{"vulnerability": "CVE-2024-3941", "sightings": [{"uuid": "bbd6e519-11aa-49e5-8dac-6c109598706d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3941", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9440", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3941\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.\n\ud83d\udccf Published: 2024-05-10T06:00:02.776Z\n\ud83d\udccf Modified: 2025-03-28T19:17:28.423Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/6e09e922-983c-4406-8053-747d839995d1/", "creation_timestamp": "2025-03-28T19:29:08.000000Z"}, {"uuid": "07c25fe8-ab4a-4159-ba50-9cede2d92126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39413", "type": "seen", "source": "https://t.me/cvedetector/3122", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39413 - Adobe Commerce Security Feature Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39413 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:26.000000Z"}, {"uuid": "be3cf92b-02bb-4465-9302-cd4b6593fa1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39411", "type": "seen", "source": "https://t.me/cvedetector/3121", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39411 - Adobe Commerce Improper Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39411 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:25.000000Z"}, {"uuid": "4addda50-271b-4760-8678-0b1dc7738232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39410", "type": "seen", "source": "https://t.me/cvedetector/3120", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39410 - Adobe Commerce CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39410 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:24.000000Z"}, {"uuid": "7d190421-c4e7-4762-8b83-69151bccb543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39412", "type": "seen", "source": "https://t.me/cvedetector/3119", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39412 - Adobe Commerce Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39412 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:23.000000Z"}, {"uuid": "4a049c33-f485-48b9-837f-736d88b4094c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39414", "type": "seen", "source": "https://t.me/cvedetector/3118", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39414 - Adobe Commerce Improper Authorization Security Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-39414 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:22.000000Z"}, {"uuid": "85f1a8f4-4860-4e71-b426-79ea7a8c6068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39415", "type": "seen", "source": "https://t.me/cvedetector/3117", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39415 - Adobe Commerce Improper Authorization Security Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-39415 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:18.000000Z"}, {"uuid": "e2592d4c-7041-472c-b371-5394e2dfc320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39416", "type": "seen", "source": "https://t.me/cvedetector/3116", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39416 - Adobe Commerce Security Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-39416 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:17.000000Z"}, {"uuid": "6c795ccd-05d8-4280-850b-ced8078f5295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39417", "type": "seen", "source": "https://t.me/cvedetector/3115", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39417 - Adobe Commerce Security Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-39417 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:16.000000Z"}, {"uuid": "2fb20944-debe-490f-88ee-d2ec81368612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39418", "type": "seen", "source": "https://t.me/cvedetector/3114", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39418 - Adobe Commerce Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-39418 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity information. Exploitation of this issue does not require user interaction. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:15.000000Z"}, {"uuid": "d114eabf-0fc8-48da-a078-49188fec2a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39419", "type": "seen", "source": "https://t.me/cvedetector/3113", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39419 - Adobe Commerce Improper Authorization Security Feature Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-39419 \nPublished : Aug. 14, 2024, 12:15 p.m. | 34\u00a0minutes ago \nDescription : Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T14:52:14.000000Z"}]}