{"vulnerability": "CVE-2026-2413", "sightings": [{"uuid": "74321910-eddd-4dd8-b787-c5df517dd4c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24138", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3md2lbc2zjo24", "content": "", "creation_timestamp": "2026-01-23T01:45:07.703146Z"}, {"uuid": "3dd59b48-cd3b-435c-9e22-c183850e8ebd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://mstdn.social/users/Hackread/statuses/116221980166138780", "content": "", "creation_timestamp": "2026-03-13T12:58:00.392736Z"}, {"uuid": "ed20a064-cf78-479f-a778-acdb98b35e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24137", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0315/", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "80aa1e95-ef18-4d2f-8a59-2a6352fd43d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://infosec.exchange/users/technadu/statuses/116216605634035649", "content": "", "creation_timestamp": "2026-03-12T14:11:13.187934Z"}, {"uuid": "760180fe-dcb0-45fa-bc84-55eeeabcffb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://bsky.app/profile/technadu.com/post/3mgulgldgek2d", "content": "", "creation_timestamp": "2026-03-12T14:13:02.364934Z"}, {"uuid": "fa86208b-6f95-41a4-a70e-2a57e6deab66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mgutoe3fal23", "content": "", "creation_timestamp": "2026-03-12T16:40:23.200276Z"}, {"uuid": "bb6441b2-5e07-4916-85d5-3265482c5833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24133", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mefat4pq3c2m", "content": "", "creation_timestamp": "2026-02-09T01:02:45.889137Z"}, {"uuid": "e3d0cc75-23ae-44e2-83f4-6320689cb8f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-2413", "content": "", "creation_timestamp": "2026-03-11T04:18:01.000000Z"}, {"uuid": "11fd11e0-07e7-49fb-a3e2-c5123b08627b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24137", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3md2poy464o23", "content": "", "creation_timestamp": "2026-01-23T03:04:21.170351Z"}, {"uuid": "017e0f13-b884-442d-8754-b67014128d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24138", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3md2qauxaxw2t", "content": "", "creation_timestamp": "2026-01-23T03:14:21.759739Z"}, {"uuid": "c6f1803a-4c1d-4615-aca4-dc161ca2ab81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24132", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3md2r3q7vwt2c", "content": "", "creation_timestamp": "2026-01-23T03:29:22.907426Z"}, {"uuid": "5d7d75c6-e949-431c-b590-089d26396213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24132", "type": "seen", "source": "https://gist.github.com/alon710/3d0a1b584a84dc43d2a9a61a3821c3c4", "content": "", "creation_timestamp": "2026-01-24T21:22:37.000000Z"}, {"uuid": "b8e4eb2f-9bb3-4541-9c47-800275a645db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24130", "type": "seen", "source": "https://gist.github.com/alon710/f609208050bd49fa817ac02942945a92", "content": "", "creation_timestamp": "2026-01-24T21:22:35.000000Z"}, {"uuid": "9e96b0d7-7509-495e-a5ef-6ba053970819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24132", "type": "seen", "source": "https://gist.github.com/alon710/31fc37eb0889b0964976a742b1de957a", "content": "", "creation_timestamp": "2026-01-24T22:17:24.000000Z"}, {"uuid": "a5126e56-2168-4cbc-9492-f1029f220f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24137", "type": "seen", "source": "https://gist.github.com/alon710/bcce36cb7d3ca802621bc6d8b450a705", "content": "", "creation_timestamp": "2026-01-24T21:22:42.000000Z"}, {"uuid": "7c407d1d-78a7-4a38-a4aa-aa09cc9363d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24132", "type": "seen", "source": "https://gist.github.com/alon710/ab913cf59e50406b2e8cd1b1a7171e0d", "content": "", "creation_timestamp": "2026-01-24T22:17:21.000000Z"}, {"uuid": "b7d24d71-ee68-46f4-8455-ab815fa9bc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24130", "type": "seen", "source": "https://gist.github.com/alon710/869af24180d0a2657b3c7c0c87152b32", "content": "", "creation_timestamp": "2026-01-24T22:17:18.000000Z"}, {"uuid": "c5d3f563-9a5a-448d-b9d0-e5dbb235a8f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24130", "type": "seen", "source": "https://gist.github.com/alon710/a1704b9ca809b7c44848d646f56c4c53", "content": "", "creation_timestamp": "2026-01-24T22:17:16.000000Z"}, {"uuid": "b8586d4c-deb6-4a1e-a662-12d8eaa63e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-2413.yaml", "content": "", "creation_timestamp": "2026-03-11T17:30:18.000000Z"}, {"uuid": "b0a2bacf-8835-4b1d-a6c5-9c0b76979b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24137", "type": "seen", "source": "https://gist.github.com/alon710/6fc946ee0533a43d90951a9879a201f4", "content": "", "creation_timestamp": "2026-01-24T22:17:59.000000Z"}, {"uuid": "c90bb0b1-4729-4d80-abe1-509d3043c63a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24137", "type": "seen", "source": "https://gist.github.com/alon710/be2815b69f79341bb284c55ad42b006c", "content": "", "creation_timestamp": "2026-01-24T22:17:57.000000Z"}, {"uuid": "c296c260-af33-45e9-b9b5-b70b12af5752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24131", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mdelaw2rhn2r", "content": "", "creation_timestamp": "2026-01-27T01:11:31.493765Z"}, {"uuid": "dc018786-caf7-4dee-8a86-fad74fd4de3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://t.me/CyberSecurityIL/82474", "content": "\ud83c\udf0e\u05db\u05de\u05d4 \u05d0\u05d9\u05e8\u05d5\u05e2\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05e1\u05d1\u05d9\u05d1 \u05dc\u05e2\u05d5\u05dc\u05dd:\n\n- \u05d7\u05d1\u05e8\u05ea Telus Digital \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05e2\u05dc \u05d3\u05dc\u05e3 \u05de\u05d9\u05d3\u05e2 \u05dc\u05d0\u05d7\u05e8 \u05de\u05ea\u05e7\u05e4\u05ea \u05db\u05d5\u05e4\u05e8 \u05e9\u05d1\u05d5\u05e6\u05e2\u05d4 \u05e2\"\u05d9 \u05e7\u05d1\u05d5\u05e6\u05ea ShinyHunters. \u05d4\u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d8\u05e2\u05e0\u05d5 \u05db\u05d9 \u05d4\u05dd \u05d2\u05e0\u05d1\u05d5 1 petabyte \u05e9\u05dc \u05de\u05d9\u05d3\u05e2 (!) \u05d5\u05d3\u05e8\u05e9\u05d5 65 \u05de\u05d9\u05dc\u05d9\u05d5\u05df \u05d3\u05d5\u05dc\u05e8 \u05d3\u05de\u05d9 \u05db\u05d5\u05e4\u05e8 \u05d0\u05da \u05d4\u05d7\u05d1\u05e8\u05d4 \u05d4\u05ea\u05e2\u05dc\u05de\u05d4 \u05de\u05d4\u05d0\u05d9\u05d5\u05de\u05d9\u05dd \u05e9\u05dc\u05d4\u05dd. \n\n- \u05d7\u05d5\u05dc\u05e9\u05d4 SQLi \u05d1\u05ea\u05d5\u05e1\u05e3 \u05d4\u05d5\u05d5\u05e8\u05d3\u05e4\u05e8\u05e1 Ally \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea \u05d0\u05dc\u05de\u05e0\u05d8\u05d5\u05e8 (\u05d4\u05d9\u05e9\u05e8\u05d0\u05dc\u05d9\u05ea) \u05de\u05e9\u05e4\u05d9\u05e2\u05d4 \u05e2\u05dc \u05db-250,000 \u05d0\u05ea\u05e8\u05d9\u05dd. \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4, CVE-2026-2413 (\u05e8\u05de\u05ea \u05e1\u05d9\u05db\u05d5\u05df \u05d2\u05d1\u05d5\u05d4\u05d4), \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05d2\u05e0\u05d9\u05d1\u05ea \u05de\u05d9\u05d3\u05e2 \u05dc\u05dc\u05d0 \u05d4\u05d6\u05d3\u05d4\u05d5\u05ea. \n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05ea\u05d5\u05e7\u05e0\u05d4 \u05d1\u05d2\u05e8\u05e1\u05d4 4.1.0 \u05d5\u05d4\u05d7\u05d5\u05e7\u05e8 \u05ea\u05d5\u05d2\u05de\u05dc \u05d1-800$.\n\n- \u05d2\u05d5\u05d2\u05dc \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05db\u05d9 \u05d1\u05e9\u05e0\u05ea 2025 \u05d4\u05d9\u05d0 \u05e9\u05d9\u05dc\u05de\u05d4 \u05dc\u05d7\u05d5\u05e7\u05e8\u05d9\u05dd \u05d1\u05d0\u05d5\u05e0\u05d8\u05d9 \u05de\u05e6\u05d8\u05d1\u05e8 \u05e9\u05dc 17 \u05de\u05d9\u05dc\u05d9\u05d5\u05df \u05d3\u05d5\u05dc\u05e8.\n\n- \u05d7\u05d1\u05e8\u05ea England Hockey \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05db\u05d9 \u05d4\u05d9\u05d0 \u05d7\u05d5\u05e7\u05e8\u05d9 \u05d7\u05e9\u05d3 \u05dc\u05d0\u05d9\u05e8\u05d5\u05e2 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05dc\u05d0\u05d7\u05e8 \u05e9\u05e4\u05d5\u05e8\u05e1\u05de\u05d4 \u05db\u05e7\u05e8\u05d1\u05df \u05e2\"\u05d9 \u05e7\u05d1\u05d5\u05e6\u05ea AiLock.\n\n- \u05e7\u05d1\u05d5\u05e6\u05ea \u05ea\u05e7\u05d9\u05e4\u05d4 \u05d4\u05de\u05e9\u05d5\u05d9\u05d9\u05db\u05ea \u05dc\u05d0\u05d9\u05e8\u05d0\u05df \u05d8\u05d5\u05e2\u05e0\u05ea \u05db\u05d9 \u05e4\u05e8\u05e6\u05d4 \u05dc\u05e4\u05e8\u05dc\u05de\u05e0\u05d8 \u05d1\u05d0\u05dc\u05d1\u05e0\u05d9\u05d4, \u05d4\u05e7\u05d1\u05d5\u05e6\u05d4 \u05de\u05e4\u05e8\u05e1\u05de\u05ea \u05de\u05e1\u05de\u05db\u05d9\u05dd \u05de\u05d9\u05d9\u05dc\u05d9\u05dd \u05d4\u05de\u05e2\u05d9\u05d3\u05d9\u05dd \u05dc\u05db\u05d0\u05d5\u05e8\u05d4 \u05e2\u05dc \u05d4\u05e4\u05e8\u05d9\u05e6\u05d4.\n\nhttps://t.me/CyberSecurityIL/8611", "creation_timestamp": "2026-03-12T21:22:23.000000Z"}, {"uuid": "21f1f9ca-8c87-4ebc-8467-bc232a9571a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/374", "content": "https://nvd.nist.gov/vuln/detail/CVE-2026-2413\n\nActive/Current installations on Wordpress [400,000+ / 400K+]\n\n\nActive/Current records on Fofa [237,189+ / 200K+]\n\n\nFofa : body=\"wp-content/plugins/pojo-accessibility/\" or body=\"wp-content/plugins/pojo-accessibility/\" &amp;&amp; header=\"text/html\"\n\nEnjoy;", "creation_timestamp": "2026-03-14T14:40:52.000000Z"}, {"uuid": "a06b37a9-9dea-4a03-9e67-95ed4264e668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24132", "type": "published-proof-of-concept", "source": "https://github.com/orval-labs/orval/security/advisories/GHSA-f456-rf33-4626", "content": "", "creation_timestamp": "2026-01-22T15:20:41.000000Z"}, {"uuid": "05aad738-14d2-4c80-9a02-0045b16043e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24134", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mdh6ousoox2c", "content": "", "creation_timestamp": "2026-01-28T02:04:40.697917Z"}, {"uuid": "13cf50e8-238e-4e1d-b226-46fcaa22f195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://t.me/true_secator/7987", "content": "WordFence \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Ally \u0434\u043b\u044f WordPress \u043e\u0442 Elementor \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 400 000 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-2413 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438. \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0414\u0440\u044e \u0412\u0435\u0431\u0431\u0435\u0440\u043e\u043c\u0443 (mcdruid) \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Acquia.\n\nCVE-2026-2413 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Ally \u0434\u043e 4.0.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0447\u0435\u0440\u0435\u0437 \u043f\u0443\u0442\u044c URL \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 URL \u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u043c \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 URL, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0432 \u043c\u0435\u0442\u043e\u0434\u0435 get_global_remediations(), \u0433\u0434\u0435 \u043e\u043d \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u0435\u0442\u0441\u044f \u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 SQL JOIN \u0431\u0435\u0437 \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043d\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0443 SQL.\n\n\u0425\u043e\u0442\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f esc_url_raw() \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u043e\u043d\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043c\u0435\u0442\u0430\u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 SQL (\u043e\u0434\u0438\u043d\u043e\u0447\u043d\u044b\u0445 \u043a\u0430\u0432\u044b\u0447\u0435\u043a, \u0441\u043a\u043e\u0431\u043e\u043a).\n\n\u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0441\u043b\u0435\u043f\u043e\u0439 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\nWordfence \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043f\u043b\u0430\u0433\u0438\u043d \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 Elementor \u0438 \u0430\u043a\u0442\u0438\u0432\u0435\u043d \u043c\u043e\u0434\u0443\u043b\u044c \u00ab\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043e\u043a\u00bb.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043d\u0435\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 13 \u0444\u0435\u0432\u0440\u0430\u043b\u044f. Elementor \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 4.1.0 (\u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439), \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0439 23 \u0444\u0435\u0432\u0440\u0430\u043b\u044f, \u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u043b\u0430\u0447\u0435\u043d\u043e \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 800 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c WordPress, \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043a\u043e\u043b\u043e 36% \u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u043c Ally, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438\u0441\u044c \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.1.0, \u0442\u0430\u043a \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 250 000 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f CVE-2026-2413.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Ally \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.1.0 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f WordPress, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0435 \u0432\u0447\u0435\u0440\u0430. WordPress 6.9.2 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f XSS, \u043e\u0431\u0445\u043e\u0434 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 SSRF.", "creation_timestamp": "2026-03-12T13:14:13.000000Z"}, {"uuid": "5ca6766d-3948-4a13-8813-ecb8df7d5dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2413", "type": "seen", "source": "https://bsky.app/profile/donwebmedia.bsky.social/post/3mlicthjndf2x", "content": "CVE-2026-2413: SQL injection en plugin Ally afecta 400K\n\n400.000 sitios WordPress expuestos por inyecci\u00f3n SQL en plugin Ally de Elementor. \u00bfTu versi\u00f3n es 4.0.3 o menor? Actualiz\u00e1 a 4.1.0 en 5 minutos antes de ...\n\n#sqlinjection #cve20262413 #elementor #allyplugin #seguridadwordpress", "creation_timestamp": "2026-05-10T08:13:05.253035Z"}, {"uuid": "831954a5-1df5-45d8-aea5-e096359eb09d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24131", "type": "published-proof-of-concept", "source": "https://github.com/pnpm/pnpm/security/advisories/GHSA-v253-rj99-jwpq", "content": "", "creation_timestamp": "2026-01-26T15:43:17.000000Z"}, {"uuid": "0ba724a2-6d69-4ced-8aad-3142223120d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-24134", "type": "published-proof-of-concept", "source": "https://github.com/withstudiocms/studiocms/security/advisories/GHSA-8cw6-53m5-4932", "content": "", "creation_timestamp": "2026-01-27T21:40:07.000000Z"}]}