https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 09 May 2026 00:04:20 +0000 https://vulnerability.circl.lu/sighting/0915cab9-275f-441b-a297-ddb70e32a619/export {"uuid": "0915cab9-275f-441b-a297-ddb70e32a619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9385", "type": "seen", "source": "https://t.me/cvedetector/7039", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-9385 - Themify Builder WordPress Reflected Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2024-9385 \nPublished : Oct. 5, 2024, 2:15 a.m. | 17\u00a0minutes ago \nDescription : The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 7.6.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T04:34:54.000000Z"} {"uuid": "0915cab9-275f-441b-a297-ddb70e32a619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9385", "type": "seen", "source": "https://t.me/cvedetector/7039", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-9385 - Themify Builder WordPress Reflected Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2024-9385 \nPublished : Oct. 5, 2024, 2:15 a.m. | 17\u00a0minutes ago \nDescription : The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 7.6.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T04:34:54.000000Z"} https://vulnerability.circl.lu/sighting/0915cab9-275f-441b-a297-ddb70e32a619/export Sat, 05 Oct 2024 04:34:54 +0000 https://vulnerability.circl.lu/sighting/7f740a39-2dfd-4aa7-a45c-e605c5f2323c/export {"uuid": "7f740a39-2dfd-4aa7-a45c-e605c5f2323c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9385", "type": "seen", "source": "https://t.me/HackerArsenal/523", "content": "\u203c\ufe0f CVE-2024-9385 \u203c\ufe0f\n\nThe Themify Builder plugin for WordPress is vulnerable to Reflected CrossSite Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 7.6.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-10-05T11:40:17.000000Z"} {"uuid": "7f740a39-2dfd-4aa7-a45c-e605c5f2323c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9385", "type": "seen", "source": "https://t.me/HackerArsenal/523", "content": "\u203c\ufe0f CVE-2024-9385 \u203c\ufe0f\n\nThe Themify Builder plugin for WordPress is vulnerable to Reflected CrossSite Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 7.6.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-10-05T11:40:17.000000Z"} https://vulnerability.circl.lu/sighting/7f740a39-2dfd-4aa7-a45c-e605c5f2323c/export Sat, 05 Oct 2024 11:40:17 +0000