{"vulnerability": "cve-2024-4924", "sightings": [{"uuid": "09ffe8c1-7016-45af-89b0-0e792c178c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49249", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113786912546819110", "content": "", "creation_timestamp": "2025-01-07T11:48:18.129813Z"}, {"uuid": "3894376d-d314-41ce-b93c-48ba01e73137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49249", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113786703677090826", "content": "", "creation_timestamp": "2025-01-07T10:55:10.083014Z"}, {"uuid": "eb7a201c-a358-4686-b3c7-55e855b50359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49249", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jijlme22o", "content": "", "creation_timestamp": "2025-01-07T11:15:33.044063Z"}, {"uuid": "4c4def70-a577-4dc6-ae7a-c38ff95a595f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49243", "type": "seen", "source": "https://t.me/cvedetector/8312", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49243 - Dynamic Elementor Addons File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49243 \nPublished : Oct. 18, 2024, 10:15 a.m. | 20\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T12:44:21.000000Z"}, {"uuid": "46b1f0e7-d43a-4ff9-b493-b84a2acbd3f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49243", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mild3uuswi2k", "content": "", "creation_timestamp": "2026-04-03T08:40:09.137040Z"}, {"uuid": "3c167c1e-34ee-49c3-96d3-b7f1eb71c634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49249", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/397", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49249\n\ud83d\udd39 Description: Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue affects SMSA Shipping: from n/a through 2.3.\n\ud83d\udccf Published: 2025-01-07T10:49:34.877Z\n\ud83d\udccf Modified: 2025-01-07T10:49:34.877Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/smsa-shipping-official/vulnerability/wordpress-smsa-shipping-plugin-2-3-arbitrary-file-deletion-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T11:37:46.000000Z"}, {"uuid": "c31fa21f-9ce3-4314-8652-343fd377786b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49242", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mkha3puyiz2s", "content": "", "creation_timestamp": "2026-04-27T04:26:06.985091Z"}, {"uuid": "ab35a78f-c337-4e0d-a217-b280b689a2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49241", "type": "seen", "source": "https://t.me/cvedetector/8311", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49241 - Tito Tito Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-49241 \nPublished : Oct. 18, 2024, 10:15 a.m. | 20\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T12:44:20.000000Z"}, {"uuid": "b9deb5f7-9fed-4d8a-a246-4326f8aadaf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49244", "type": "seen", "source": "https://t.me/cvedetector/8218", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49244 - WooCommerce CSV Product Import Export SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49244 \nPublished : Oct. 17, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cmssoft CSV Product Import Export for WooCommerce allows SQL Injection.This issue affects CSV Product Import Export for WooCommerce: from n/a through 1.0.0. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T20:49:56.000000Z"}, {"uuid": "e79978e9-25b6-488a-a627-07b8fe83b5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49240", "type": "seen", "source": "https://t.me/cvedetector/8317", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49240 - Agustin Berasategui AB Categories Search Widget Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49240 \nPublished : Oct. 18, 2024, 10:15 a.m. | 20\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T12:44:27.000000Z"}, {"uuid": "66b0db77-2cf8-44fe-99bd-d210ab263eec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49248", "type": "seen", "source": "https://t.me/cvedetector/8255", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49248 - Igor Funa Ad Inserter Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49248 \nPublished : Oct. 17, 2024, 8:15 p.m. | 38\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Igor Funa Ad Inserter allows Reflected XSS.This issue affects Ad Inserter: from n/a through 2.7.37. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T23:20:57.000000Z"}, {"uuid": "7a4cf834-5a04-451e-bec7-ccdc024d748c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49246", "type": "seen", "source": "https://t.me/cvedetector/8216", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49246 - Anand23 Ajax Rating SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49246 \nPublished : Oct. 17, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in anand23 Ajax Rating with Custom Login allows SQL Injection.This issue affects Ajax Rating with Custom Login: from n/a through 1.1. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T20:49:52.000000Z"}, {"uuid": "d1ec7d3b-fdc8-4e39-b727-2d179230244a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49242", "type": "seen", "source": "https://t.me/cvedetector/8076", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49242 - Shafiq Digital Lottery Path Traversal Web Shell Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49242 \nPublished : Oct. 16, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Shafiq Digital Lottery allows Upload a Web Shell to a Web Server.This issue affects Digital Lottery: from n/a through 3.0.5. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T17:13:28.000000Z"}, {"uuid": "a19c7805-c4ae-4625-9eca-817bd31891e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49245", "type": "seen", "source": "https://t.me/cvedetector/8070", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49245 - Ahime Image Printer Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49245 \nPublished : Oct. 16, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ahime Ahime Image Printer.This issue affects Ahime Image Printer: from n/a through 1.0.0. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T17:13:21.000000Z"}, {"uuid": "91d466d3-b7cf-4f24-82ab-a1dff3b8a1ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49247", "type": "seen", "source": "https://t.me/cvedetector/8053", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49247 - Sooskriszta Webforza BuddyPress Better Registration Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49247 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : : Authentication Bypass Using an Alternate Path or Channel vulnerability in sooskriszta, webforza BuddyPress Better Registration allows : Authentication Bypass.This issue affects BuddyPress Better Registration: from n/a through 1.6. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:49.000000Z"}]}