 Jun 2026 23:03:15 +0000 https://vulnerability.circl.lu/sighting/461e1ad5-f19d-4adf-aee9-b942c65d9c23/export {"uuid": "461e1ad5-f19d-4adf-aee9-b942c65d9c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13798", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5015", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13798\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible for unauthenticated attackers to create new orders for products and mark them as paid without actually completing a payment.\n\ud83d\udccf Published: 2025-02-22T04:21:16.200Z\n\ud83d\udccf Modified: 2025-02-22T04:21:16.200Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/705823ff-e9c3-4b8b-b71c-3b60d0d15b01?source=cve\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3242737%40post-grid&new=3242737%40post-grid&sfp_email=&sfph_mail=", "creation_timestamp": "2025-02-22T05:18:50.000000Z"} {"uuid": "461e1ad5-f19d-4adf-aee9-b942c65d9c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13798", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5015", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13798\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible for unauthenticated attackers to create new orders for products and mark them as paid without actually completing a payment.\n\ud83d\udccf Published: 2025-02-22T04:21:16.200Z\n\ud83d\udccf Modified: 2025-02-22T04:21:16.200Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/705823ff-e9c3-4b8b-b71c-3b60d0d15b01?source=cve\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3242737%40post-grid&new=3242737%40post-grid&sfp_email=&sfph_mail=", "creation_timestamp": "2025-02-22T05:18:50.000000Z"} https://vulnerability.circl.lu/sighting/461e1ad5-f19d-4adf-aee9-b942c65d9c23/export Sat, 22 Feb 2025 05:18:50 +0000 https://vulnerability.circl.lu/sighting/f05c9d29-e08a-44ff-bb18-c408773d744a/export {"uuid": "f05c9d29-e08a-44ff-bb18-c408773d744a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13798", "type": "seen", "source": "https://t.me/cvedetector/18710", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13798 - ComboBlocks Unauthorized Order Creation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13798 \nPublished : Feb. 22, 2025, 5:15 a.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible for unauthenticated attackers to create new orders for products and mark them as paid without actually completing a payment. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-22T08:18:44.000000Z"} {"uuid": "f05c9d29-e08a-44ff-bb18-c408773d744a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13798", "type": "seen", "source": "https://t.me/cvedetector/18710", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13798 - ComboBlocks Unauthorized Order Creation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13798 \nPublished : Feb. 22, 2025, 5:15 a.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible for unauthenticated attackers to create new orders for products and mark them as paid without actually completing a payment. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-22T08:18:44.000000Z"} https://vulnerability.circl.lu/sighting/f05c9d29-e08a-44ff-bb18-c408773d744a/export Sat, 22 Feb 2025 08:18:44 +0000