From 4f6e796f918d14688635f1b7dfa0024c748f2a3f Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Thu, 6 Mar 2025 06:23:15 +0000 Subject: [PATCH] 2 changes (1 new | 1 updated): - 1 new CVEs: CVE-2024-13868 - 1 updated CVEs: CVE-2024-56161 --- cves/2024/13xxx/CVE-2024-13868.json | 83 +++++++++++++++++++++++++++++ cves/2024/56xxx/CVE-2024-56161.json | 7 ++- 2 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 cves/2024/13xxx/CVE-2024-13868.json diff --git a/cves/2024/13xxx/CVE-2024-13868.json b/cves/2024/13xxx/CVE-2024-13868.json new file mode 100644 index 00000000000..cd3e3369d2c --- /dev/null +++ b/cves/2024/13xxx/CVE-2024-13868.json @@ -0,0 +1,83 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-13868", + "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", + "state": "PUBLISHED", + "assignerShortName": "WPScan", + "dateReserved": "2025-02-12T22:25:59.649Z", + "datePublished": "2025-03-06T06:00:03.753Z", + "dateUpdated": "2025-03-06T06:00:03.753Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", + "shortName": "WPScan", + "dateUpdated": "2025-03-06T06:00:03.753Z" + }, + "title": "Easy Broken Link Checker <= 9.0.2 - Reflected XSS", + "problemTypes": [ + { + "descriptions": [ + { + "description": "CWE-79 Cross-Site Scripting (XSS)", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "affected": [ + { + "vendor": "Unknown", + "product": "URL Shortener | Conversion Tracking | AB Testing | WooCommerce", + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "9.0.2" + } + ], + "defaultStatus": "affected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin." + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/0bff1645-dd53-4416-a90f-7cf4a6b33c1a/", + "tags": [ + "exploit", + "vdb-entry", + "technical-description" + ] + } + ], + "credits": [ + { + "lang": "en", + "value": "Hassan Khan Yusufzai - Splint3r7", + "type": "finder" + }, + { + "lang": "en", + "value": "WPScan", + "type": "coordinator" + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "x_generator": { + "engine": "WPScan CVE Generator" + } + } + } +} \ No newline at end of file diff --git a/cves/2024/56xxx/CVE-2024-56161.json b/cves/2024/56xxx/CVE-2024-56161.json index 4e263ca6f01..00df4847e25 100644 --- a/cves/2024/56xxx/CVE-2024-56161.json +++ b/cves/2024/56xxx/CVE-2024-56161.json @@ -8,7 +8,7 @@ "assignerShortName": "AMD", "dateReserved": "2024-12-17T21:34:57.677Z", "datePublished": "2025-02-03T17:24:01.185Z", - "dateUpdated": "2025-02-12T20:51:23.409Z" + "dateUpdated": "2025-03-06T06:03:37.556Z" }, "containers": { "cna": { @@ -135,12 +135,15 @@ "references": [ { "url": "http://www.openwall.com/lists/oss-security/2025/02/04/1" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2025/03/06/2" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", - "dateUpdated": "2025-02-04T12:04:34.040Z" + "dateUpdated": "2025-03-06T06:03:37.556Z" } }, {