From 2e1d9a349f271fbb736580e765183f714b388487 Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Thu, 16 Jan 2025 03:33:44 +0000 Subject: [PATCH] 2 changes (2 new | 0 updated): - 2 new CVEs: CVE-2024-10789, CVE-2024-11452 - 0 updated CVEs: --- cves/2024/10xxx/CVE-2024-10789.json | 88 ++++++++++++++++++++++++++++ cves/2024/11xxx/CVE-2024-11452.json | 91 +++++++++++++++++++++++++++++ 2 files changed, 179 insertions(+) create mode 100644 cves/2024/10xxx/CVE-2024-10789.json create mode 100644 cves/2024/11xxx/CVE-2024-11452.json diff --git a/cves/2024/10xxx/CVE-2024-10789.json b/cves/2024/10xxx/CVE-2024-10789.json new file mode 100644 index 000000000000..ce2fe15764bc --- /dev/null +++ b/cves/2024/10xxx/CVE-2024-10789.json @@ -0,0 +1,88 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-10789", + "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "state": "PUBLISHED", + "assignerShortName": "Wordfence", + "dateReserved": "2024-11-04T14:22:34.340Z", + "datePublished": "2025-01-16T03:27:22.549Z", + "dateUpdated": "2025-01-16T03:27:22.549Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "shortName": "Wordfence", + "dateUpdated": "2025-01-16T03:27:22.549Z" + }, + "affected": [ + { + "vendor": "wpeventmanager", + "product": "WP User Profile Avatar", + "versions": [ + { + "version": "*", + "status": "affected", + "lessThanOrEqual": "1.0.5", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The WP User Profile Avatar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing or incorrect nonce validation on the wpupa_user_admin() function. This makes it possible for unauthenticated attackers to update the plugins setting which controls access to the functionality via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "title": "WP User Profile Avatar <= 1.0.5 - Cross-Site Request Forgery to Settings Update", + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b056cc98-3bd8-493a-bbf4-9bcee2e52d24?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3222923/" + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352", + "type": "CWE" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + } + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "value": "muhammad yudha" + } + ], + "timeline": [ + { + "time": "2025-01-15T15:23:04.000+00:00", + "lang": "en", + "value": "Disclosed" + } + ] + } + } +} \ No newline at end of file diff --git a/cves/2024/11xxx/CVE-2024-11452.json b/cves/2024/11xxx/CVE-2024-11452.json new file mode 100644 index 000000000000..f282ffe2ed7c --- /dev/null +++ b/cves/2024/11xxx/CVE-2024-11452.json @@ -0,0 +1,91 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-11452", + "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "state": "PUBLISHED", + "assignerShortName": "Wordfence", + "dateReserved": "2024-11-19T20:11:03.440Z", + "datePublished": "2025-01-16T03:27:21.913Z", + "dateUpdated": "2025-01-16T03:27:21.913Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "shortName": "Wordfence", + "dateUpdated": "2025-01-16T03:27:21.913Z" + }, + "affected": [ + { + "vendor": "gwendydd", + "product": "Chamber Dashboard Business Directory", + "versions": [ + { + "version": "*", + "status": "affected", + "lessThanOrEqual": "3.3.8", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'business_categories' shortcode in all versions up to, and including, 3.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "title": "Chamber Dashboard Business Directory <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting", + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/54e5989f-3d2c-4ed3-b4c4-f2589b885637?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/chamber-dashboard-business-directory/trunk/shortcodes/bus_cat_shortcode.php#L52" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3222548/" + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79", + "type": "CWE" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + } + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "value": "Peter Thaleikis" + } + ], + "timeline": [ + { + "time": "2025-01-15T00:00:00.000+00:00", + "lang": "en", + "value": "Disclosed" + } + ] + } + } +} \ No newline at end of file