{"vulnerability": "cve-2024-4965", "sightings": [{"uuid": "79292f11-cd55-4f0b-a345-5816aaaa17ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49658", "type": "seen", "source": "MISP/f37b96c1-0867-4c49-93b9-f8f68fe11b07", "content": "", "creation_timestamp": "2024-11-01T12:06:50.000000Z"}, {"uuid": "6b6b379c-1c13-4004-80bc-e1f225006335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49655", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866643007718755", "content": "", "creation_timestamp": "2025-01-21T13:44:49.205032Z"}, {"uuid": "b30fb63f-d09c-4690-b363-c1a0708e0d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49655", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb23x5chr2r", "content": "", "creation_timestamp": "2025-01-21T14:15:54.845129Z"}, {"uuid": "f80e652d-61ca-49c7-a06e-c5296f4e2de7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49655", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgb3g7ztk72r", "content": "", "creation_timestamp": "2025-01-21T14:39:38.094346Z"}, {"uuid": "9072c6e1-d13e-41c0-aae5-5d182f9b9d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49655", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113866894045598489", "content": "", "creation_timestamp": "2025-01-21T14:48:43.598999Z"}, {"uuid": "92e2fd76-d415-420a-a78e-6fd0aa8a92e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49655", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lgdlb367gj2m", "content": "", "creation_timestamp": "2025-01-22T14:28:20.396059Z"}, {"uuid": "2c0ed061-1db9-46c4-9a0f-c97b6eb954eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49652", "type": "seen", "source": "https://t.me/cvedetector/8714", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49652 - ReneeCussack 3D Work In Progress Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49652 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in ReneeCussack 3D Work In Progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through 1.0.3. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:03:57.000000Z"}, {"uuid": "1ccf094a-20ae-4271-a3be-37c6413d0c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2402", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49655\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3.\n\ud83d\udccf Published: 2025-01-21T13:40:32.856Z\n\ud83d\udccf Modified: 2025-01-21T13:40:32.856Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-0-3-unauthenticated-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:53.000000Z"}, {"uuid": "7011bd6e-e2d4-4895-ab13-c01a67436aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49651", "type": "seen", "source": "https://t.me/cvedetector/9303", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49651 - Matt Royal WooCommerce Maintenance Mode Reflected Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-49651 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Matt Royal WooCommerce Maintenance Mode allows Reflected XSS.This issue affects WooCommerce Maintenance Mode: from n/a through 2.0.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:21.000000Z"}, {"uuid": "8e0e82af-9cec-4043-934f-e95d19c0b1f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49650", "type": "seen", "source": "https://t.me/cvedetector/9302", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49650 - Xarbo BuddyPress Greeting Message Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49650 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in xarbo BuddyPress Greeting Message allows Reflected XSS.This issue affects BuddyPress Greeting Message: from n/a through 1.0.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:17.000000Z"}, {"uuid": "00bf00bf-ac2e-4be0-b148-60a6223c70ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49654", "type": "seen", "source": "https://t.me/cvedetector/9304", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49654 - Marian Heddesheimer Extra Privacy for Elementor Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49654 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Marian Heddesheimer Extra Privacy for Elementor allows Reflected XSS.This issue affects Extra Privacy for Elementor: from n/a through 0.1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:22.000000Z"}, {"uuid": "a6ac4f35-1ad6-44b5-b2af-5b214927ea65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49659", "type": "seen", "source": "https://t.me/cvedetector/9299", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49659 - Coub Unvalidated User Input Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49659 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rami Yushuvaev Coub allows Stored XSS.This issue affects Coub: from n/a through 1.4. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:15.000000Z"}, {"uuid": "d3ab64e4-a0cd-475e-ae89-af7ae625b4d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49656", "type": "seen", "source": "https://t.me/cvedetector/9298", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49656 - DocumentPress Document Generation Alerts Reflected XSS\", \n  \"Content\": \"CVE ID : CVE-2024-49656 \nPublished : Oct. 29, 2024, 12:15 p.m. | 33\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Abdullah Irfan DocumentPress allows Reflected XSS.This issue affects DocumentPress: from n/a through 2.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:56:14.000000Z"}, {"uuid": "4a7394f2-c839-480b-b4e6-9ba138eac32e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49658", "type": "seen", "source": "https://t.me/cvedetector/8717", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49658 - Ecomerciar Woocommerce Custom Profile Picture File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49658 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Ecomerciar Woocommerce Custom Profile Picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through 1.0. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:04:02.000000Z"}, {"uuid": "cb394e00-3fdf-49a9-8a42-3cda1ecb7bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49657", "type": "seen", "source": "https://t.me/cvedetector/8716", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49657 - ReneeCussack 3D Work In Progress Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49657 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Missing Authorization vulnerability in ReneeCussack 3D Work In Progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through 1.0.3. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:03:59.000000Z"}, {"uuid": "db145af0-37b4-4907-887e-e1ed7f477b53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49653", "type": "seen", "source": "https://t.me/cvedetector/8715", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49653 - James Eggers Portfolleo Unrestricted File Upload\", \n  \"Content\": \"CVE ID : CVE-2024-49653 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in James Eggers Portfolleo portfolleo allows Upload a Web Shell to a Web Server.This issue affects Portfolleo: from n/a through 1.2. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:03:58.000000Z"}, {"uuid": "07728fab-62af-4619-9e8b-f5c99124ed0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49653", "type": "published-proof-of-concept", "source": "Telegram/b6Jl7wzygae-BXh-Se_wt-DVRMooLLWTuD3fD59x1efx7TE", "content": "", "creation_timestamp": "2025-03-23T04:00:07.000000Z"}, {"uuid": "01de385e-fb50-4348-a883-35cabe4cb1d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49653", "type": "published-proof-of-concept", "source": "Telegram/6nHZWxLgwgyMKwZNY4CCS-Ob_vaAl5iyDjwJ0alABpjsTxw", "content": "", "creation_timestamp": "2025-03-23T16:00:12.000000Z"}]}