Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 12:48:49 +0000 a0d69cf5-bf17-40b9-91dd-28e82d287e2d https://vulnerability.circl.lu/sighting/a0d69cf5-bf17-40b9-91dd-28e82d287e2d/export {"uuid": "a0d69cf5-bf17-40b9-91dd-28e82d287e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6328", "type": "seen", "source": "https://t.me/cvedetector/718", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-6328 - The MStore API \u2013 Create Native Android & iOS Apps\", \n \"Content\": \"CVE ID : CVE-2024-6328 \nPublished : July 12, 2024, 11:15 a.m. | 17\u00a0minutes ago \nDescription : The MStore API \u2013 Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.14.7. This is due to insufficient verification on the 'phone' parameter of the 'firebase_sms_login' and 'firebase_sms_login_v2' functions. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email address or phone number. Additionally, if a new email address is supplied, a new user account is created with the default role, even if registration is disabled. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T13:34:19.000000Z"} {"uuid": "a0d69cf5-bf17-40b9-91dd-28e82d287e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6328", "type": "seen", "source": "https://t.me/cvedetector/718", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-6328 - The MStore API \u2013 Create Native Android & iOS Apps\", \n \"Content\": \"CVE ID : CVE-2024-6328 \nPublished : July 12, 2024, 11:15 a.m. | 17\u00a0minutes ago \nDescription : The MStore API \u2013 Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.14.7. This is due to insufficient verification on the 'phone' parameter of the 'firebase_sms_login' and 'firebase_sms_login_v2' functions. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email address or phone number. Additionally, if a new email address is supplied, a new user account is created with the default role, even if registration is disabled. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T13:34:19.000000Z"} https://vulnerability.circl.lu/sighting/a0d69cf5-bf17-40b9-91dd-28e82d287e2d/export Fri, 12 Jul 2024 13:34:19 +0000