{"vulnerability": "CVE-2024-38759", "sightings": [{"uuid": "3dedfa0d-74f1-4f24-b475-7469a11f7163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/leak503/506", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-02T21:35:26.000000Z"}, {"uuid": "3fb27e54-ea7a-4365-b7b2-00b131a359c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/3301", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2025-03-16T00:41:48.000000Z"}, {"uuid": "db177aff-8433-44aa-af55-4fb9f2b115d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "seen", "source": "https://t.me/cvedetector/1428", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38759 - WP Media SAS Search & Replace Deserialization of Untrusted Data Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38759 \nPublished : July 22, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace.This issue affects Search & Replace: from n/a through 3.2.2. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-22T13:38:30.000000Z"}, {"uuid": "06221266-cb2e-4757-aaa6-a65f9127a9a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/454", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T16:14:23.000000Z"}, {"uuid": "c17d2749-bb53-4ac7-baa7-2cd685100f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "Telegram/74IzvRfHv6As3hyVMCWy5rx44qm1MKm9hZLdVsqv0WV9bgP1", "content": "", "creation_timestamp": "2024-10-18T12:26:48.000000Z"}, {"uuid": "c9f2b6f1-dbef-498e-926e-79ca8768d28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "Telegram/3v_L1Km8kHglM99z9Gx-p2lsvnYIaRU3JVXDXxZhsRyM6xs7", "content": "", "creation_timestamp": "2024-08-31T12:42:28.000000Z"}, {"uuid": "3e862cf3-2b1e-42a9-8b4b-f69f9cf71ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1520", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:04.000000Z"}, {"uuid": "56216e04-e2f0-436d-9f2c-26bb575a0106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "seen", "source": "https://t.me/HackerInvestigationZone/9", "content": "\ud83d\udea8_CvEploiterv2 x xWPv3 Ultimate/Beast Software\n\n\ud83c\udfafThe most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n\u00a0\u00a0\u00a0\u00a0 with the latest version/method.]\n\n\u2699\ufe0fCVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n \u2699\ufe0fCVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n\u2699\ufe0fCVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n\u2699\ufe0fCVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n\u2699\ufe0fCVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n\u2699\ufe0f#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n\u2699\ufe0fCVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n\u2699\ufe0fCVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n\u2699\ufe0fCVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\n#Investigation_of_hacking \n#Cyber_Security_News\n#codeb0ss", "creation_timestamp": "2024-11-12T20:45:56.000000Z"}, {"uuid": "19179eb6-c271-41dc-b3b0-cf6c72a81acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "Telegram/XpvaFCWqDdhczMpL78DIu7UwbRt1BfqFLpK3OfazzKgSSlAyeg", "content": "", "creation_timestamp": "2024-08-31T12:29:12.000000Z"}, {"uuid": "7b04342e-fa9c-4cb5-9da1-451f20df7f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1554", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-08-30T06:52:02.000000Z"}, {"uuid": "89d64d40-8c6f-4b8e-aac1-dc2a40c2cad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1653", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-12-18T18:01:34.000000Z"}, {"uuid": "d75be8fa-6a32-4dd0-a5f6-04e08d9b17ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1634", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-11-30T13:27:14.000000Z"}, {"uuid": "59b22372-de10-41b4-81b4-50e9d360c8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1615", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-10-18T12:25:41.000000Z"}, {"uuid": "dd77f26b-4c11-4856-9f45-762e631b5f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1531", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T05:42:04.000000Z"}, {"uuid": "16361008-ca83-4f4b-ad37-f6bec25f70c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1602", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-13T16:57:01.000000Z"}, {"uuid": "c39657b8-def9-4e2b-a421-bfe2fdf10bdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38759", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1580", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-08-31T13:09:22.000000Z"}]}