{"vulnerability": "CVE-2024-1366", "sightings": [{"uuid": "5413a216-1866-4248-b284-64c3a4932a7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13661", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113917907610852966", "content": "", "creation_timestamp": "2025-01-30T15:02:03.611780Z"}, {"uuid": "b004f789-241d-43c1-8afc-2986be1f3578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13664", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113917966614869163", "content": "", "creation_timestamp": "2025-01-30T15:17:03.503344Z"}, {"uuid": "208ed8ab-a54f-47ee-860a-e40ff32e1a06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13661", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgxyubyedz2i", "content": "", "creation_timestamp": "2025-01-30T17:24:57.841371Z"}, {"uuid": "0170e484-9d29-407d-9a1b-c92d9a02c3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13662", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzuoz3wan2w", "content": "", "creation_timestamp": "2025-01-31T11:15:45.430626Z"}, {"uuid": "6cc9efd2-1d47-4845-8a16-757126b03a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13664", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxoep2scm2r", "content": "", "creation_timestamp": "2025-01-30T14:17:17.755649Z"}, {"uuid": "e3f857f7-5f30-402d-9cea-d6c3f9923bb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13661", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxoeluhr52j", "content": "", "creation_timestamp": "2025-01-30T14:17:14.140458Z"}, {"uuid": "ef5bf0fc-6f44-46f1-8b5a-c5b135c0d1aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13668", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljs6huovxc2j", "content": "", "creation_timestamp": "2025-03-07T14:05:02.246581Z"}, {"uuid": "888f7427-7042-45c0-a511-9bd86df94a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13667", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lih53me7f72y", "content": "", "creation_timestamp": "2025-02-18T11:15:46.454950Z"}, {"uuid": "27912925-396a-4830-b480-635b0f331cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13665", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113989092191397844", "content": "", "creation_timestamp": "2025-02-12T04:45:13.902460Z"}, {"uuid": "12b578e2-ed8a-45aa-9455-12146440b334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13665", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhxg6p33fw2s", "content": "", "creation_timestamp": "2025-02-12T05:15:57.815009Z"}, {"uuid": "dbd28160-aafc-4fbf-9788-f3f80cb9e314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13667", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lihg3gkb7o2p", "content": "", "creation_timestamp": "2025-02-18T13:56:44.077596Z"}, {"uuid": "05a503f4-e44a-4ddf-a3af-fb4f6e1845c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13660", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijdk4lrxn2g", "content": "", "creation_timestamp": "2025-02-19T08:16:35.373592Z"}, {"uuid": "679547ce-4f7a-46fb-9196-e6b14fd4b960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13663", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lijdk6vkcv2g", "content": "", "creation_timestamp": "2025-02-19T08:16:37.559941Z"}, {"uuid": "5b8cbce9-0119-4939-b128-ce48d46c39c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13666", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkxnchcgtr2k", "content": "", "creation_timestamp": "2025-03-22T11:38:55.088694Z"}, {"uuid": "93dec4ba-40c4-4a6e-adc5-d4146dfb97c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13668", "type": "seen", "source": "https://t.me/cvedetector/19800", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13668 - WordPress Activity O Meter Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13668 \nPublished : March 7, 2025, 10:15 a.m. | 46\u00a0minutes ago \nDescription : The WordPress Activity O Meter WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T12:25:38.000000Z"}, {"uuid": "0452a169-4c3e-4d6a-bca1-b42fa5514671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13667", "type": "seen", "source": "https://t.me/cvedetector/18315", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13667 - \"Uncode for WordPress Stored Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13667 \nPublished : Feb. 18, 2025, 11:15 a.m. | 18\u00a0minutes ago \nDescription : The Uncode theme for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018mle-description\u2019 parameter in all versions up to, and including, 2.9.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T12:38:02.000000Z"}, {"uuid": "79e02136-ebea-475a-bb2d-695f97bf1f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13660", "type": "seen", "source": "https://t.me/cvedetector/18432", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13660 - Flickr Slideshow for WordPress Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-13660 \nPublished : Feb. 19, 2025, 8:15 a.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : The Responsive Flickr Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fshow' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T12:03:19.000000Z"}, {"uuid": "67fe2ccd-626b-4ce5-a7e0-21e39b813283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13660", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4791", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13660\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Responsive Flickr Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fshow' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-19T07:32:10.210Z\n\ud83d\udccf Modified: 2025-02-19T07:32:10.210Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/8023be86-2bdb-4f16-9b54-a959f1e75e46?source=cve\n2. https://plugins.trac.wordpress.org/browser/mobile-friendly-flickr-slideshow/tags/2.6.1/mobile-friendly-flickr-slideshow.php#L191", "creation_timestamp": "2025-02-19T08:41:11.000000Z"}, {"uuid": "3ec07b9a-baa5-4cd5-bc79-7090c1192bc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13662", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3649", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13662\n\ud83d\udd25 CVSS Score: 6.2 (CVSS_V3)\n\ud83d\udd39 Description: The eHive Objects Image Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ehive_objects_image_grid' shortcode in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-31T12:33:02Z\n\ud83d\udccf Modified: 2025-01-31T12:33:02Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13662\n2. https://plugins.trac.wordpress.org/browser/ehive-objects-image-grid/trunk/templates/eHiveObjectsImageGrid.php#L22\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3230975%40ehive-objects-image-grid&new=3230975%40ehive-objects-image-grid&sfp_email=&sfph_mail=\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/638d8ef6-dab0-4cfa-8ecc-af2ded3c6d79?source=cve", "creation_timestamp": "2025-01-31T13:15:00.000000Z"}, {"uuid": "e166f0a8-26c6-4010-bef2-509095b8feca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13665", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4016", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13665\n\ud83d\udd25 CVSS Score: 6.2 (CVSS_V3)\n\ud83d\udd39 Description: The Admire Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'space' shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-12T06:30:33Z\n\ud83d\udccf Modified: 2025-02-12T06:30:33Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13665\n2. https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3233979%40admire-extra&new=3233979%40admire-extra\n3. https://www.wordfence.com/threat-intel/vulnerabilities/id/bf682127-4b97-44ce-a94d-3a237c5af1cc?source=cve", "creation_timestamp": "2025-02-12T07:09:32.000000Z"}, {"uuid": "9688cfe8-b763-4d12-a5f1-289ff44027eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13665", "type": "seen", "source": "https://t.me/cvedetector/17818", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13665 - WordPress Admire Extra Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13665 \nPublished : Feb. 12, 2025, 5:15 a.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : The Admire Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'space' shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T08:30:29.000000Z"}, {"uuid": "6009df32-895d-4d92-9adf-a9a3dd1e27cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13669", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5459", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13669\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The CalendApp WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2025-02-26T06:00:11.629Z\n\ud83d\udccf Modified: 2025-02-26T06:00:11.629Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/71e69cf2-7d41-479c-9721-662b57571c90/", "creation_timestamp": "2025-02-26T06:25:08.000000Z"}, {"uuid": "cda89d05-0b76-4bed-bfd9-31bdd1cc4496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13668", "type": "seen", "source": "Telegram/omNU3Qkt-8XcduK7LcNSnn2Drtx121F-MrT0Bns9It0NGJQg", "content": "", "creation_timestamp": "2025-03-08T04:34:56.000000Z"}, {"uuid": "ba494f3f-9ab6-4d33-8e04-29110fa4bb12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13668", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6825", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13668\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WordPress Activity O Meter WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admins.\n\ud83d\udccf Published: 2025-03-07T09:49:49.030Z\n\ud83d\udccf Modified: 2025-03-07T09:49:49.030Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/a7bfc094-b235-419d-882d-96b439651f65/", "creation_timestamp": "2025-03-07T10:35:14.000000Z"}, {"uuid": "feb9c838-167b-4c60-a28f-58fa375ebd2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13664", "type": "seen", "source": "https://t.me/cvedetector/16778", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13664 - WordPress WP Post List Table Stored Cross-Site Scripting (XS)\", \n  \"Content\": \"CVE ID : CVE-2024-13664 \nPublished : Jan. 30, 2025, 2:15 p.m. | 46\u00a0minutes ago \nDescription : The WP Post List Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpb_post_list_table' shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T16:46:28.000000Z"}, {"uuid": "3a0bb40b-9aa2-45da-826e-18298a0eda3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13661", "type": "seen", "source": "https://t.me/cvedetector/16777", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13661 - WordPress Table Editor Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-13661 \nPublished : Jan. 30, 2025, 2:15 p.m. | 46\u00a0minutes ago \nDescription : The Table Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wptableeditor_vtabs' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-30T16:46:28.000000Z"}, {"uuid": "54d16210-e392-40dc-882e-d05274b08b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13668", "type": "seen", "source": "Telegram/geLwGb0f69YmDBT7YdDQfEFUxSrTAPzSd0G184MUTIFfmB0G", "content": "", "creation_timestamp": "2025-03-08T04:34:57.000000Z"}, {"uuid": "dc3302a4-4b0f-405e-bb08-52ada05ac8b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13663", "type": "seen", "source": "Telegram/e0sA9YIPRrem5x01Ei_LwA5YcjWcy0JklYIxXCPtUETGQLqc", "content": "", "creation_timestamp": "2025-02-19T15:39:52.000000Z"}, {"uuid": "66c2a74a-4192-419b-b56d-7c89a08277d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13662", "type": "seen", "source": "https://t.me/cvedetector/16928", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13662 - eHive Objects Image Grid WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13662 \nPublished : Jan. 31, 2025, 11:15 a.m. | 33\u00a0minutes ago \nDescription : The eHive Objects Image Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ehive_objects_image_grid' shortcode in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T12:52:04.000000Z"}, {"uuid": "408d88c8-25ad-42d1-9312-64f5564fdadc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13666", "type": "seen", "source": "https://t.me/cvedetector/20865", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13666 - Fluent Forms IP Address Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13666 \nPublished : March 22, 2025, 9:15 a.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : The Fluent Forms \u2013 Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers spoof their IP address and submit forms that may have IP-based restrictions. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-22T12:52:58.000000Z"}, {"uuid": "a101a66d-4f1a-42ec-ba79-b39ae481ca46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1366", "type": "seen", "source": "https://t.me/ctinow/202149", "content": "https://ift.tt/FY9EulS\nCVE-2024-1366", "creation_timestamp": "2024-03-07T07:26:11.000000Z"}, {"uuid": "81362222-2e0b-45ea-902b-6357103a4eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13660", "type": "seen", "source": "Telegram/TzvUH-zm5l50saCG0owQrntPI8N3zWoKlnarJs9VXiTsDM_N", "content": "", "creation_timestamp": "2025-02-19T15:39:52.000000Z"}, {"uuid": "f8590441-5ba9-4a92-bc0d-a8b3650db2d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13662", "type": "seen", "source": "Telegram/qSX2tcwwnq4_LouCKNlcj4aK3tl5O5sc3fouP0JWbtWL6Kkl", "content": "", "creation_timestamp": "2025-02-01T17:28:08.000000Z"}, {"uuid": "2aa07b89-bfeb-437c-94ba-fe5c29488b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1366", "type": "seen", "source": "https://t.me/ctinow/202145", "content": "https://ift.tt/FY9EulS\nCVE-2024-1366", "creation_timestamp": "2024-03-07T07:26:07.000000Z"}]}