{"vulnerability": "cve-2024-4401", "sightings": [{"uuid": "824fd032-7e07-4750-840d-501d8bf778b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44018", "type": "seen", "source": "https://t.me/cvedetector/7074", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44018 - Istmo Plugins Instant Chat Floating Button WordPress Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-44018 \nPublished : Oct. 5, 2024, 1:15 p.m. | 44\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Istmo Plugins Instant Chat Floating Button for WordPress Websites allows PHP Local File Inclusion.This issue affects Instant Chat Floating Button for WordPress Websites: from n/a through 1.0.5. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T16:17:38.000000Z"}, {"uuid": "06954311-774a-442d-93ff-10d5d0bf7951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44019", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mihnqrpskn2f", "content": "", "creation_timestamp": "2026-04-01T21:40:08.635126Z"}, {"uuid": "1be66ad4-229b-4b44-ad7c-c01913ef50aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44019", "type": "seen", "source": "https://t.me/cvedetector/9602", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44019 - Contact Form 7 Campaign Monitor Extension Missing Authorization\", \n  \"Content\": \"CVE ID : CVE-2024-44019 \nPublished : Nov. 1, 2024, 3:15 p.m. | 40\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through 0.4.67. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T17:01:23.000000Z"}, {"uuid": "52b6cca4-975a-40fa-8bb3-b7665afb3f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44017", "type": "seen", "source": "https://t.me/cvedetector/6819", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44017 - MH Board Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-44017 \nPublished : Oct. 2, 2024, 10:15 a.m. | 35\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MinHyeong Lim MH Board allows PHP Local File Inclusion.This issue affects MH Board: from n/a through 1.3.2.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T13:00:58.000000Z"}, {"uuid": "95259bf3-efa9-436d-b0c2-20dda890ffe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44015", "type": "seen", "source": "https://t.me/cvedetector/7052", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44015 - \"Users Control Path Traversal PHP Local File Inclusion\"\", \n  \"Content\": \"CVE ID : CVE-2024-44015 \nPublished : Oct. 5, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Users Control allows PHP Local File Inclusion.This issue affects Users Control: from n/a through 1.0.16. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T13:46:49.000000Z"}, {"uuid": "1a343c1d-15b9-4edd-951e-84c220d48282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44014", "type": "seen", "source": "https://t.me/cvedetector/7051", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44014 - Vmaxstudio Vmax Project Manager Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44014 \nPublished : Oct. 5, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vmaxstudio Vmax Project Manager allows PHP Local File Inclusion, Code Injection.This issue affects Vmax Project Manager: from n/a through 1.0. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T13:46:48.000000Z"}, {"uuid": "a33dbbc8-168b-4390-902e-83cfa6daf2c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44013", "type": "seen", "source": "https://t.me/cvedetector/7050", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44013 - Innate Images LLC VR Calendar Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44013 \nPublished : Oct. 5, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Innate Images LLC VR Calendar allows PHP Local File Inclusion.This issue affects VR Calendar: from n/a through 2.4.0. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T13:46:44.000000Z"}, {"uuid": "7671bd89-e0f6-4006-b77f-3e5e0b807118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44012", "type": "seen", "source": "https://t.me/cvedetector/7049", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44012 - WordPress Newsletter Subscription Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44012 \nPublished : Oct. 5, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpdev33 WP Newsletter Subscription allows PHP Local File Inclusion.This issue affects WP Newsletter Subscription: from n/a through 1.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T13:46:44.000000Z"}, {"uuid": "380845ca-1d32-49a1-833d-ddc0dd3a225d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44011", "type": "seen", "source": "https://t.me/cvedetector/7048", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44011 - WP Ticket Ultra Help Desk & Support Plugin Path Traversal Remote File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-44011 \nPublished : Oct. 5, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Ticket Ultra WP Ticket Ultra Help Desk & Support Plugin allows PHP Local File Inclusion.This issue affects WP Ticket Ultra Help Desk & Support Plugin: from n/a through 1.0.5. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T13:46:43.000000Z"}, {"uuid": "600a5396-0c0f-4d25-a87a-6615ff853deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44016", "type": "seen", "source": "https://t.me/cvedetector/7047", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44016 - Podiant Path Traversal PHP File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-44016 \nPublished : Oct. 5, 2024, 11:15 a.m. | 30\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mark Steadman Podiant allows PHP Local File Inclusion.This issue affects Podiant: from n/a through 1.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-05T13:46:42.000000Z"}, {"uuid": "c2448459-caa7-4aac-a3a4-ca66cfef2800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4401", "type": "seen", "source": "https://t.me/cvedetector/4498", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4401 - Elementor Addon Elements Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-4401 \nPublished : Aug. 30, 2024, 4:15 a.m. | 38\u00a0minutes ago \nDescription : The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018id\u2019 and 'eae_slider_animation' parameters in all versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-30T07:17:30.000000Z"}]}