Updated by Github Bot

EXP-Tools · Nov 12, 2024 · 47faffd · 47faffd
1 parent 1cbe716
commit 47faffd
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 27 deletions.
diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat
@@ -169,3 +169,18 @@ ec369a198911247a6fe112e234b7b303
 6a211d26ee8c64c4e16a5d0cec726531
 ccb02e0b6c24d6fb4542ba032332328d
 0cec8b60a4189f61996411b5d309bbc1
+12e92aa591dbfeff2d6a0d0573d672c8
+8ab8e038acb11b11b2dfe4fd404d651e
+31012d5151327cf067b69c0db1245b76
+457d2da43db342e4f83ce780b772e380
+5a34d860c8238a8b922cd7bbef86637a
+126395bd68a0035ffa78f7757fad9b14
+ea6ac307c2146de5e8307bbf1abf3a9c
+a600cad0ef5c5e6dee70e7d608e3adcc
+5f45589081c34facc24cb7353c00126a
+c57350ceb56bd244910ea6629510928f
+c7bfc65346b9059f1ae39162489021bb
+f2dc767b71c4b7814e24521f35f6ee12
+5ca029f3bdadc48620e10b5f631a7667
+8f241718aebae237dce079a55026c87f
+64ce1bc79df667863642eb678b24ec57
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-11-11 09:25:53 -->
+<!-- RELEASE TIME : 2024-11-12 03:25:55 -->
 <html lang="zh-cn">
 
  <head>
@@ -366,79 +366,79 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>924a8a08dc6d36980bca996c32cdb3a8</td>
        <td>CVE-2024-10958</td>
-       <td>2024-11-10 13:15:03 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 13:15:03</td>
        <td>The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10958">详情</a></td>
       </tr>
 
       <tr>
        <td>f09886a417459fbdac883069e7292a86</td>
        <td>CVE-2024-10265</td>
-       <td>2024-11-10 13:15:03 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 13:15:03</td>
        <td>The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.15.30. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10265">详情</a></td>
       </tr>
 
       <tr>
        <td>65ab42444c5ff72925821b73c8a69ecd</td>
        <td>CVE-2024-51576</td>
-       <td>2024-11-10 12:15:19 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 12:15:19</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZA AMP Img Shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a through 1.0.1.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51576">详情</a></td>
       </tr>
 
       <tr>
        <td>1becf6500159065af9339e1747f8da5e</td>
        <td>CVE-2024-51578</td>
-       <td>2024-11-10 10:15:05 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 10:15:05</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Luca Paggetti 3D Presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through 1.0.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51578">详情</a></td>
       </tr>
 
       <tr>
        <td>2578c3ff36338af7d3151db88231c136</td>
        <td>CVE-2024-51577</td>
-       <td>2024-11-10 10:15:04 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 10:15:04</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Camunda Services GmbH bpmn.Io allows Stored XSS.This issue affects bpmn.Io: from n/a through 1.0.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51577">详情</a></td>
       </tr>
 
       <tr>
        <td>5075b3b2dfce0656c8c5fbdeaa61fffa</td>
        <td>CVE-2024-11054</td>
-       <td>2024-11-10 10:15:03 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 10:15:03</td>
        <td>A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The manipulation of the argument pp leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11054">详情</a></td>
       </tr>
 
       <tr>
        <td>e67303676c2dd6daf34fe4211b93cd29</td>
        <td>CVE-2024-51584</td>
-       <td>2024-11-10 09:15:04 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 09:15:04</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee Elementor with Posts: from n/a through 1.2.0.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51584">详情</a></td>
       </tr>
 
       <tr>
        <td>c16bd2624faacbf992bf0bc6a715f977</td>
        <td>CVE-2024-51583</td>
-       <td>2024-11-10 09:15:03 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 09:15:03</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KentoThemes Kento Ads Rotator allows Stored XSS.This issue affects Kento Ads Rotator: from n/a through 1.3.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51583">详情</a></td>
       </tr>
 
       <tr>
        <td>5b3c879ca2121cc91a7734415cb86882</td>
        <td>CVE-2024-51581</td>
-       <td>2024-11-10 09:15:03 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 09:15:03</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.6.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51581">详情</a></td>
       </tr>
 
       <tr>
        <td>55f146dd705e799bd1931d549a31456d</td>
        <td>CVE-2024-51580</td>
-       <td>2024-11-10 09:15:03 <img src="imgs/new.gif" /></td>
+       <td>2024-11-10 09:15:03</td>
        <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through 2.2.1.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51580">详情</a></td>
       </tr>
@@ -1979,6 +1979,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>12e92aa591dbfeff2d6a0d0573d672c8</td>
+       <td>CVE-2024-6282</td>
+       <td>2024-11-12 03:23:48 <img src="imgs/new.gif" /></td>
+       <td>WordPress Master Addons Plugin跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/104729">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>8ab8e038acb11b11b2dfe4fd404d651e</td>
+       <td>CVE-2024-7770</td>
+       <td>2024-11-12 03:23:48 <img src="imgs/new.gif" /></td>
+       <td>WordPress Bit File Manager Plugin任意文件上传漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/104728">详情</a></td>
+      </tr>
+
       <tr>
        <td>fb4a5bf4f9232b67f02f9b48d01cae66</td>
        <td>CVE-2024-44087</td>
@@ -2203,22 +2219,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/104648">详情</a></td>
       </tr>
 
-      <tr>
-       <td>84f6455bb4a352b0c3231e5a3e515d52</td>
-       <td>CVE-2024-10491</td>
-       <td>2024-11-11 03:26:23 <img src="imgs/new.gif" /></td>
-       <td>Express.js任意资源注入漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/104647">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>76fa976c8b2146988f7b4a3eb3c4c8b8</td>
-       <td>CVE-2024-50459</td>
-       <td>2024-11-11 03:26:23 <img src="imgs/new.gif" /></td>
-       <td>WordPress plugin Stripe Donation and Payment缺少授权漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/104646">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>