{"vulnerability": "cve-2024-4964", "sightings": [{"uuid": "5aab5183-c86b-4f0c-ba5f-b83e91d1734e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49644", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113786912674384909", "content": "", "creation_timestamp": "2025-01-07T11:48:19.508505Z"}, {"uuid": "f045d58d-a604-423d-8bf1-271fd56bda6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49649", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113786912740235191", "content": "", "creation_timestamp": "2025-01-07T11:48:20.433833Z"}, {"uuid": "e82e7eb5-c15e-429f-ba36-f020d53d9f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49649", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/401", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49649\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23.\n\ud83d\udccf Published: 2025-01-07T10:49:31.318Z\n\ud83d\udccf Modified: 2025-01-07T10:49:31.318Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/build-app-online/vulnerability/wordpress-build-app-online-plugin-1-0-23-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T11:38:21.000000Z"}, {"uuid": "fa8f8099-aa21-4651-ab9d-30b70403548c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49640", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mfdbsjzqs72m", "content": "", "creation_timestamp": "2026-02-20T23:40:09.711746Z"}, {"uuid": "16da6ff7-e208-4e96-8ab3-a079d946a6ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49644", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49644\n\ud83d\udd39 Description: Incorrect Privilege Assignment vulnerability in AllAccessible Team Accessibility by AllAccessible allows Privilege Escalation.This issue affects Accessibility by AllAccessible: from n/a through 1.3.4.\n\ud83d\udccf Published: 2025-01-07T10:49:32.226Z\n\ud83d\udccf Modified: 2025-01-07T10:49:32.226Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/allaccessible/vulnerability/wordpress-accessibility-by-allaccessible-plugin-1-3-4-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-07T11:38:15.000000Z"}, {"uuid": "bc237bfc-244c-4c9d-81cc-a777d89be382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49644", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113786762704657220", "content": "", "creation_timestamp": "2025-01-07T11:10:10.926264Z"}, {"uuid": "b01cf658-adf9-460b-ba89-3990fcd229c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49649", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113786762719044734", "content": "", "creation_timestamp": "2025-01-07T11:10:11.103386Z"}, {"uuid": "41b79547-e71a-4c60-952b-5d6c71935306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49644", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jirk3l32i", "content": "", "creation_timestamp": "2025-01-07T11:15:40.860500Z"}, {"uuid": "b803cfa2-3d4a-4f7c-b4ec-a6212e0170ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49649", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5jitrzyz22", "content": "", "creation_timestamp": "2025-01-07T11:15:43.034606Z"}, {"uuid": "cd90ca9e-853a-41c6-93aa-ee776888347e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49647", "type": "seen", "source": "https://t.me/cvedetector/9308", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49647 - Carl Alberto Simple Custom Admin Cross-site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49647 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Carl Alberto Simple Custom Admin allows Reflected XSS.This issue affects Simple Custom Admin: from n/a through 1.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:28.000000Z"}, {"uuid": "b06899c1-e9f5-4f1d-9c72-8466ee75b2ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49646", "type": "seen", "source": "https://t.me/cvedetector/9307", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49646 - Ioannup Code Generate Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49646 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ioannup Code Generate allows Reflected XSS.This issue affects Code Generate: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:24.000000Z"}, {"uuid": "4aa632b4-0d19-44ae-8c16-9fecc199e7c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49642", "type": "seen", "source": "https://t.me/cvedetector/9267", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49642 - Rafasashi Todo Custom Field Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49642 \nPublished : Oct. 29, 2024, 9:15 a.m. | 19\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rafasashi Todo Custom Field allows Reflected XSS.This issue affects Todo Custom Field: from n/a through 3.0.4. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T10:35:14.000000Z"}, {"uuid": "7c40eae1-9d1c-493a-8ba5-0cd37a3abd75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49648", "type": "seen", "source": "https://t.me/cvedetector/9305", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49648 - Rafasashi SVG Captcha Reflected Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49648 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in rafasashi SVG Captcha allows Reflected XSS.This issue affects SVG Captcha: from n/a through 1.0.11. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:23.000000Z"}]}