https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 07 Jun 2026 16:52:50 +0000 https://vulnerability.circl.lu/sighting/0b47f796-8509-4ee6-9e28-68eaba6d643b/export {"uuid": "0b47f796-8509-4ee6-9e28-68eaba6d643b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljmvyi2z5b2y", "content": "", "creation_timestamp": "2025-03-05T11:49:57.507538Z"} {"uuid": "0b47f796-8509-4ee6-9e28-68eaba6d643b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljmvyi2z5b2y", "content": "", "creation_timestamp": "2025-03-05T11:49:57.507538Z"} https://vulnerability.circl.lu/sighting/0b47f796-8509-4ee6-9e28-68eaba6d643b/export Wed, 05 Mar 2025 11:49:57 +0000 https://vulnerability.circl.lu/sighting/edda5b8b-4cfe-4908-a192-3a273662fa7c/export {"uuid": "edda5b8b-4cfe-4908-a192-3a273662fa7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13780", "type": "seen", "source": "https://t.me/cvedetector/19616", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13780 - Hero Mega Menu WordPress Menu Plugin File Deletion Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13780 \nPublished : March 5, 2025, 10:15 a.m. | 48\u00a0minutes ago \nDescription : The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the hmenu_delete_menu() function in all versions up to, and including, 1.16.5. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T12:45:59.000000Z"} {"uuid": "edda5b8b-4cfe-4908-a192-3a273662fa7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13780", "type": "seen", "source": "https://t.me/cvedetector/19616", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13780 - Hero Mega Menu WordPress Menu Plugin File Deletion Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13780 \nPublished : March 5, 2025, 10:15 a.m. | 48\u00a0minutes ago \nDescription : The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the hmenu_delete_menu() function in all versions up to, and including, 1.16.5. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T12:45:59.000000Z"} https://vulnerability.circl.lu/sighting/edda5b8b-4cfe-4908-a192-3a273662fa7c/export Wed, 05 Mar 2025 12:45:59 +0000 https://vulnerability.circl.lu/sighting/1fdd28aa-e34f-4bd7-bda5-8496eede876f/export {"uuid": "1fdd28aa-e34f-4bd7-bda5-8496eede876f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://t.me/cvedetector/19617", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13787 - Veda WordPress Theme PHP Object Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13787 \nPublished : March 5, 2025, 10:15 a.m. | 48\u00a0minutes ago \nDescription : The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2 via deserialization of untrusted input in the 'veda_backup_and_restore_action' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T12:46:00.000000Z"} {"uuid": "1fdd28aa-e34f-4bd7-bda5-8496eede876f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://t.me/cvedetector/19617", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-13787 - Veda WordPress Theme PHP Object Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-13787 \nPublished : March 5, 2025, 10:15 a.m. | 48\u00a0minutes ago \nDescription : The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2 via deserialization of untrusted input in the 'veda_backup_and_restore_action' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T12:46:00.000000Z"} https://vulnerability.circl.lu/sighting/1fdd28aa-e34f-4bd7-bda5-8496eede876f/export Wed, 05 Mar 2025 12:46:00 +0000 https://vulnerability.circl.lu/sighting/644b345b-8c72-44bc-9c2a-ca043865b491/export {"uuid": "644b345b-8c72-44bc-9c2a-ca043865b491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "Telegram/wctsiR1iyRSFkW1Hgy9heGDN29ORJkqZ-PdUhQ0K_ECXI9ta", "content": "", "creation_timestamp": "2025-03-06T02:16:32.000000Z"} {"uuid": "644b345b-8c72-44bc-9c2a-ca043865b491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "Telegram/wctsiR1iyRSFkW1Hgy9heGDN29ORJkqZ-PdUhQ0K_ECXI9ta", "content": "", "creation_timestamp": "2025-03-06T02:16:32.000000Z"} https://vulnerability.circl.lu/sighting/644b345b-8c72-44bc-9c2a-ca043865b491/export Thu, 06 Mar 2025 02:16:32 +0000 https://vulnerability.circl.lu/sighting/46c88b7e-ca2f-4ce6-8f20-8227efd59a02/export {"uuid": "46c88b7e-ca2f-4ce6-8f20-8227efd59a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13780", "type": "seen", "source": "Telegram/S7v5HyXsQgnXyN1hb3yuP_t8aWCcEbETwe7SJQmfKAAlW6-z", "content": "", "creation_timestamp": "2025-03-06T02:16:32.000000Z"} {"uuid": "46c88b7e-ca2f-4ce6-8f20-8227efd59a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13780", "type": "seen", "source": "Telegram/S7v5HyXsQgnXyN1hb3yuP_t8aWCcEbETwe7SJQmfKAAlW6-z", "content": "", "creation_timestamp": "2025-03-06T02:16:32.000000Z"} https://vulnerability.circl.lu/sighting/46c88b7e-ca2f-4ce6-8f20-8227efd59a02/export Thu, 06 Mar 2025 02:16:32 +0000 https://vulnerability.circl.lu/sighting/ecd41dad-53c3-427e-bf08-f43c5d6a63c7/export {"uuid": "ecd41dad-53c3-427e-bf08-f43c5d6a63c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljpgztmmyz2g", "content": "", "creation_timestamp": "2025-03-06T12:00:30.351309Z"} {"uuid": "ecd41dad-53c3-427e-bf08-f43c5d6a63c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljpgztmmyz2g", "content": "", "creation_timestamp": "2025-03-06T12:00:30.351309Z"} https://vulnerability.circl.lu/sighting/ecd41dad-53c3-427e-bf08-f43c5d6a63c7/export Thu, 06 Mar 2025 12:00:30 +0000 https://vulnerability.circl.lu/sighting/33b882c1-2682-476d-a67c-d2a0baf32127/export {"uuid": "33b882c1-2682-476d-a67c-d2a0baf32127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13781", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6815", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13781\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\ud83d\udccf Published: 2025-03-07T08:21:25.521Z\n\ud83d\udccf Modified: 2025-03-07T08:21:25.521Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/8f394209-df80-491f-b700-cc06e54ea676?source=cve\n2. https://codecanyon.net/item/hero-maps-premium-responsive-google-maps-plugin/12577151", "creation_timestamp": "2025-03-07T08:35:00.000000Z"} {"uuid": "33b882c1-2682-476d-a67c-d2a0baf32127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13781", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6815", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13781\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\ud83d\udccf Published: 2025-03-07T08:21:25.521Z\n\ud83d\udccf Modified: 2025-03-07T08:21:25.521Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/8f394209-df80-491f-b700-cc06e54ea676?source=cve\n2. https://codecanyon.net/item/hero-maps-premium-responsive-google-maps-plugin/12577151", "creation_timestamp": "2025-03-07T08:35:00.000000Z"} https://vulnerability.circl.lu/sighting/33b882c1-2682-476d-a67c-d2a0baf32127/export Fri, 07 Mar 2025 08:35:00 +0000 https://vulnerability.circl.lu/sighting/37d4d59c-ea5d-4fe8-81a5-3d459db13b57/export {"uuid": "37d4d59c-ea5d-4fe8-81a5-3d459db13b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13781", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljrxr44zsl22", "content": "", "creation_timestamp": "2025-03-07T12:04:54.049150Z"} {"uuid": "37d4d59c-ea5d-4fe8-81a5-3d459db13b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13781", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljrxr44zsl22", "content": "", "creation_timestamp": "2025-03-07T12:04:54.049150Z"} https://vulnerability.circl.lu/sighting/37d4d59c-ea5d-4fe8-81a5-3d459db13b57/export Fri, 07 Mar 2025 12:04:54 +0000 https://vulnerability.circl.lu/sighting/aea36287-fd8b-4499-b8da-70a91217146f/export {"uuid": "aea36287-fd8b-4499-b8da-70a91217146f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13786", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsxurw2mqp2r", "content": "", "creation_timestamp": "2025-07-02T09:14:22.931615Z"} {"uuid": "aea36287-fd8b-4499-b8da-70a91217146f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13786", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsxurw2mqp2r", "content": "", "creation_timestamp": "2025-07-02T09:14:22.931615Z"} https://vulnerability.circl.lu/sighting/aea36287-fd8b-4499-b8da-70a91217146f/export Wed, 02 Jul 2025 09:14:22 +0000 https://vulnerability.circl.lu/sighting/caf756bf-e2c3-43ef-8e72-c8769dad0510/export {"uuid": "caf756bf-e2c3-43ef-8e72-c8769dad0510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mmvarcess42u", "content": "CVE-2024-13787 - Critical Insecure Deserialization in Veda WordPress theme. CVSS 9.8. Authenticated attackers can inject PHP objects. Unpatched. Disable theme or use firewall. #CVE #WordPress #infosec\n\nhttps://www.valtersit.com/cve/CVE-2024-13787/", "creation_timestamp": "2026-05-28T05:05:50.654950Z"} {"uuid": "caf756bf-e2c3-43ef-8e72-c8769dad0510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13787", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mmvarcess42u", "content": "CVE-2024-13787 - Critical Insecure Deserialization in Veda WordPress theme. CVSS 9.8. Authenticated attackers can inject PHP objects. Unpatched. Disable theme or use firewall. #CVE #WordPress #infosec\n\nhttps://www.valtersit.com/cve/CVE-2024-13787/", "creation_timestamp": "2026-05-28T05:05:50.654950Z"} https://vulnerability.circl.lu/sighting/caf756bf-e2c3-43ef-8e72-c8769dad0510/export Thu, 28 May 2026 05:05:50 +0000