{"vulnerability": "cve-2024-1193", "sightings": [{"uuid": "80aaf836-6739-4158-b757-f914e7b83b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11933", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113557803696464261", "content": "", "creation_timestamp": "2024-11-28T00:42:53.536463Z"}, {"uuid": "39b10bdc-c2cb-425d-a02b-ad1a62249f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11933", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1630/", "content": "", "creation_timestamp": "2024-11-27T05:00:00.000000Z"}, {"uuid": "ea81daa6-fe83-4b16-8e8d-0769881816f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11935", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113594646804490157", "content": "", "creation_timestamp": "2024-12-04T12:52:34.784385Z"}, {"uuid": "e52423ef-1ca4-44c5-b8b9-a0566862dd33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11938", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldse5qxbwn25", "content": "", "creation_timestamp": "2024-12-21T07:15:33.465726Z"}, {"uuid": "40ddc712-7664-4f22-bfa3-b89e791afb1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11938", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113689564924062531", "content": "", "creation_timestamp": "2024-12-21T07:11:30.250245Z"}, {"uuid": "96d025b0-950e-4096-bf49-e934d91e103d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11938", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113689577483393499", "content": "", "creation_timestamp": "2024-12-21T07:14:42.045450Z"}, {"uuid": "e72cc240-68c7-4877-b220-b34025509d9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11934", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113784946172253533", "content": "", "creation_timestamp": "2025-01-07T03:28:12.600343Z"}, {"uuid": "12243099-d07c-4e70-af3a-87591d995b82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11939", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf7yqi5ge32r", "content": "", "creation_timestamp": "2025-01-08T10:53:46.614935Z"}, {"uuid": "9853c216-0a0b-4930-a373-9e661805eb69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11934", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4rzjcwpl22", "content": "", "creation_timestamp": "2025-01-07T04:15:32.673090Z"}, {"uuid": "a711d0d2-b3fe-42fa-84fe-562f72d3084a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11930", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113769121371751047", "content": "", "creation_timestamp": "2025-01-04T08:23:50.005866Z"}, {"uuid": "93427aaa-252d-471e-acbd-efe8ba0f8cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11939", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113791755008587797", "content": "", "creation_timestamp": "2025-01-08T08:19:47.244757Z"}, {"uuid": "e276674c-232e-40c2-8b4b-1e5c2046dcbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11939", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7tatqrdp25", "content": "", "creation_timestamp": "2025-01-08T09:15:31.531387Z"}, {"uuid": "374684db-5ae5-4285-bdac-e6cae3bb84de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11932", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-028-05", "content": "", "creation_timestamp": "2025-01-28T11:00:00.000000Z"}, {"uuid": "73123ffc-48d4-452a-973d-352c000ea2da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11931", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113881124225420701", "content": "", "creation_timestamp": "2025-01-24T03:07:33.265527Z"}, {"uuid": "cedd1731-faac-436e-b016-c71c97d96cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113894370004265885", "content": "", "creation_timestamp": "2025-01-26T11:16:07.802433Z"}, {"uuid": "76945f95-4e61-4bb1-b6c2-3fa68af0b96c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgnfpw4ybh2h", "content": "", "creation_timestamp": "2025-01-26T12:15:53.002193Z"}, {"uuid": "1e211952-7096-4088-a696-7b7ebf110393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgno3riyo62i", "content": "", "creation_timestamp": "2025-01-26T14:45:41.213259Z"}, {"uuid": "03b75b62-8ba4-4b09-9d32-7386b1bdafab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgno3rmkhg2w", "content": "", "creation_timestamp": "2025-01-26T14:45:41.804455Z"}, {"uuid": "3ec78b97-c872-4e8f-bcfc-043eadb849c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11931", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113872954267513452", "content": "", "creation_timestamp": "2025-01-22T16:29:50.043014Z"}, {"uuid": "ddb842d1-942c-43c9-9b47-3ed86c5a08d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113895204622965670", "content": "", "creation_timestamp": "2025-01-26T14:48:23.600423Z"}, {"uuid": "85a85566-2755-4e7c-8d5e-6b708882e22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11937", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lt4uxzy5v52m", "content": "", "creation_timestamp": "2025-07-04T09:01:07.099799Z"}, {"uuid": "7f98d2a5-1cbc-4c54-95b9-a3701e7c42d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11931", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2864", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11931\n\ud83d\udd39 Description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint.\n\ud83d\udccf Published: 2025-01-24T03:02:16.074Z\n\ud83d\udccf Modified: 2025-01-24T03:02:16.074Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/480901", "creation_timestamp": "2025-01-24T04:03:39.000000Z"}, {"uuid": "066c1c1f-22ea-4fe0-a21d-6e6ed0fc465b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11934", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/292", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11934\n\ud83d\udd39 Description: The Formaloo Form Maker & Customer Analytics for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018address\u2019 parameter in all versions up to, and including, 2.1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-01-07T03:21:54.579Z\n\ud83d\udccf Modified: 2025-01-07T03:21:54.579Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/4b7ddf44-a1d2-4042-9219-591ebc8e4250?source=cve\n2. https://plugins.trac.wordpress.org/browser/formaloo-form-builder/trunk/formaloo.php#L431\n3. https://wordpress.org/plugins/formaloo-form-builder/#developers", "creation_timestamp": "2025-01-07T03:37:08.000000Z"}, {"uuid": "821d0650-cd9d-428e-843e-7a89ddb67df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11939", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/682", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11939\n\ud83d\udd39 Description: The Cost Calculator Builder PRO plugin for WordPress is vulnerable to blind time-based SQL Injection via the \u2018data\u2019 parameter in all versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\ud83d\udccf Published: 2025-01-08T08:18:17.475Z\n\ud83d\udccf Modified: 2025-01-08T08:18:17.475Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/96ad872f-9831-4113-99ae-322bcd2b6fbd?source=cve\n2. https://docs.stylemixthemes.com/cost-calculator-builder/changelog-1/changelog-pro-version#id-3.2.16", "creation_timestamp": "2025-01-08T09:12:44.000000Z"}, {"uuid": "aad27dab-f824-42b2-ad87-be8c94732ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11931", "type": "seen", "source": "https://t.me/cvedetector/16250", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11931 - GitLab CI Variable Exfiltration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11931 \nPublished : Jan. 24, 2025, 3:15 a.m. | 39\u00a0minutes ago \nDescription : An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T05:12:09.000000Z"}, {"uuid": "6c6459d1-4b4c-4abd-956b-e62d45c285d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3132", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-44w3-4x9p-xmff\n\ud83d\udd25 CVSS Score: N/A (CVSS_V3)\n\ud83d\udd39 Description: The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backup_options' and 'restore_options' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.\n\ud83d\udccf Published: 2025-01-26T12:30:31Z\n\ud83d\udccf Modified: 2025-01-26T12:30:31Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-11936\n2. https://themeforest.net/item/zox-news-professional-wordpress-news-magazine-theme/20381541\n3. https://www.wordfence.com/threat-intel/vulnerabilities/id/3f061e7f-6a87-4d4a-9b4e-8234883f2ebc?source=cve", "creation_timestamp": "2025-01-26T13:06:17.000000Z"}, {"uuid": "fe9da890-202d-40be-8959-23d5ffb223ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "https://t.me/cvedetector/16414", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11936 - \"Zox News Theme Privilege Escalation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11936 \nPublished : Jan. 26, 2025, 12:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backup_options' and 'restore_options' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-26T15:44:37.000000Z"}, {"uuid": "fc4c2f99-91b0-42ef-bc8e-13677611ebe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11939", "type": "seen", "source": "https://t.me/cvedetector/14677", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11939 - WordPress Cost Calculator Builder PRO SQL Blind Time-Based Injection\", \n  \"Content\": \"CVE ID : CVE-2024-11939 \nPublished : Jan. 8, 2025, 9:15 a.m. | 30\u00a0minutes ago \nDescription : The Cost Calculator Builder PRO plugin for WordPress is vulnerable to blind time-based SQL Injection via the \u2018data\u2019 parameter in all versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T10:47:55.000000Z"}, {"uuid": "87a4f4a0-60b3-4361-9cc3-b73cac44ead5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11930", "type": "seen", "source": "https://t.me/cvedetector/14272", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11930 - Taskbuilder - WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11930 \nPublished : Jan. 4, 2025, 9:15 a.m. | 16\u00a0minutes ago \nDescription : The Taskbuilder \u2013 WordPress Project & Task Management plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wppm_tasks shortcode in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-04T10:34:42.000000Z"}, {"uuid": "a4c3c80b-0240-4149-b915-9fbd7a71ee42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11934", "type": "seen", "source": "https://t.me/cvedetector/14439", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11934 - Formoo Stored Cross-Site Scripting (CWE-80)\", \n  \"Content\": \"CVE ID : CVE-2024-11934 \nPublished : Jan. 7, 2025, 4:15 a.m. | 39\u00a0minutes ago \nDescription : The Formaloo Form Maker & Customer Analytics for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018address\u2019 parameter in all versions up to, and including, 2.1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T06:19:51.000000Z"}, {"uuid": "b3b358c2-76e2-44ac-9e62-b844fd734d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11935", "type": "seen", "source": "https://t.me/cvedetector/11986", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11935 - The Email Address Obfuscation plugin for WordPress\", \n  \"Content\": \"CVE ID : CVE-2024-11935 \nPublished : Dec. 4, 2024, 1:15 p.m. | 40\u00a0minutes ago \nDescription : The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018class\u2019 parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T15:04:51.000000Z"}, {"uuid": "dbee5407-9761-4335-92c9-345b5829ea1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11938", "type": "seen", "source": "https://t.me/cvedetector/13487", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11938 - \"WooCommerce Sales Funnel Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11938 \nPublished : Dec. 21, 2024, 7:15 a.m. | 16\u00a0minutes ago \nDescription : The One Click Upsell Funnel for WooCommerce \u2013  Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Profits with Sales Funnel Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wps_wocuf_pro_yes shortcode in all versions up to, and including, 3.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-21T08:38:43.000000Z"}, {"uuid": "8dc1340d-f52f-41e3-81b1-bff7aba16363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1193", "type": "seen", "source": "https://t.me/ctinow/192685", "content": "https://ift.tt/7hrHL9J\nCVE-2024-1193 | Navicat 12.0.29 MySQL Conecction denial of service", "creation_timestamp": "2024-02-24T19:16:40.000000Z"}, {"uuid": "4909efe5-29a7-4697-915c-65c7e8d5d944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11936", "type": "seen", "source": "Telegram/0FkprSeQP0YKYs2oblBz5o7rDVlvxUyLHL4sJJZN3ykZN_DT", "content": "", "creation_timestamp": "2025-02-06T02:42:29.000000Z"}, {"uuid": "2bdfb40a-11f2-4694-9d96-99f79f610312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1193", "type": "seen", "source": "https://t.me/ctinow/178293", "content": "https://ift.tt/EW93dKz\nCVE-2024-1193", "creation_timestamp": "2024-02-02T22:21:40.000000Z"}, {"uuid": "83d67c3c-10da-4fc4-80b3-9cad1a72b893", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1193", "type": "seen", "source": "https://t.me/ctinow/182391", "content": "https://ift.tt/SOCjk9P\nCVE-2024-1193 Exploit", "creation_timestamp": "2024-02-10T03:16:31.000000Z"}]}