{"vulnerability": "cve-2024-1312", "sightings": [{"uuid": "a5a9245d-a3ad-4c59-b025-86c2964e26a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13129", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113766580847775451", "content": "", "creation_timestamp": "2025-01-03T21:37:40.144647Z"}, {"uuid": "02255217-9abc-49fe-aafe-c41e94c4ad52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13124", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll4kmohckb26", "content": "", "creation_timestamp": "2025-03-24T10:34:15.549196Z"}, {"uuid": "2d32866b-c290-4590-8f81-30012145b09f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13123", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll6va2thbt26", "content": "", "creation_timestamp": "2025-03-25T08:49:28.561833Z"}, {"uuid": "427c1824-e136-4b68-8345-58bd2635c2a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113995089019297359", "content": "", "creation_timestamp": "2025-02-13T06:10:17.972246Z"}, {"uuid": "d47331d5-9c97-4cbc-ae10-c1074a98133f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113995089033400922", "content": "", "creation_timestamp": "2025-02-13T06:10:18.469812Z"}, {"uuid": "8f99a3b7-9107-4b55-9293-a6f78b6d3a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzzyogyqr2s", "content": "", "creation_timestamp": "2025-02-13T06:15:50.105650Z"}, {"uuid": "aa982897-273e-478b-a268-e637d15318c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzzyqn77o2s", "content": "", "creation_timestamp": "2025-02-13T06:15:52.411173Z"}, {"uuid": "473cc430-3c64-460c-a0f5-b25d8b7a6920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhzzyt6lmq2a", "content": "", "creation_timestamp": "2025-02-13T06:15:55.062187Z"}, {"uuid": "3c78ebef-6dfd-49c2-83a6-7ccb05749088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113995148034307983", "content": "", "creation_timestamp": "2025-02-13T06:25:18.384265Z"}, {"uuid": "3a5acf29-f0cb-4ad2-8e52-034729ea4f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "MISP/db121278-a8f5-4f36-a226-e45f3a86f55e", "content": "", "creation_timestamp": "2025-08-26T13:26:34.000000Z"}, {"uuid": "7bb3fe46-34fb-4074-adc1-0dc580028c6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13122", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll6va2c76z24", "content": "", "creation_timestamp": "2025-03-25T08:49:25.765070Z"}, {"uuid": "3cf03040-3274-4801-953e-79b5bf0a3d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13126", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-13126.yaml", "content": "", "creation_timestamp": "2025-04-05T06:19:48.000000Z"}, {"uuid": "073581a3-ae7d-4dfb-a371-4cf8348eee3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "MISP/db121278-a8f5-4f36-a226-e45f3a86f55e", "content": "", "creation_timestamp": "2025-08-26T13:26:34.000000Z"}, {"uuid": "5797e1e2-3241-49ca-ab37-e4aadf1a741d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "MISP/db121278-a8f5-4f36-a226-e45f3a86f55e", "content": "", "creation_timestamp": "2025-08-26T13:26:34.000000Z"}, {"uuid": "50d83530-69cb-4b9d-9c6d-6fa69290a2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13120\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T06:15:20.917\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/5b70798c-c30d-42e6-ac72-821c5568b9b5/", "creation_timestamp": "2025-02-13T07:08:40.000000Z"}, {"uuid": "70eb3188-8629-4531-bab8-e24532af3ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13121\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T06:15:21.050\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/59ee8fe5-4820-4d52-b17a-7044631c40c1/", "creation_timestamp": "2025-02-13T07:08:37.000000Z"}, {"uuid": "3b7baa87-212e-44e7-8994-33d02febf211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13125\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T06:15:21.210\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/f60a8358-1765-4cae-9c89-0d75c5e394ec/", "creation_timestamp": "2025-02-13T07:08:13.000000Z"}, {"uuid": "321dff22-e176-4f6f-b81c-39d4a5b9cf65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4210", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13120\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content  WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-02-13T06:31:43Z\n\ud83d\udccf Modified: 2025-02-13T06:31:43Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13120\n2. https://wpscan.com/vulnerability/5b70798c-c30d-42e6-ac72-821c5568b9b5", "creation_timestamp": "2025-02-13T07:10:09.000000Z"}, {"uuid": "c5406684-11e4-4a17-a05b-7e4d55ff541b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13126", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7707", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13126\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web servers that don't use htaccess, allowing unauthorized access of files.\n\ud83d\udccf Published: 2025-03-16T06:00:04.512Z\n\ud83d\udccf Modified: 2025-03-16T06:00:04.512Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c2c69a44-4ecc-41d1-a10c-cfe9c875b803/", "creation_timestamp": "2025-03-16T06:46:15.000000Z"}, {"uuid": "7d31a06a-45db-47f0-acb7-4a125c561ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4212", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13125\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Everest Forms  WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-02-13T06:31:43Z\n\ud83d\udccf Modified: 2025-02-13T06:31:43Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13125\n2. https://wpscan.com/vulnerability/f60a8358-1765-4cae-9c89-0d75c5e394ec", "creation_timestamp": "2025-02-13T07:10:15.000000Z"}, {"uuid": "66ef1747-74e5-4498-a021-e26c7d5b5acd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4218", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13121\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content  WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-02-13T06:31:43Z\n\ud83d\udccf Modified: 2025-02-13T06:31:43Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13121\n2. https://wpscan.com/vulnerability/59ee8fe5-4820-4d52-b17a-7044631c40c1", "creation_timestamp": "2025-02-13T07:11:44.000000Z"}, {"uuid": "60e655cb-d184-4505-817b-6e6cea068f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13126", "type": "seen", "source": "https://t.me/cvedetector/20407", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13126 - WordPress Download Manager Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13126 \nPublished : March 16, 2025, 6:15 a.m. | 32\u00a0minutes ago \nDescription : The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web servers that don't use htaccess, allowing unauthorized access of files. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-16T08:00:59.000000Z"}, {"uuid": "0434b6d4-3a3a-4ea0-af87-1e827378783b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "https://t.me/cvedetector/17971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13120 - WordPress Paid Membership Plugin Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13120 \nPublished : Feb. 13, 2025, 6:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content  WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-13T08:47:55.000000Z"}, {"uuid": "5bd17c9d-1366-44c4-a6f2-ae4c64d5b869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "https://t.me/cvedetector/17965", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13125 - Everest Forms Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13125 \nPublished : Feb. 13, 2025, 6:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : The Everest Forms  WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-13T08:47:50.000000Z"}, {"uuid": "308f70e1-2b16-4ad7-8553-790398438b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "https://t.me/cvedetector/17964", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13121 - WordPress Paid Membership Plugin Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13121 \nPublished : Feb. 13, 2025, 6:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content  WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-13T08:47:49.000000Z"}, {"uuid": "6c8713b1-d3f4-4553-8ed3-36b1ba36ab4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13122", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8606", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13122\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The AFI  WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-03-25T06:00:12.535Z\n\ud83d\udccf Modified: 2025-03-25T06:00:12.535Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/512721cb-e544-4d26-87ca-43d83e77f8e4/", "creation_timestamp": "2025-03-25T06:23:41.000000Z"}, {"uuid": "5398e57b-c77a-450b-b299-ab6ef8c2f386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13123", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8605", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13123\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The AFI  WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-03-25T06:00:12.871Z\n\ud83d\udccf Modified: 2025-03-25T06:00:12.871Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/417178de-17ff-438c-a36c-b90db6486a46/", "creation_timestamp": "2025-03-25T06:23:40.000000Z"}, {"uuid": "cdf6922c-a5a7-4a53-9dee-28152ecd764e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13122", "type": "seen", "source": "https://t.me/cvedetector/21070", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13122 - WordPress AFI Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13122 \nPublished : March 25, 2025, 6:15 a.m. | 1\u00a0hour, 32\u00a0minutes ago \nDescription : The AFI  WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T09:27:48.000000Z"}, {"uuid": "61bc2f95-e86d-4087-8c07-7c23d88b1097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "Telegram/mRFWiZmvYxw6PK_wv3vXO7nAweWSrvNP4mAQkC0TZ97WFu-V", "content": "", "creation_timestamp": "2025-02-14T10:06:08.000000Z"}, {"uuid": "549ecfc5-4b66-4179-b1fb-53db38229b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13124", "type": "seen", "source": "https://t.me/cvedetector/20940", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13124 - 10Web Photo Gallery WordPress Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13124 \nPublished : March 24, 2025, 6:15 a.m. | 43\u00a0minutes ago \nDescription : The Photo Gallery by 10Web  WordPress plugin before 1.8.33 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T08:22:03.000000Z"}, {"uuid": "9e7793b0-86b4-4faa-b70b-53599e0cf47e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13129", "type": "seen", "source": "https://t.me/cvedetector/14246", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13129 - \"Roxy-WI OS Command Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-13129 \nPublished : Jan. 3, 2025, 10:15 p.m. | 19\u00a0minutes ago \nDescription : A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by this vulnerability is the function action_service of the file app/modules/roxywi/roxy.py. The manipulation of the argument action/service leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.1.4 is able to address this issue. The identifier of the patch is 32313928eb9ce906887b8a30bf7b9a3d5c0de1be. It is recommended to upgrade the affected component. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T23:42:37.000000Z"}, {"uuid": "f420ff6a-2f72-438a-b6ed-2034ac9d6ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13125", "type": "seen", "source": "Telegram/WSo7682uaBxGefBbXv2XKHrn4vkB4TkHKWxzBkgdURsUcN9D", "content": "", "creation_timestamp": "2025-02-14T10:08:08.000000Z"}, {"uuid": "f03e692f-3f83-462f-a69c-cc2d30039ab1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "Telegram/i-vx1mBZIyW0fbeEKuCpcidznuYPDRHAqxFugIFDPTIXZAyQ", "content": "", "creation_timestamp": "2025-02-14T10:08:08.000000Z"}, {"uuid": "d6c32930-43ec-4eb5-bde1-6bb848af3187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "Telegram/GAal6JeMFzkdtTp1qmBD1K0LJkjmQzIBKq_luLCrgYA672Jf", "content": "", "creation_timestamp": "2025-02-14T10:08:08.000000Z"}, {"uuid": "f36b9771-428b-436f-92cd-6d4367f44266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13121", "type": "seen", "source": "Telegram/yje8F83J5BUwOlho59WUdXkypd9MOZeAyQ5boCxZUiv25tlf", "content": "", "creation_timestamp": "2025-02-14T10:06:08.000000Z"}, {"uuid": "3cbe0744-1d22-44f5-97cb-8b1d89e05b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13120", "type": "seen", "source": "Telegram/2WIhu85WkfeQ0wB4Gi6DusPGsFU6dQRRKMQN7RW9fnKneil2", "content": "", "creation_timestamp": "2025-02-14T10:06:08.000000Z"}, {"uuid": "0a680a54-f11c-4dce-9fdc-94446b381fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1312", "type": "seen", "source": "https://t.me/ctinow/198279", "content": "https://ift.tt/9DUFxP4\nCVE-2024-1312 | Linux Kernel up to 6.5-rc3 Memory Management Subsystem lock_vma_under_rcu use after free", "creation_timestamp": "2024-03-02T09:06:39.000000Z"}, {"uuid": "6a84d1e4-ac9e-4a97-b3a5-3ad159649e8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1312", "type": "seen", "source": "https://t.me/ctinow/181388", "content": "https://ift.tt/l7LeJb2\nCVE-2024-1312", "creation_timestamp": "2024-02-08T14:21:56.000000Z"}]}