{"vulnerability": "cve-2024-3871", "sightings": [{"uuid": "3a905a45-fc0a-4fac-94f4-7ac596edc935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3871", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-1026/", "content": "", "creation_timestamp": "2025-11-27T05:00:00.000000Z"}, {"uuid": "f5a75c53-2ec8-4b12-b1dc-af80a866b26d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3871", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-06", "content": "", "creation_timestamp": "2025-11-20T11:00:00.000000Z"}, {"uuid": "73f4063d-b322-4bef-a250-0d09e9eee76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3871", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-1037/", "content": "", "creation_timestamp": "2025-12-01T05:00:00.000000Z"}, {"uuid": "a0f802fd-5c4c-477b-8292-9e31dc47badf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38710", "type": "seen", "source": "https://t.me/cvedetector/1264", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38710 - Jewel Theme Master Addons for Elementor Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-38710 \nPublished : July 20, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.2. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T11:26:48.000000Z"}, {"uuid": "9e4422e4-ef39-4e44-ae05-569635762336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38711", "type": "seen", "source": "https://t.me/cvedetector/1263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38711 - Yannick Lefebvre Link Library Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-38711 \nPublished : July 20, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.7.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T11:26:47.000000Z"}, {"uuid": "6a86900c-9615-4623-ac11-449fff5d4ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38712", "type": "seen", "source": "https://t.me/cvedetector/1262", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38712 - Qode Interactive Qi Blocks Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38712 \nPublished : July 20, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Qode Interactive Qi Blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through 1.3. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T11:26:46.000000Z"}, {"uuid": "32bcfa30-0e34-447d-9dbc-9e57c58aaff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38713", "type": "seen", "source": "https://t.me/cvedetector/1261", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38713 - OpaJaap WP Photo Album Plus Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-38713 \nPublished : July 20, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T11:26:42.000000Z"}, {"uuid": "51ce2b53-699e-4a2a-8f9c-8d27bb970749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38718", "type": "seen", "source": "https://t.me/cvedetector/1260", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38718 - Clicklabs Medienagentur Elementor Download Button Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-38718 \nPublished : July 20, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in clicklabs\u00ae Medienagentur Download Button for Elementor allows Stored XSS.This issue affects Download Button for Elementor: from n/a through 1.2.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T11:26:41.000000Z"}, {"uuid": "2083dd4d-6559-41b6-8315-9d77c2ec711d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38715", "type": "seen", "source": "https://t.me/cvedetector/763", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38715 - Improper Limitation of a Pathname to a Restricted\", \n  \"Content\": \"CVE ID : CVE-2024-38715 \nPublished : July 12, 2024, 3:15 p.m. | 20\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ExS ExS Widgets allows PHP Local File Inclusion.This issue affects ExS Widgets: from n/a through 0.3.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T17:46:35.000000Z"}]}