From 7313c3a4c9716c1187511caa67b39383f65a7a99 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Thu, 23 May 2024 15:32:01 +0100 Subject: [PATCH] new patchstack vuln records Signed-off-by: Weston Steimel --- data/anchore/2022/CVE-2022-44581.json | 40 +++++++++++++++++++++++++ data/anchore/2022/CVE-2022-45368.json | 39 +++++++++++++++++++++++++ data/anchore/2022/CVE-2022-45374.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-23645.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-23872.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-23888.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-23988.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-23990.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-25050.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-25444.json | 40 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-25701.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-26526.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-26540.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-32110.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-33310.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-33321.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-33327.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-37389.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-37866.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-37888.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-37999.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-41243.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-41665.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-41954.json | 38 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-41955.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-41956.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-41957.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-46145.json | 37 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-46197.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-46205.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-47679.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47682.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47683.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47782.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-47868.json | 40 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-48319.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-48757.json | 37 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-50890.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-51356.json | 40 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51424.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51476.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-51479.json | 36 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-51483.json | 39 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51546.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21746.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-22145.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-23522.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-24715.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-24869.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-24873.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-24874.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-24882.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-24934.json | 42 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-25595.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-25906.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-30479.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-30522.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-30527.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-30540.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-31113.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-31281.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-31341.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-31377.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32100.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32131.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32507.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32512.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32521.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32680.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32685.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32712.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32719.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32720.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32774.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32776.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32786.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32790.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32802.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32809.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32830.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32959.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32960.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-33567.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-33569.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-33917.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34370.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34411.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34427.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34429.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34433.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34434.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34437.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34440.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34441.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34556.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34557.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34559.json | 40 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34567.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34575.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34751.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34752.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34755.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34756.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34757.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34805.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34807.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34808.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34811.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34814.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34823.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34825.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34827.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-34828.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-35166.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-35169.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-35171.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-35172.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-35173.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-35174.json | 36 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-4214.json | 39 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-4689.json | 39 +++++++++++++++++++++++++ 121 files changed, 4675 insertions(+) create mode 100644 data/anchore/2022/CVE-2022-44581.json create mode 100644 data/anchore/2022/CVE-2022-45368.json create mode 100644 data/anchore/2022/CVE-2022-45374.json create mode 100644 data/anchore/2023/CVE-2023-23645.json create mode 100644 data/anchore/2023/CVE-2023-23872.json create mode 100644 data/anchore/2023/CVE-2023-23888.json create mode 100644 data/anchore/2023/CVE-2023-23988.json create mode 100644 data/anchore/2023/CVE-2023-23990.json create mode 100644 data/anchore/2023/CVE-2023-25050.json create mode 100644 data/anchore/2023/CVE-2023-25444.json create mode 100644 data/anchore/2023/CVE-2023-25701.json create mode 100644 data/anchore/2023/CVE-2023-26526.json create mode 100644 data/anchore/2023/CVE-2023-26540.json create mode 100644 data/anchore/2023/CVE-2023-32110.json create mode 100644 data/anchore/2023/CVE-2023-33310.json create mode 100644 data/anchore/2023/CVE-2023-33321.json create mode 100644 data/anchore/2023/CVE-2023-33327.json create mode 100644 data/anchore/2023/CVE-2023-37389.json create mode 100644 data/anchore/2023/CVE-2023-37866.json create mode 100644 data/anchore/2023/CVE-2023-37888.json create mode 100644 data/anchore/2023/CVE-2023-37999.json create mode 100644 data/anchore/2023/CVE-2023-41243.json create mode 100644 data/anchore/2023/CVE-2023-41665.json create mode 100644 data/anchore/2023/CVE-2023-41954.json create mode 100644 data/anchore/2023/CVE-2023-41955.json create mode 100644 data/anchore/2023/CVE-2023-41956.json create mode 100644 data/anchore/2023/CVE-2023-41957.json create mode 100644 data/anchore/2023/CVE-2023-46145.json create mode 100644 data/anchore/2023/CVE-2023-46197.json create mode 100644 data/anchore/2023/CVE-2023-46205.json create mode 100644 data/anchore/2023/CVE-2023-47679.json create mode 100644 data/anchore/2023/CVE-2023-47682.json create mode 100644 data/anchore/2023/CVE-2023-47683.json create mode 100644 data/anchore/2023/CVE-2023-47782.json create mode 100644 data/anchore/2023/CVE-2023-47868.json create mode 100644 data/anchore/2023/CVE-2023-48319.json create mode 100644 data/anchore/2023/CVE-2023-48757.json create mode 100644 data/anchore/2023/CVE-2023-50890.json create mode 100644 data/anchore/2023/CVE-2023-51356.json create mode 100644 data/anchore/2023/CVE-2023-51424.json create mode 100644 data/anchore/2023/CVE-2023-51476.json create mode 100644 data/anchore/2023/CVE-2023-51479.json create mode 100644 data/anchore/2023/CVE-2023-51483.json create mode 100644 data/anchore/2023/CVE-2023-51546.json create mode 100644 data/anchore/2024/CVE-2024-21746.json create mode 100644 data/anchore/2024/CVE-2024-22145.json create mode 100644 data/anchore/2024/CVE-2024-23522.json create mode 100644 data/anchore/2024/CVE-2024-24715.json create mode 100644 data/anchore/2024/CVE-2024-24869.json create mode 100644 data/anchore/2024/CVE-2024-24873.json create mode 100644 data/anchore/2024/CVE-2024-24874.json create mode 100644 data/anchore/2024/CVE-2024-24882.json create mode 100644 data/anchore/2024/CVE-2024-24934.json create mode 100644 data/anchore/2024/CVE-2024-25595.json create mode 100644 data/anchore/2024/CVE-2024-25906.json create mode 100644 data/anchore/2024/CVE-2024-30479.json create mode 100644 data/anchore/2024/CVE-2024-30522.json create mode 100644 data/anchore/2024/CVE-2024-30527.json create mode 100644 data/anchore/2024/CVE-2024-30540.json create mode 100644 data/anchore/2024/CVE-2024-31113.json create mode 100644 data/anchore/2024/CVE-2024-31281.json create mode 100644 data/anchore/2024/CVE-2024-31341.json create mode 100644 data/anchore/2024/CVE-2024-31377.json create mode 100644 data/anchore/2024/CVE-2024-32100.json create mode 100644 data/anchore/2024/CVE-2024-32131.json create mode 100644 data/anchore/2024/CVE-2024-32507.json create mode 100644 data/anchore/2024/CVE-2024-32512.json create mode 100644 data/anchore/2024/CVE-2024-32521.json create mode 100644 data/anchore/2024/CVE-2024-32680.json create mode 100644 data/anchore/2024/CVE-2024-32685.json create mode 100644 data/anchore/2024/CVE-2024-32712.json create mode 100644 data/anchore/2024/CVE-2024-32719.json create mode 100644 data/anchore/2024/CVE-2024-32720.json create mode 100644 data/anchore/2024/CVE-2024-32774.json create mode 100644 data/anchore/2024/CVE-2024-32776.json create mode 100644 data/anchore/2024/CVE-2024-32786.json create mode 100644 data/anchore/2024/CVE-2024-32790.json create mode 100644 data/anchore/2024/CVE-2024-32802.json create mode 100644 data/anchore/2024/CVE-2024-32809.json create mode 100644 data/anchore/2024/CVE-2024-32830.json create mode 100644 data/anchore/2024/CVE-2024-32959.json create mode 100644 data/anchore/2024/CVE-2024-32960.json create mode 100644 data/anchore/2024/CVE-2024-33567.json create mode 100644 data/anchore/2024/CVE-2024-33569.json create mode 100644 data/anchore/2024/CVE-2024-33917.json create mode 100644 data/anchore/2024/CVE-2024-34370.json create mode 100644 data/anchore/2024/CVE-2024-34411.json create mode 100644 data/anchore/2024/CVE-2024-34427.json create mode 100644 data/anchore/2024/CVE-2024-34429.json create mode 100644 data/anchore/2024/CVE-2024-34433.json create mode 100644 data/anchore/2024/CVE-2024-34434.json create mode 100644 data/anchore/2024/CVE-2024-34437.json create mode 100644 data/anchore/2024/CVE-2024-34440.json create mode 100644 data/anchore/2024/CVE-2024-34441.json create mode 100644 data/anchore/2024/CVE-2024-34556.json create mode 100644 data/anchore/2024/CVE-2024-34557.json create mode 100644 data/anchore/2024/CVE-2024-34559.json create mode 100644 data/anchore/2024/CVE-2024-34567.json create mode 100644 data/anchore/2024/CVE-2024-34575.json create mode 100644 data/anchore/2024/CVE-2024-34751.json create mode 100644 data/anchore/2024/CVE-2024-34752.json create mode 100644 data/anchore/2024/CVE-2024-34755.json create mode 100644 data/anchore/2024/CVE-2024-34756.json create mode 100644 data/anchore/2024/CVE-2024-34757.json create mode 100644 data/anchore/2024/CVE-2024-34805.json create mode 100644 data/anchore/2024/CVE-2024-34807.json create mode 100644 data/anchore/2024/CVE-2024-34808.json create mode 100644 data/anchore/2024/CVE-2024-34811.json create mode 100644 data/anchore/2024/CVE-2024-34814.json create mode 100644 data/anchore/2024/CVE-2024-34823.json create mode 100644 data/anchore/2024/CVE-2024-34825.json create mode 100644 data/anchore/2024/CVE-2024-34827.json create mode 100644 data/anchore/2024/CVE-2024-34828.json create mode 100644 data/anchore/2024/CVE-2024-35166.json create mode 100644 data/anchore/2024/CVE-2024-35169.json create mode 100644 data/anchore/2024/CVE-2024-35171.json create mode 100644 data/anchore/2024/CVE-2024-35172.json create mode 100644 data/anchore/2024/CVE-2024-35173.json create mode 100644 data/anchore/2024/CVE-2024-35174.json create mode 100644 data/anchore/2024/CVE-2024-4214.json create mode 100644 data/anchore/2024/CVE-2024-4689.json diff --git a/data/anchore/2022/CVE-2022-44581.json b/data/anchore/2022/CVE-2022-44581.json new file mode 100644 index 00000000..103c6dd4 --- /dev/null +++ b/data/anchore/2022/CVE-2022-44581.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2022-44581", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/defender-security/wordpress-defender-security-plugin-3-3-2-broken-authentication-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.3.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wmpudev:defender_security:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "defender-security", + "product": "Defender Security", + "repo": "https://plugins.svn.wordpress.org/defender-security", + "vendor": "WPMU DEV", + "versions": [ + { + "lessThan": "3.3.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2022/CVE-2022-45368.json b/data/anchore/2022/CVE-2022-45368.json new file mode 100644 index 00000000..75b225fb --- /dev/null +++ b/data/anchore/2022/CVE-2022-45368.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2022-45368", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/1003-mortgage-application/wordpress-1003-mortgage-application-plugin-1-73-local-file-inclusion?_s_id=cve" + ], + "solutions": [ + "Update to 1.80 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:lenderd:1003_mortgage_application:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "1003-mortgage-application", + "product": "1003 Mortgage Application", + "repo": "https://plugins.svn.wordpress.org/1003-mortgage-application", + "vendor": "Lenderd", + "versions": [ + { + "lessThan": "1.80", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2022/CVE-2022-45374.json b/data/anchore/2022/CVE-2022-45374.json new file mode 100644 index 00000000..b56bec30 --- /dev/null +++ b/data/anchore/2022/CVE-2022-45374.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2022-45374", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/yet-another-related-posts-plugin/wordpress-yet-another-related-posts-plugin-yarpp-plugin-5-30-2-local-file-inclusion?_s_id=cve" + ], + "solutions": [ + "Update to 5.30.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:yarpp:yet_another_related_posts_plugin:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "yet-another-related-posts-plugin", + "product": "YARPP", + "repo": "https://plugins.svn.wordpress.org/yet-another-related-posts-plugin", + "vendor": "YARPP", + "versions": [ + { + "lessThan": "5.30.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-23645.json b/data/anchore/2023/CVE-2023-23645.json new file mode 100644 index 00000000..b966a860 --- /dev/null +++ b/data/anchore/2023/CVE-2023-23645.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-23645", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/mainwp-code-snippets-extension/wordpress-mainwp-code-snippets-extension-plugin-4-0-2-subscriber-arbitrary-php-code-injection-execution-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.0.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:mainwp:code_snippets_extension:*:*:*:*:*:wordpress:*:*" + ], + "product": "MainWP Code Snippets Extension", + "vendor": "MainWP", + "versions": [ + { + "lessThan": "4.0.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-23872.json b/data/anchore/2023/CVE-2023-23872.json new file mode 100644 index 00000000..5c4e63a1 --- /dev/null +++ b/data/anchore/2023/CVE-2023-23872.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-23872", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/gmace/wordpress-gmace-plugin-1-5-2-arbitrary-file-download-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:gmace_project:gmace:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "gmace", + "product": "GMAce", + "repo": "https://plugins.svn.wordpress.org/gmace", + "vendor": "German Mesky", + "versions": [ + { + "lessThanOrEqual": "1.5.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-23888.json b/data/anchore/2023/CVE-2023-23888.json new file mode 100644 index 00000000..1b2f5b00 --- /dev/null +++ b/data/anchore/2023/CVE-2023-23888.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-23888", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/seo-by-rank-math/wordpress-rank-math-seo-plugin-1-0-107-2-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.0.107.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:rankmath:seo:*:*:*:*:free:wordpress:*:*" + ], + "packageName": "seo-by-rank-math", + "product": "Rank Math SEO", + "repo": "https://plugins.svn.wordpress.org/seo-by-rank-math", + "vendor": "Rank Math", + "versions": [ + { + "lessThan": "1.0.107.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-23988.json b/data/anchore/2023/CVE-2023-23988.json new file mode 100644 index 00000000..4707dc50 --- /dev/null +++ b/data/anchore/2023/CVE-2023-23988.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-23988", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/my-tickets/wordpress-my-tickets-plugin-1-9-11-payment-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.9.12 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:my_tickets_project:my_tickets:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "my-tickets", + "product": "My Tickets", + "repo": "https://plugins.svn.wordpress.org/my-tickets", + "vendor": "Joseph C Dolson", + "versions": [ + { + "lessThan": "1.9.12", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-23990.json b/data/anchore/2023/CVE-2023-23990.json new file mode 100644 index 00000000..fa1ed4d6 --- /dev/null +++ b/data/anchore/2023/CVE-2023-23990.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-23990", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-7-0-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.8.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wpcf7-redirect", + "product": "Redirection for Contact Form 7", + "repo": "https://plugins.svn.wordpress.org/wpcf7-redirect", + "vendor": "Qube One Ltd.", + "versions": [ + { + "lessThan": "2.8.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-25050.json b/data/anchore/2023/CVE-2023-25050.json new file mode 100644 index 00000000..a37a4ca3 --- /dev/null +++ b/data/anchore/2023/CVE-2023-25050.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-25050", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/shortcodes-ultimate/wordpress-shortcodes-ultimate-plugin-5-12-6-arbitrary-file-download-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.12.7 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:getshortcodes:shortcodes_ultimate:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "shortcodes-ultimate", + "product": "Shortcodes Ultimate", + "repo": "https://plugins.svn.wordpress.org/shortcodes-ultimate", + "vendor": "Vova Anokhin", + "versions": [ + { + "lessThan": "5.12.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-25444.json b/data/anchore/2023/CVE-2023-25444.json new file mode 100644 index 00000000..c95435b1 --- /dev/null +++ b/data/anchore/2023/CVE-2023-25444.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-25444", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-best-help-desk-support-plugin-plugin-2-7-7-arbitrary-file-upload-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.7.8 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:joomsky:js_help_desk:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wiselyhub:js_help_desk:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "js-support-ticket", + "product": "JS Help Desk – Best Help Desk & Support Plugin", + "repo": "https://plugins.svn.wordpress.org/js-support-ticket", + "vendor": "JS Help Desk", + "versions": [ + { + "lessThan": "2.7.8", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-25701.json b/data/anchore/2023/CVE-2023-25701.json new file mode 100644 index 00000000..ab7f26e0 --- /dev/null +++ b/data/anchore/2023/CVE-2023-25701.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-25701", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/watchtowerhq/wordpress-watchtowerhq-plugin-3-6-16-privilege-escalation?_s_id=cve" + ], + "solutions": [ + "Update to 3.6.17 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:watchtowerhq:watchtower:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "watchtowerhq", + "product": "WatchTowerHQ", + "repo": "https://plugins.svn.wordpress.org/watchtowerhq", + "vendor": "WhatArmy", + "versions": [ + { + "lessThan": "3.6.17", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-26526.json b/data/anchore/2023/CVE-2023-26526.json new file mode 100644 index 00000000..fca04078 --- /dev/null +++ b/data/anchore/2023/CVE-2023-26526.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-26526", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/bookly-responsive-appointment-booking-tool/wordpress-bookly-plugin-21-7-1-authenticated-arbitrary-file-deletion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 21.8 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:booking-wp-plugin:bookly:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "bookly-responsive-appointment-booking-tool", + "product": "Bookly", + "repo": "https://plugins.svn.wordpress.org/bookly-responsive-appointment-booking-tool", + "vendor": "Nota-Info", + "versions": [ + { + "lessThan": "21.8", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-26540.json b/data/anchore/2023/CVE-2023-26540.json new file mode 100644 index 00000000..31c58410 --- /dev/null +++ b/data/anchore/2023/CVE-2023-26540.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-26540", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/houzez/wordpress-houzez-theme-2-7-1-privilege-escalation?_s_id=cve" + ], + "solutions": [ + "Update to 2.7.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:favethemes:houzez:*:*:*:*:*:wordpress:*:*" + ], + "product": "Houzez", + "vendor": "Favethemes", + "versions": [ + { + "lessThan": "2.7.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-32110.json b/data/anchore/2023/CVE-2023-32110.json new file mode 100644 index 00000000..0d7d1159 --- /dev/null +++ b/data/anchore/2023/CVE-2023-32110.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-32110", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/jupiterx/wordpress-jupiterx-theme-3-0-0-subscriber-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.1.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artbees:jupiterx:*:*:*:*:*:wordpress:*:*" + ], + "product": "JupiterX", + "vendor": "artbees", + "versions": [ + { + "lessThan": "3.1.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-33310.json b/data/anchore/2023/CVE-2023-33310.json new file mode 100644 index 00000000..22f464e4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-33310.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-33310", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/unite-gallery-lite/wordpress-unite-gallery-lite-plugin-1-7-59-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.7.60 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:unitegallery:unite_gallery_lite:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "unite-gallery-lite", + "product": "Unite Gallery Lite", + "repo": "https://plugins.svn.wordpress.org/unite-gallery-lite", + "vendor": "Valiano", + "versions": [ + { + "lessThan": "1.7.60", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-33321.json b/data/anchore/2023/CVE-2023-33321.json new file mode 100644 index 00000000..570e3f4a --- /dev/null +++ b/data/anchore/2023/CVE-2023-33321.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-33321", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/eventprime-event-calendar-management/wordpress-eventprime-plugin-2-8-6-sensitive-data-exposure?_s_id=cve" + ], + "solutions": [ + "Update to 3.0.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:metagauss:eventprime:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "eventprime-event-calendar-management", + "product": "EventPrime", + "repo": "https://plugins.svn.wordpress.org/eventprime-event-calendar-management", + "vendor": "Metagauss", + "versions": [ + { + "lessThan": "3.0.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-33327.json b/data/anchore/2023/CVE-2023-33327.json new file mode 100644 index 00000000..65396c66 --- /dev/null +++ b/data/anchore/2023/CVE-2023-33327.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-33327", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/leyka/wordpress-leyka-plugin-3-29-2-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.30.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:te-st:leyka:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "leyka", + "product": "Leyka", + "repo": "https://plugins.svn.wordpress.org/leyka", + "vendor": "Teplitsa of social technologies", + "versions": [ + { + "lessThan": "3.30.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-37389.json b/data/anchore/2023/CVE-2023-37389.json new file mode 100644 index 00000000..12fedb43 --- /dev/null +++ b/data/anchore/2023/CVE-2023-37389.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-37389", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/booking-package/wordpress-booking-package-saasproject-plugin-1-5-98-unauthenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.99 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:saasproject:booking_package:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "booking-package", + "product": "Booking Package", + "repo": "https://plugins.svn.wordpress.org/booking-package", + "vendor": "SAASPROJECT Booking Package", + "versions": [ + { + "lessThan": "1.5.99", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-37866.json b/data/anchore/2023/CVE-2023-37866.json new file mode 100644 index 00000000..623624c7 --- /dev/null +++ b/data/anchore/2023/CVE-2023-37866.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-37866", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/jetformbuilder/wordpress-jetformbuilder-plugin-3-0-8-authenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.0.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:crocoblock:jetformbuilder:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "jetformbuilder", + "product": "JetFormBuilder", + "repo": "https://plugins.svn.wordpress.org/jetformbuilder", + "vendor": "Crocoblock", + "versions": [ + { + "lessThan": "3.0.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-37888.json b/data/anchore/2023/CVE-2023-37888.json new file mode 100644 index 00000000..d706a16e --- /dev/null +++ b/data/anchore/2023/CVE-2023-37888.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-37888", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/auxin-elements/wordpress-phlox-core-elements-plugin-2-14-0-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.15.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:averta:shortcodes_and_extra_features_for_phlox_theme:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "auxin-elements", + "product": "Shortcodes and extra features for Phlox theme", + "repo": "https://plugins.svn.wordpress.org/auxin-elements", + "vendor": "By Averta", + "versions": [ + { + "lessThan": "2.15.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-37999.json b/data/anchore/2023/CVE-2023-37999.json new file mode 100644 index 00000000..862aa797 --- /dev/null +++ b/data/anchore/2023/CVE-2023-37999.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-37999", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ht-mega-for-elementor/wordpress-ht-mega-absolute-addons-for-elementor-plugin-2-2-0-unauthenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.2.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:hasthemes:ht_mega_-_absolute_addons_for_elementor_page_builder:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ht-mega-for-elementor", + "product": "HT Mega", + "repo": "https://plugins.svn.wordpress.org/ht-mega-for-elementor", + "vendor": "HasThemes", + "versions": [ + { + "lessThan": "2.2.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-41243.json b/data/anchore/2023/CVE-2023-41243.json new file mode 100644 index 00000000..ce1283d4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-41243.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-41243", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wpvivid-backuprestore/wordpress-wpvivid-backup-plugin-plugin-0-9-90-privilege-escalation-on-staging-environment-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 0.9.91 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpvivid:migration\\,_backup\\,_staging:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wpvivid-backuprestore", + "product": "WPvivid Backup and Migration", + "repo": "https://plugins.svn.wordpress.org/wpvivid-backuprestore", + "vendor": "WPvivid Team", + "versions": [ + { + "lessThan": "0.9.91", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-41665.json b/data/anchore/2023/CVE-2023-41665.json new file mode 100644 index 00000000..48ba7d32 --- /dev/null +++ b/data/anchore/2023/CVE-2023-41665.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-41665", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-33-0-givewp-manager-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.33.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "give", + "product": "GiveWP", + "repo": "https://plugins.svn.wordpress.org/give", + "vendor": "GiveWP", + "versions": [ + { + "lessThan": "2.33.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-41954.json b/data/anchore/2023/CVE-2023-41954.json new file mode 100644 index 00000000..d2f41f19 --- /dev/null +++ b/data/anchore/2023/CVE-2023-41954.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-41954", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-user-avatar/wordpress-profilepress-plugin-4-13-1-unauthenticated-limited-privilege-escalation-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:profilepress:user_registration\\,_login_form\\,_user_profile_\\&_membership:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-user-avatar", + "product": "ProfilePress", + "repo": "https://plugins.svn.wordpress.org/wp-user-avatar", + "vendor": "ProfilePress Membership Team", + "versions": [ + { + "lessThanOrEqual": "4.13.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-41955.json b/data/anchore/2023/CVE-2023-41955.json new file mode 100644 index 00000000..b04c9d5a --- /dev/null +++ b/data/anchore/2023/CVE-2023-41955.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-41955", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-8-8-contributor-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.8.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "essential-addons-for-elementor-lite", + "product": "Essential Addons for Elementor", + "repo": "https://plugins.svn.wordpress.org/essential-addons-for-elementor-lite", + "vendor": "WPDeveloper", + "versions": [ + { + "lessThan": "5.8.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-41956.json b/data/anchore/2023/CVE-2023-41956.json new file mode 100644 index 00000000..4f701ef2 --- /dev/null +++ b/data/anchore/2023/CVE-2023-41956.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-41956", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-3-4-authenticated-account-takeover-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.3.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "simple-membership", + "product": "Simple Membership", + "repo": "https://plugins.svn.wordpress.org/simple-membership", + "vendor": "smp7, wp.insider", + "versions": [ + { + "lessThan": "4.3.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-41957.json b/data/anchore/2023/CVE-2023-41957.json new file mode 100644 index 00000000..aa2e2b7d --- /dev/null +++ b/data/anchore/2023/CVE-2023-41957.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-41957", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-3-4-unauthenticated-membership-role-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.3.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "simple-membership", + "product": "Simple Membership", + "repo": "https://plugins.svn.wordpress.org/simple-membership", + "vendor": "smp7, wp.insider", + "versions": [ + { + "lessThan": "4.3.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-46145.json b/data/anchore/2023/CVE-2023-46145.json new file mode 100644 index 00000000..b2d2772f --- /dev/null +++ b/data/anchore/2023/CVE-2023-46145.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-46145", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.3.6 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:themify:themify_ultra:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:themify:ultra:*:*:*:*:*:wordpress:*:*" + ], + "product": "Themify Ultra", + "vendor": "Themify", + "versions": [ + { + "lessThan": "7.3.6", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-46197.json b/data/anchore/2023/CVE-2023-46197.json new file mode 100644 index 00000000..eabdb29b --- /dev/null +++ b/data/anchore/2023/CVE-2023-46197.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-46197", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/popup-by-supsystic/wordpress-popup-by-supsystic-plugin-1-10-19-unauthenticated-subscriber-email-addresses-disclosure?_s_id=cve" + ], + "solutions": [ + "Update to 1.10.20 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:supsystic:popup:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "popup-by-supsystic", + "product": "Popup by Supsystic", + "repo": "https://plugins.svn.wordpress.org/popup-by-supsystic", + "vendor": "supsystic.com", + "versions": [ + { + "lessThan": "1.10.20", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-46205.json b/data/anchore/2023/CVE-2023-46205.json new file mode 100644 index 00000000..00e17560 --- /dev/null +++ b/data/anchore/2023/CVE-2023-46205.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-46205", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ultimate_vc_addons/wordpress-ultimate-addons-for-wpbakery-page-builder-plugin-3-19-14-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.19.15 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:brainstormforce:ultimate_addons_for_wpbakery_page_builder:*:*:*:*:*:wordpress:*:*" + ], + "product": "Ultimate Addons for WPBakery Page Builder", + "vendor": "Brainstorm Force", + "versions": [ + { + "lessThan": "3.19.15", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47679.json b/data/anchore/2023/CVE-2023-47679.json new file mode 100644 index 00000000..36e9107b --- /dev/null +++ b/data/anchore/2023/CVE-2023-47679.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47679", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/qi-addons-for-elementor/wordpress-qi-addons-for-elementor-plugin-1-6-3-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.6.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:qodeinteractive:qi_addons_for_elementor:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "qi-addons-for-elementor", + "product": "Qi Addons For Elementor", + "repo": "https://plugins.svn.wordpress.org/qi-addons-for-elementor", + "vendor": "QODE Interactive", + "versions": [ + { + "lessThan": "1.6.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47682.json b/data/anchore/2023/CVE-2023-47682.json new file mode 100644 index 00000000..7e5c4cf4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47682.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47682", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-user-frontend/wordpress-wp-user-frontend-plugin-3-6-5-authenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.6.6 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wedevs:wp_user_frontend:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-user-frontend", + "product": "WP User Frontend", + "repo": "https://plugins.svn.wordpress.org/wp-user-frontend", + "vendor": "weDevs", + "versions": [ + { + "lessThan": "3.6.6", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47683.json b/data/anchore/2023/CVE-2023-47683.json new file mode 100644 index 00000000..2c33ec18 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47683.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47683", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/miniorange-login-openid/wordpress-social-login-social-sharing-by-miniorange-plugin-7-6-6-authenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.6.7 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:miniorange:wordpress_social_login_and_register_\\(discord\\,_google\\,_twitter\\,_linkedin\\):*:*:*:*:*:wordpress:*:*" + ], + "packageName": "miniorange-login-openid", + "product": "WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn)", + "repo": "https://plugins.svn.wordpress.org/miniorange-login-openid", + "vendor": "miniOrange", + "versions": [ + { + "lessThan": "7.6.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47782.json b/data/anchore/2023/CVE-2023-47782.json new file mode 100644 index 00000000..d8da4172 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47782.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47782", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/thrive-theme/wordpress-thrive-theme-builder-theme-3-20-1-authenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.24.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:thrivethemes:thrive_themes_builder:*:*:*:*:*:wordpress:*:*" + ], + "product": "Thrive Theme Builder", + "vendor": "Thrive Themes", + "versions": [ + { + "lessThan": "3.24.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47868.json b/data/anchore/2023/CVE-2023-47868.json new file mode 100644 index 00000000..e1ea0489 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47868.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47868", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wpforo/wordpress-wpforo-plugin-2-2-3-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.2.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:gvectors:wpforo:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wpforo", + "product": "wpForo Forum", + "repo": "https://plugins.svn.wordpress.org/wpforo", + "vendor": "wpForo", + "versions": [ + { + "lessThan": "2.2.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48319.json b/data/anchore/2023/CVE-2023-48319.json new file mode 100644 index 00000000..d4877693 --- /dev/null +++ b/data/anchore/2023/CVE-2023-48319.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48319", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/salon-booking-system/wordpress-salon-booking-system-plugin-8-7-editor-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 8.7 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "salon-booking-system", + "product": "Salon booking system", + "repo": "https://plugins.svn.wordpress.org/salon-booking-system", + "vendor": "Salon Booking System", + "versions": [ + { + "lessThan": "8.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48757.json b/data/anchore/2023/CVE-2023-48757.json new file mode 100644 index 00000000..02d9cde1 --- /dev/null +++ b/data/anchore/2023/CVE-2023-48757.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48757", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/jet-engine/wordpress-jetengine-plugin-3-2-4-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.2.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:crocoblock:jetengine:*:*:*:*:*:*:*:*", + "cpe:2.3:a:crocoblock:jetengine:*:*:*:*:*:wordpress:*:*" + ], + "product": "JetEngine", + "vendor": "Crocoblock", + "versions": [ + { + "lessThan": "3.2.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-50890.json b/data/anchore/2023/CVE-2023-50890.json new file mode 100644 index 00000000..b5b5b8cb --- /dev/null +++ b/data/anchore/2023/CVE-2023-50890.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-50890", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ultimate-elementor/wordpress-ultimate-addons-for-elementor-plugin-1-36-20-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.36.21 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:brainstormforce:ultimate_addons_for_elementor:*:*:*:*:*:wordpress:*:*" + ], + "product": "Ultimate Addons for Elementor", + "vendor": "Brainstorm Force", + "versions": [ + { + "lessThan": "1.36.21", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51356.json b/data/anchore/2023/CVE-2023-51356.json new file mode 100644 index 00000000..5b3efb30 --- /dev/null +++ b/data/anchore/2023/CVE-2023-51356.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51356", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-plugin-4-0-10-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.0.11 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:armemberplugin:armember:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:reputeinfosystems:armember:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "armember-membership", + "product": "ARMember", + "repo": "https://plugins.svn.wordpress.org/armember-membership", + "vendor": "Repute Infosystems", + "versions": [ + { + "lessThan": "4.0.11", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51424.json b/data/anchore/2023/CVE-2023-51424.json new file mode 100644 index 00000000..93b34a64 --- /dev/null +++ b/data/anchore/2023/CVE-2023-51424.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51424", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/webinar-ignition/wordpress-webinarignition-plugin-3-05-0-unauthenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.05.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:saleswonder:webinarignition:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "webinar-ignition", + "product": "WebinarIgnition", + "repo": "https://plugins.svn.wordpress.org/webinar-ignition", + "vendor": "Saleswonder Team", + "versions": [ + { + "lessThan": "3.05.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51476.json b/data/anchore/2023/CVE-2023-51476.json new file mode 100644 index 00000000..e32eaa71 --- /dev/null +++ b/data/anchore/2023/CVE-2023-51476.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51476", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-mlm/wordpress-wp-mlm-unilevel-plugin-4-0-unauthenticated-account-takeover-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpmlmsoftware:wp_mlm_unilevel:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-mlm", + "product": "WP MLM Unilevel", + "repo": "https://plugins.svn.wordpress.org/wp-mlm", + "vendor": "IOSS", + "versions": [ + { + "lessThanOrEqual": "4.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51479.json b/data/anchore/2023/CVE-2023-51479.json new file mode 100644 index 00000000..01af389a --- /dev/null +++ b/data/anchore/2023/CVE-2023-51479.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51479", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/build-app-online/wordpress-build-app-online-plugin-1-0-19-authenticated-privilege-escalation-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:rahamsolutions:build_app_online:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "build-app-online", + "product": "Build App Online", + "repo": "https://plugins.svn.wordpress.org/build-app-online", + "vendor": "Abdul Hakeem", + "versions": [ + { + "lessThanOrEqual": "1.0.19", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51483.json b/data/anchore/2023/CVE-2023-51483.json new file mode 100644 index 00000000..86296cfb --- /dev/null +++ b/data/anchore/2023/CVE-2023-51483.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51483", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-front-end-profile/wordpress-wp-frontend-profile-plugin-1-3-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wp_front_end_profile_project:wp_front_end_profile:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-front-end-profile", + "product": "WP Frontend Profile", + "repo": "https://plugins.svn.wordpress.org/wp-front-end-profile", + "vendor": "Glowlogix", + "versions": [ + { + "lessThan": "1.3.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51546.json b/data/anchore/2023/CVE-2023-51546.json new file mode 100644 index 00000000..f0ae93c4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-51546.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51546", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/print-invoices-packing-slip-labels-for-woocommerce/wordpress-woocommerce-pdf-invoices-packing-slips-delivery-notes-and-shipping-labels-plugin-4-2-1-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.3.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:webtoffee:woocommerce_pdf_invoices\\,_packing_slips\\,_delivery_notes_and_shipping_labels:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "print-invoices-packing-slip-labels-for-woocommerce", + "product": "WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels", + "repo": "https://plugins.svn.wordpress.org/print-invoices-packing-slip-labels-for-woocommerce", + "vendor": "WebToffee", + "versions": [ + { + "lessThan": "4.3.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21746.json b/data/anchore/2024/CVE-2024-21746.json new file mode 100644 index 00000000..438d4788 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21746.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-21746", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-2-5-ip-limit-bypass-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpmet:wp_ultimate_review:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-ultimate-review", + "product": "Wp Ultimate Review", + "repo": "https://plugins.svn.wordpress.org/wp-ultimate-review", + "vendor": "Wpmet", + "versions": [ + { + "lessThanOrEqual": "2.3.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-22145.json b/data/anchore/2024/CVE-2024-22145.json new file mode 100644 index 00000000..e33329a6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-22145.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-22145", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 0.1.0.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "instawp-connect", + "product": "InstaWP Connect", + "repo": "https://plugins.svn.wordpress.org/instawp-connect", + "vendor": "InstaWP Team", + "versions": [ + { + "lessThan": "0.1.0.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-23522.json b/data/anchore/2024/CVE-2024-23522.json new file mode 100644 index 00000000..6f4556b1 --- /dev/null +++ b/data/anchore/2024/CVE-2024-23522.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-23522", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/formidable/wordpress-formidable-forms-plugin-6-7-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 6.7.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:strategy11:formidable_form_builder:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:strategy11:formidable_forms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "formidable", + "product": "Formidable Forms", + "repo": "https://plugins.svn.wordpress.org/formidable", + "vendor": "Strategy11 Form Builder Team", + "versions": [ + { + "lessThan": "6.7.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-24715.json b/data/anchore/2024/CVE-2024-24715.json new file mode 100644 index 00000000..19409bc9 --- /dev/null +++ b/data/anchore/2024/CVE-2024-24715.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-24715", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/bookit/wordpress-wordpress-bookit-plugin-plugin-2-4-0-price-bypass-vulnerability-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.4.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:stylemixthemes:bookit:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "bookit", + "product": "BookIt", + "repo": "https://plugins.svn.wordpress.org/bookit", + "vendor": "The Events Calendar", + "versions": [ + { + "lessThan": "2.4.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-24869.json b/data/anchore/2024/CVE-2024-24869.json new file mode 100644 index 00000000..3f180d58 --- /dev/null +++ b/data/anchore/2024/CVE-2024-24869.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-24869", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/boldgrid-backup/wordpress-total-upkeep-plugin-1-15-8-arbitrary-file-download-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.15.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:boldgrid:total_upkeep:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "boldgrid-backup", + "product": "Total Upkeep", + "repo": "https://plugins.svn.wordpress.org/boldgrid-backup", + "vendor": "BoldGrid", + "versions": [ + { + "lessThan": "1.15.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-24873.json b/data/anchore/2024/CVE-2024-24873.json new file mode 100644 index 00000000..1ba3e804 --- /dev/null +++ b/data/anchore/2024/CVE-2024-24873.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-24873", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/cp-polls/wordpress-polls-cp-plugin-1-0-71-polls-limitation-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.0.72 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:codepeople:polls_cp:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "cp-polls", + "product": "CP Polls", + "repo": "https://plugins.svn.wordpress.org/cp-polls", + "vendor": "CodePeople", + "versions": [ + { + "lessThan": "1.0.72", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-24874.json b/data/anchore/2024/CVE-2024-24874.json new file mode 100644 index 00000000..d3e200d0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-24874.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-24874", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/cp-polls/wordpress-polls-cp-plugin-1-0-71-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.0.72 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:codepeople:polls_cp:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "cp-polls", + "product": "CP Polls", + "repo": "https://plugins.svn.wordpress.org/cp-polls", + "vendor": "CodePeople", + "versions": [ + { + "lessThan": "1.0.72", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-24882.json b/data/anchore/2024/CVE-2024-24882.json new file mode 100644 index 00000000..7802aca3 --- /dev/null +++ b/data/anchore/2024/CVE-2024-24882.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-24882", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/learning-management-system/wordpress-lms-by-masteriyo-plugin-1-7-2-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.7.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:masteriyo:masteriyo:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "learning-management-system", + "product": "LMS", + "repo": "https://plugins.svn.wordpress.org/learning-management-system", + "vendor": "Masteriyo", + "versions": [ + { + "lessThan": "1.7.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-24934.json b/data/anchore/2024/CVE-2024-24934.json new file mode 100644 index 00000000..b655e960 --- /dev/null +++ b/data/anchore/2024/CVE-2024-24934.json @@ -0,0 +1,42 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-24934", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-19-0-arbitrary-file-deletion-and-phar-deserialization-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.19.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:elementor:elementor_page_builder:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:elementor:elementor_page_builder:*:*:*:*:pro:wordpress:*:*", + "cpe:2.3:a:elementor:page_builder:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "elementor", + "product": "Elementor Website Builder", + "repo": "https://plugins.svn.wordpress.org/elementor", + "vendor": "Elementor", + "versions": [ + { + "lessThan": "3.19.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-25595.json b/data/anchore/2024/CVE-2024-25595.json new file mode 100644 index 00000000..c4198037 --- /dev/null +++ b/data/anchore/2024/CVE-2024-25595.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-25595", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/defender-security/wordpress-defender-security-plugin-4-4-1-ip-restriction-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.4.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wmpudev:defender_security:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "defender-security", + "product": "Defender Security", + "repo": "https://plugins.svn.wordpress.org/defender-security", + "vendor": "WPMU DEV", + "versions": [ + { + "lessThan": "4.4.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-25906.json b/data/anchore/2024/CVE-2024-25906.json new file mode 100644 index 00000000..2ddf19b6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-25906.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-25906", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/comments-like-dislike/wordpress-comments-like-dislike-plugin-1-2-1-ip-restriction-bypass-vulnerability-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.2.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wphappycoders:comments_like_dislike:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "comments-like-dislike", + "product": "Comments Like Dislike", + "repo": "https://plugins.svn.wordpress.org/comments-like-dislike", + "vendor": "WP Happy Coders", + "versions": [ + { + "lessThan": "1.2.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-30479.json b/data/anchore/2024/CVE-2024-30479.json new file mode 100644 index 00000000..8cb50a8f --- /dev/null +++ b/data/anchore/2024/CVE-2024-30479.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-30479", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ip-address-blocker/wordpress-lionscripts-ip-blocker-lite-plugin-11-1-1-bypass-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:lionscripts:ip_blocker_lite:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ip-address-blocker", + "product": "IP Blocker Lite", + "repo": "https://plugins.svn.wordpress.org/ip-address-blocker", + "vendor": "LionScripts", + "versions": [ + { + "lessThanOrEqual": "11.1.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-30522.json b/data/anchore/2024/CVE-2024-30522.json new file mode 100644 index 00000000..9df1bb8d --- /dev/null +++ b/data/anchore/2024/CVE-2024-30522.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-30522", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/newsletter/wordpress-newsletter-plugin-8-2-0-ip-blacklist-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 8.2.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:thenewsletterplugin:newsletter:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "newsletter", + "product": "Newsletter", + "repo": "https://plugins.svn.wordpress.org/newsletter", + "vendor": "Stefano Lissa & The Newsletter Team", + "versions": [ + { + "lessThan": "8.2.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-30527.json b/data/anchore/2024/CVE-2024-30527.json new file mode 100644 index 00000000..74ed14c8 --- /dev/null +++ b/data/anchore/2024/CVE-2024-30527.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-30527", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-express-checkout/wordpress-wp-express-checkout-plugin-2-3-7-price-manipulation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.3.8 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:tipsandtricks-hq:wp_express_checkout:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-express-checkout", + "product": "WP Express Checkout (Accept PayPal Payments)", + "repo": "https://plugins.svn.wordpress.org/wp-express-checkout", + "vendor": "Tips and Tricks HQ", + "versions": [ + { + "lessThan": "2.3.8", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-30540.json b/data/anchore/2024/CVE-2024-30540.json new file mode 100644 index 00000000..372125cd --- /dev/null +++ b/data/anchore/2024/CVE-2024-30540.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-30540", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/very-simple-contact-form/wordpress-vs-contact-form-plugin-14-7-sum-captcha-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 14.8 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:very_simple_contact_form_project:very_simple_contact_form:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "very-simple-contact-form", + "product": "VS Contact Form", + "repo": "https://plugins.svn.wordpress.org/very-simple-contact-form", + "vendor": "Guido", + "versions": [ + { + "lessThan": "14.8", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31113.json b/data/anchore/2024/CVE-2024-31113.json new file mode 100644 index 00000000..85bf7f3c --- /dev/null +++ b/data/anchore/2024/CVE-2024-31113.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-31113", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-2-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.2.12 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "easy-digital-downloads", + "product": "Easy Digital Downloads", + "repo": "https://plugins.svn.wordpress.org/easy-digital-downloads", + "vendor": "Easy Digital Downloads", + "versions": [ + { + "lessThan": "3.2.12", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31281.json b/data/anchore/2024/CVE-2024-31281.json new file mode 100644 index 00000000..326b08aa --- /dev/null +++ b/data/anchore/2024/CVE-2024-31281.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-31281", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-1-6-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.1.7 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "church-admin", + "product": "Church Admin", + "repo": "https://plugins.svn.wordpress.org/church-admin", + "vendor": "Andy Moyle", + "versions": [ + { + "lessThan": "4.1.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31341.json b/data/anchore/2024/CVE-2024-31341.json new file mode 100644 index 00000000..2ca2c9f7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-31341.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-31341", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/profile-builder/wordpress-user-profile-builder-plugin-3-11-2-bypass-vulnerability-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.11.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "profile-builder", + "product": "Profile Builder", + "repo": "https://plugins.svn.wordpress.org/profile-builder", + "vendor": "Cozmoslabs", + "versions": [ + { + "lessThan": "3.11.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31377.json b/data/anchore/2024/CVE-2024-31377.json new file mode 100644 index 00000000..47e69c3c --- /dev/null +++ b/data/anchore/2024/CVE-2024-31377.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-31377", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-7-01-001-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 8.7.01.002 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wp_photo_album_plus_project:wp_photo_album_plus:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wppa.opajaap:wp-photo-album-plus:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-photo-album-plus", + "product": "WP Photo Album Plus", + "repo": "https://plugins.svn.wordpress.org/wp-photo-album-plus", + "vendor": "J.N. Breetvelt a.k.a. OpaJaap", + "versions": [ + { + "lessThan": "8.7.01.002", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32100.json b/data/anchore/2024/CVE-2024-32100.json new file mode 100644 index 00000000..ead3472a --- /dev/null +++ b/data/anchore/2024/CVE-2024-32100.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32100", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-2-11-sensitive-data-exposure-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.2.12 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "easy-digital-downloads", + "product": "Easy Digital Downloads", + "repo": "https://plugins.svn.wordpress.org/easy-digital-downloads", + "vendor": "Easy Digital Downloads", + "versions": [ + { + "lessThan": "3.2.12", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32131.json b/data/anchore/2024/CVE-2024-32131.json new file mode 100644 index 00000000..f1476b43 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32131.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32131", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-82-file-password-lock-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.2.83 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpdownloadmanager:download_manager:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wpdownloadmanager:wordpress_download_manager:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "download-manager", + "product": "Download Manager", + "repo": "https://plugins.svn.wordpress.org/download-manager", + "vendor": "W3 Eden Inc.", + "versions": [ + { + "lessThan": "3.2.83", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32507.json b/data/anchore/2024/CVE-2024-32507.json new file mode 100644 index 00000000..ba581d76 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32507.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32507", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/login-with-phone-number/wordpress-login-with-phone-number-plugin-1-7-16-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.7.17 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:idehweb:login_with_phone_number:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "login-with-phone-number", + "product": "Login with phone number", + "repo": "https://plugins.svn.wordpress.org/login-with-phone-number", + "vendor": "Hamid Alinia – idehweb", + "versions": [ + { + "lessThan": "1.7.17", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32512.json b/data/anchore/2024/CVE-2024-32512.json new file mode 100644 index 00000000..a962fffd --- /dev/null +++ b/data/anchore/2024/CVE-2024-32512.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32512", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/weforms/wordpress-weforms-plugin-1-6-20-form-submission-restriction-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.6.21 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:weformspro:weforms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "weforms", + "product": "weForms", + "repo": "https://plugins.svn.wordpress.org/weforms", + "vendor": "weForms", + "versions": [ + { + "lessThan": "1.6.21", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32521.json b/data/anchore/2024/CVE-2024-32521.json new file mode 100644 index 00000000..ee4c9311 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32521.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32521", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/zero-spam/wordpress-zero-spam-for-wordpress-plugin-5-5-5-bypass-spam-protection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.5.7 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:highfivery:zero-spam:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:highfivery:zero_spam_for_wordpress:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "zero-spam", + "product": "Zero Spam", + "repo": "https://plugins.svn.wordpress.org/zero-spam", + "vendor": "Highfivery LLC", + "versions": [ + { + "lessThan": "5.5.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32680.json b/data/anchore/2024/CVE-2024-32680.json new file mode 100644 index 00000000..b4c4653e --- /dev/null +++ b/data/anchore/2024/CVE-2024-32680.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32680", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-5-2-remote-code-execution-rce-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.5.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pluginus:husky_-_products_filter_professional_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:pluginus:woocommerce_products_filter:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "woocommerce-products-filter", + "product": "HUSKY – Products Filter for WooCommerce (formerly WOOF)", + "repo": "https://plugins.svn.wordpress.org/woocommerce-products-filter", + "vendor": "PluginUS", + "versions": [ + { + "lessThan": "1.3.5.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32685.json b/data/anchore/2024/CVE-2024-32685.json new file mode 100644 index 00000000..63b33dcf --- /dev/null +++ b/data/anchore/2024/CVE-2024-32685.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32685", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-2-5-review-score-manipulation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.3.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpmet:wp_ultimate_review:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-ultimate-review", + "product": "Wp Ultimate Review", + "repo": "https://plugins.svn.wordpress.org/wp-ultimate-review", + "vendor": "Wpmet", + "versions": [ + { + "lessThan": "2.3.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32712.json b/data/anchore/2024/CVE-2024-32712.json new file mode 100644 index 00000000..62fffe3d --- /dev/null +++ b/data/anchore/2024/CVE-2024-32712.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32712", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/podlove-podcasting-plugin-for-wordpress/wordpress-podlove-podcast-publisher-plugin-4-0-14-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.0.15 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:*:*:*", + "cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "podlove-podcasting-plugin-for-wordpress", + "product": "Podlove Podcast Publisher", + "repo": "https://plugins.svn.wordpress.org/podlove-podcasting-plugin-for-wordpress", + "vendor": "Podlove", + "versions": [ + { + "lessThan": "4.0.15", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32719.json b/data/anchore/2024/CVE-2024-32719.json new file mode 100644 index 00000000..d9809f6f --- /dev/null +++ b/data/anchore/2024/CVE-2024-32719.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32719", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-club-manager/wordpress-wp-club-manager-plugin-2-2-11-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.2.12 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpclubmanager:wp_club_manager:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-club-manager", + "product": "WP Club Manager", + "repo": "https://plugins.svn.wordpress.org/wp-club-manager", + "vendor": "WP Club Manager", + "versions": [ + { + "lessThan": "2.2.12", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32720.json b/data/anchore/2024/CVE-2024-32720.json new file mode 100644 index 00000000..43f77fd5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32720.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32720", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/appointment-hour-booking/wordpress-appointment-hour-booking-plugin-1-4-56-captcha-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.4.57 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:dwbooster:appointment_hour_booking:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "appointment-hour-booking", + "product": "Appointment Hour Booking", + "repo": "https://plugins.svn.wordpress.org/appointment-hour-booking", + "vendor": "CodePeople", + "versions": [ + { + "lessThan": "1.4.57", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32774.json b/data/anchore/2024/CVE-2024-32774.json new file mode 100644 index 00000000..b6f30e95 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32774.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32774", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/profilegrid-user-profiles-groups-and-communities/wordpress-profilegrid-plugin-5-8-2-group-members-limit-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.8.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "profilegrid-user-profiles-groups-and-communities", + "product": "ProfileGrid", + "repo": "https://plugins.svn.wordpress.org/profilegrid-user-profiles-groups-and-communities", + "vendor": "Metagauss", + "versions": [ + { + "lessThan": "5.8.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32776.json b/data/anchore/2024/CVE-2024-32776.json new file mode 100644 index 00000000..197b57e5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32776.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32776", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/apppresser/wordpress-apppresser-plugin-4-3-0-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.3.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:apppresser:apppresser:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "apppresser", + "product": "AppPresser", + "repo": "https://plugins.svn.wordpress.org/apppresser", + "vendor": "AppPresser Team", + "versions": [ + { + "lessThan": "4.3.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32786.json b/data/anchore/2024/CVE-2024-32786.json new file mode 100644 index 00000000..b8cec76a --- /dev/null +++ b/data/anchore/2024/CVE-2024-32786.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32786", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/royal-elementor-addons/wordpress-royal-elementor-addons-and-templates-plugin-1-3-93-ip-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.95 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "royal-elementor-addons", + "product": "Royal Elementor Addons", + "repo": "https://plugins.svn.wordpress.org/royal-elementor-addons", + "vendor": "WP Royal", + "versions": [ + { + "lessThan": "1.3.95", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32790.json b/data/anchore/2024/CVE-2024-32790.json new file mode 100644 index 00000000..a71a52d6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32790.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32790", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/pricing-table-by-supsystic/wordpress-pricing-table-by-supsystic-plugin-1-9-12-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.9.13 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:supsystic:pricing_table_by_supsystic:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "pricing-table-by-supsystic", + "product": "Pricing Table by Supsystic", + "repo": "https://plugins.svn.wordpress.org/pricing-table-by-supsystic", + "vendor": "Supsystic", + "versions": [ + { + "lessThan": "1.9.13", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32802.json b/data/anchore/2024/CVE-2024-32802.json new file mode 100644 index 00000000..7360f3f6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32802.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32802", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/bp-better-messages/wordpress-better-messages-plugin-2-4-32-broken-authentication-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.4.33 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wordplus:better_messages:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "bp-better-messages", + "product": "BP Better Messages", + "repo": "https://plugins.svn.wordpress.org/bp-better-messages", + "vendor": "WordPlus", + "versions": [ + { + "lessThan": "2.4.33", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32809.json b/data/anchore/2024/CVE-2024-32809.json new file mode 100644 index 00000000..6618f803 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32809.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32809", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/activedemand/wordpress-activedemand-plugin-0-2-41-arbitrary-file-upload-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 0.2.42 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:jumpdemand:activedemand:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "activedemand", + "product": "ActiveDEMAND", + "repo": "https://plugins.svn.wordpress.org/activedemand", + "vendor": "JumpDEMAND Inc.", + "versions": [ + { + "lessThan": "0.2.42", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32830.json b/data/anchore/2024/CVE-2024-32830.json new file mode 100644 index 00000000..909cec98 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32830.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32830", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-8-8-arbitrary-file-read-and-ssrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.8.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:themekraft:buddyforms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "buddyforms", + "product": "BuddyForms", + "repo": "https://plugins.svn.wordpress.org/buddyforms", + "vendor": "ThemeKraft", + "versions": [ + { + "lessThan": "2.8.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32959.json b/data/anchore/2024/CVE-2024-32959.json new file mode 100644 index 00000000..bc46d87d --- /dev/null +++ b/data/anchore/2024/CVE-2024-32959.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32959", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/sirv/wordpress-sirv-plugin-7-2-2-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.2.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:sirv:sirv:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "sirv", + "product": "Sirv", + "repo": "https://plugins.svn.wordpress.org/sirv", + "vendor": "Sirv", + "versions": [ + { + "lessThan": "7.2.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32960.json b/data/anchore/2024/CVE-2024-32960.json new file mode 100644 index 00000000..c503eeb4 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32960.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-32960", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-plugin-1-1-12-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.1.13 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:bookingultrapro:appointments_booking_calendar:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:bookingultrapro:booking_ultra_pro_appointments_booking_calendar:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "booking-ultra-pro", + "product": "Booking Ultra Pro", + "repo": "https://plugins.svn.wordpress.org/booking-ultra-pro", + "vendor": "Booking Ultra Pro", + "versions": [ + { + "lessThan": "1.1.13", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-33567.json b/data/anchore/2024/CVE-2024-33567.json new file mode 100644 index 00000000..1dbf93ed --- /dev/null +++ b/data/anchore/2024/CVE-2024-33567.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-33567", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-3-unauthenticated-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ukrsolution:barcode_scanner_and_inventory_manager:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "barcode-scanner-lite-pos-to-manage-products-inventory-and-orders", + "product": "Barcode Scanner with Inventory & Order Manager", + "repo": "https://plugins.svn.wordpress.org/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders", + "vendor": "UkrSolution", + "versions": [ + { + "lessThan": "1.5.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-33569.json b/data/anchore/2024/CVE-2024-33569.json new file mode 100644 index 00000000..68365111 --- /dev/null +++ b/data/anchore/2024/CVE-2024-33569.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-33569", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/instant-images/wordpress-instant-images-plugin-6-1-0-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 6.1.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:connekthq:instant_images:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:connekthq:instant_images_-_one_click_unsplash_uploads:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "instant-images", + "product": "Instant Images", + "repo": "https://plugins.svn.wordpress.org/instant-images", + "vendor": "Darren Cooney", + "versions": [ + { + "lessThan": "6.1.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-33917.json b/data/anchore/2024/CVE-2024-33917.json new file mode 100644 index 00000000..04a0240b --- /dev/null +++ b/data/anchore/2024/CVE-2024-33917.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-33917", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wti-like-post/wordpress-wti-like-post-plugin-1-4-6-ip-restriction-bypass-vulnerability-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:webtechideas:wti_like_post:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wti-like-post", + "product": "WTI Like Post", + "repo": "https://plugins.svn.wordpress.org/wti-like-post", + "vendor": "webtechideas", + "versions": [ + { + "lessThanOrEqual": "1.4.6", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34370.json b/data/anchore/2024/CVE-2024-34370.json new file mode 100644 index 00000000..770f9e03 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34370.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34370", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ean-for-woocommerce/wordpress-ean-for-woocommerce-plugin-4-8-9-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.9.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ean-for-woocommerce", + "product": "EAN for WooCommerce", + "repo": "https://plugins.svn.wordpress.org/ean-for-woocommerce", + "vendor": "WPFactory", + "versions": [ + { + "lessThan": "4.9.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34411.json b/data/anchore/2024/CVE-2024-34411.json new file mode 100644 index 00000000..3b1b2d6a --- /dev/null +++ b/data/anchore/2024/CVE-2024-34411.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34411", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/canvasio3d-light/wordpress-canvasio3d-light-plugin-2-5-0-arbitrary-file-upload-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:virtuellwerk:canvasio3d_light:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "canvasio3d-light", + "product": "canvasio3D Light", + "repo": "https://plugins.svn.wordpress.org/canvasio3d-light", + "vendor": "Thomas Scholl", + "versions": [ + { + "lessThanOrEqual": "2.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34427.json b/data/anchore/2024/CVE-2024-34427.json new file mode 100644 index 00000000..00baaeae --- /dev/null +++ b/data/anchore/2024/CVE-2024-34427.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34427", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-favorite-posts/wordpress-wp-favorite-posts-plugin-1-6-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wp_favorite_posts_project:wp_favorite_posts:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-favorite-posts", + "product": "WP Favorite Posts", + "repo": "https://plugins.svn.wordpress.org/wp-favorite-posts", + "vendor": "Huseyin Berberoglu", + "versions": [ + { + "lessThanOrEqual": "1.6.8", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34429.json b/data/anchore/2024/CVE-2024-34429.json new file mode 100644 index 00000000..250e5a4b --- /dev/null +++ b/data/anchore/2024/CVE-2024-34429.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34429", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/corona-virus-covid-19-banner/wordpress-simple-website-banner-plugin-1-8-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:orchestrated:corona_virus_\\(covid-19\\)_banner_\\&_live_data:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "corona-virus-covid-19-banner", + "product": "Corona Virus (COVID-19) Banner & Live Data", + "repo": "https://plugins.svn.wordpress.org/corona-virus-covid-19-banner", + "vendor": "Orchestrated", + "versions": [ + { + "lessThanOrEqual": "1.8.0.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34433.json b/data/anchore/2024/CVE-2024-34433.json new file mode 100644 index 00000000..12b1fbc0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34433.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34433", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/one-click-demo-import/wordpress-one-click-demo-import-plugin-3-2-0-php-object-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.2.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ocdi:one_click_demo_import:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "one-click-demo-import", + "product": "One Click Demo Import", + "repo": "https://plugins.svn.wordpress.org/one-click-demo-import", + "vendor": "OCDI", + "versions": [ + { + "lessThan": "3.2.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34434.json b/data/anchore/2024/CVE-2024-34434.json new file mode 100644 index 00000000..3eba7a1d --- /dev/null +++ b/data/anchore/2024/CVE-2024-34434.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34434", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-meta-data-filter-and-taxonomy-filter/wordpress-mdtf-meta-data-and-taxonomies-filter-plugin-1-3-3-2-arbitrary-shortcode-execution-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.3.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pluginus:wordpress_meta_data_and_taxonomies_filter:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-meta-data-filter-and-taxonomy-filter", + "product": "WordPress Meta Data and Taxonomies Filter (MDTF)", + "repo": "https://plugins.svn.wordpress.org/wp-meta-data-filter-and-taxonomy-filter", + "vendor": "realmag777", + "versions": [ + { + "lessThan": "1.3.3.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34437.json b/data/anchore/2024/CVE-2024-34437.json new file mode 100644 index 00000000..ca36b5cd --- /dev/null +++ b/data/anchore/2024/CVE-2024-34437.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34437", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/form-maker/wordpress-form-maker-by-10web-plugin-1-15-24-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.15.25 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:10web:form_maker:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:web-dorado:form_maker:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "form-maker", + "product": "Form Maker by 10Web", + "repo": "https://plugins.svn.wordpress.org/form-maker", + "vendor": "10Web Form Builder Team", + "versions": [ + { + "lessThan": "1.15.25", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34440.json b/data/anchore/2024/CVE-2024-34440.json new file mode 100644 index 00000000..2f068092 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34440.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34440", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ai-engine/wordpress-ai-engine-plugin-2-2-63-arbitrary-file-upload-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.2.70 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:meowapps:ai_engine:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ai-engine", + "product": "AI Engine: ChatGPT Chatbot", + "repo": "https://plugins.svn.wordpress.org/ai-engine", + "vendor": "Jordy Meow", + "versions": [ + { + "lessThan": "2.2.70", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34441.json b/data/anchore/2024/CVE-2024-34441.json new file mode 100644 index 00000000..8df9dd60 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34441.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34441", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/easy-affiliate-links/wordpress-easy-affiliate-links-plugin-3-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.7.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:bootstrapped:easy_affiliate_links:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "easy-affiliate-links", + "product": "Easy Affiliate Links", + "repo": "https://plugins.svn.wordpress.org/easy-affiliate-links", + "vendor": "Bootstrapped Ventures", + "versions": [ + { + "lessThan": "3.7.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34556.json b/data/anchore/2024/CVE-2024-34556.json new file mode 100644 index 00000000..8c76eeb7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34556.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34556", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-4-sensitive-data-exposure-via-exported-file-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ukrsolution:barcode_scanner_and_inventory_manager:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "barcode-scanner-lite-pos-to-manage-products-inventory-and-orders", + "product": "Barcode Scanner with Inventory & Order Manager", + "repo": "https://plugins.svn.wordpress.org/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders", + "vendor": "UkrSolution", + "versions": [ + { + "lessThan": "1.5.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34557.json b/data/anchore/2024/CVE-2024-34557.json new file mode 100644 index 00000000..538e858d --- /dev/null +++ b/data/anchore/2024/CVE-2024-34557.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34557", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ukrsolution:barcode_scanner_and_inventory_manager:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "barcode-scanner-lite-pos-to-manage-products-inventory-and-orders", + "product": "Barcode Scanner with Inventory & Order Manager", + "repo": "https://plugins.svn.wordpress.org/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders", + "vendor": "UkrSolution", + "versions": [ + { + "lessThan": "1.5.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34559.json b/data/anchore/2024/CVE-2024-34559.json new file mode 100644 index 00000000..93d0a5a0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34559.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34559", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ghost/wordpress-ghost-plugin-1-4-0-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:*", + "cpe:2.3:a:ghost:ghost:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ghost", + "product": "Ghost", + "repo": "https://plugins.svn.wordpress.org/ghost", + "vendor": "Ghost Foundation", + "versions": [ + { + "lessThan": "1.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34567.json b/data/anchore/2024/CVE-2024-34567.json new file mode 100644 index 00000000..6b4e2566 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34567.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34567", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/easy-notify-lite/wordpress-easy-notify-lite-plugin-1-1-29-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.1.30 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "easy-notify-lite", + "product": "Popup Builder", + "repo": "https://plugins.svn.wordpress.org/easy-notify-lite", + "vendor": "GhozyLab, Inc.", + "versions": [ + { + "lessThan": "1.1.30", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34575.json b/data/anchore/2024/CVE-2024-34575.json new file mode 100644 index 00000000..7e50f41e --- /dev/null +++ b/data/anchore/2024/CVE-2024-34575.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34575", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/dethemekit-for-elementor/wordpress-dethemekit-for-elementor-plugin-2-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.1.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:dethemekit_for_elementor_project:dethemekit_for_elementor:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "dethemekit-for-elementor", + "product": "DethemeKit For Elementor", + "repo": "https://plugins.svn.wordpress.org/dethemekit-for-elementor", + "vendor": "deTheme", + "versions": [ + { + "lessThan": "2.1.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34751.json b/data/anchore/2024/CVE-2024-34751.json new file mode 100644 index 00000000..9afdb001 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34751.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34751", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/order-import-export-for-woocommerce/wordpress-order-export-order-import-for-woocommerce-plugin-2-4-9-php-object-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.5.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:webtoffee:order_export_\\&_order_import_for_woocommerce:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "order-import-export-for-woocommerce", + "product": "Order Export & Order Import for WooCommerce", + "repo": "https://plugins.svn.wordpress.org/order-import-export-for-woocommerce", + "vendor": "WebToffee", + "versions": [ + { + "lessThan": "2.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34752.json b/data/anchore/2024/CVE-2024-34752.json new file mode 100644 index 00000000..8bce1dcb --- /dev/null +++ b/data/anchore/2024/CVE-2024-34752.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34752", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/page-builder-add/wordpress-landing-page-builder-1-5-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.1.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pluginops:landing_page_builder:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "page-builder-add", + "product": "Landing Page Builder", + "repo": "https://plugins.svn.wordpress.org/page-builder-add", + "vendor": "PluginOps", + "versions": [ + { + "lessThan": "1.5.1.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34755.json b/data/anchore/2024/CVE-2024-34755.json new file mode 100644 index 00000000..f40e0b74 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34755.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34755", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/cf7-salesforce/wordpress-integration-for-salesforce-and-contact-form-7-wpforms-elementor-formidable-ninja-forms-plugin-1-3-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.4.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:crmperks:integration_for_salesforce_and_contact_form_7\\,_wpforms\\,_elementor\\,_ninja_forms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "cf7-salesforce", + "product": "Integration for Contact Form 7 and Salesforce", + "repo": "https://plugins.svn.wordpress.org/cf7-salesforce", + "vendor": "CRM Perks", + "versions": [ + { + "lessThan": "1.4.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34756.json b/data/anchore/2024/CVE-2024-34756.json new file mode 100644 index 00000000..c585e723 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34756.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34756", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/cf7-hubspot/wordpress-integration-for-hubspot-and-contact-form-7-plugin-1-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:crmperks:database_for_contact_form_7\\,_wpforms\\,_elementor_forms:*:*:*:*:*:*:*:*" + ], + "packageName": "cf7-hubspot", + "product": "Integration for Contact Form 7 HubSpot", + "repo": "https://plugins.svn.wordpress.org/cf7-hubspot", + "vendor": "CRM Perks", + "versions": [ + { + "lessThan": "1.3.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34757.json b/data/anchore/2024/CVE-2024-34757.json new file mode 100644 index 00000000..7789eb95 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34757.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34757", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/borderless/wordpress-borderless-widgets-elements-templates-and-toolkit-for-elementor-gutenberg-plugin-1-5-3-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:visualmodo:borderless:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "borderless", + "product": "Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg", + "repo": "https://plugins.svn.wordpress.org/borderless", + "vendor": "Visualmodo", + "versions": [ + { + "lessThan": "1.5.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34805.json b/data/anchore/2024/CVE-2024-34805.json new file mode 100644 index 00000000..00f5aaaa --- /dev/null +++ b/data/anchore/2024/CVE-2024-34805.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34805", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/iframe/wordpress-iframe-plugin-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:iframe_project:iframe:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "iframe", + "product": "iFrame", + "repo": "https://plugins.svn.wordpress.org/iframe", + "vendor": "Webvitaly", + "versions": [ + { + "lessThanOrEqual": "5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34807.json b/data/anchore/2024/CVE-2024-34807.json new file mode 100644 index 00000000..95a56f2c --- /dev/null +++ b/data/anchore/2024/CVE-2024-34807.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34807", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/fast-custom-social-share-by-codebard/wordpress-fast-custom-social-share-by-codebard-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:codebard:fast_custom_social_share:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "fast-custom-social-share-by-codebard", + "product": "Fast Custom Social Share by CodeBard", + "repo": "https://plugins.svn.wordpress.org/fast-custom-social-share-by-codebard", + "vendor": "CodeBard", + "versions": [ + { + "lessThanOrEqual": "1.1.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34808.json b/data/anchore/2024/CVE-2024-34808.json new file mode 100644 index 00000000..d313350e --- /dev/null +++ b/data/anchore/2024/CVE-2024-34808.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34808", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/jch-optimize/wordpress-jch-optimize-plugin-4-2-0-path-traversal-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.2.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:jch_optimize_project:jch_optimize:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "jch-optimize", + "product": "JCH Optimize", + "repo": "https://plugins.svn.wordpress.org/jch-optimize", + "vendor": "Samuel Marshall", + "versions": [ + { + "lessThan": "4.2.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34811.json b/data/anchore/2024/CVE-2024-34811.json new file mode 100644 index 00000000..3b3fbede --- /dev/null +++ b/data/anchore/2024/CVE-2024-34811.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34811", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-sms/wordpress-wp-sms-plugin-6-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 6.5.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:veronalabs:wp_sms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-sms", + "product": "WP SMS", + "repo": "https://plugins.svn.wordpress.org/wp-sms", + "vendor": "VeronaLabs", + "versions": [ + { + "lessThan": "6.5.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34814.json b/data/anchore/2024/CVE-2024-34814.json new file mode 100644 index 00000000..ca0749ee --- /dev/null +++ b/data/anchore/2024/CVE-2024-34814.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34814", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/unyson/wordpress-unyson-plugin-2-7-29-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.7.31 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:brizy:unyson:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "unyson", + "product": "Unyson", + "repo": "https://plugins.svn.wordpress.org/unyson", + "vendor": "ThemeFuse", + "versions": [ + { + "lessThan": "2.7.31", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34823.json b/data/anchore/2024/CVE-2024-34823.json new file mode 100644 index 00000000..09ffa16b --- /dev/null +++ b/data/anchore/2024/CVE-2024-34823.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34823", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/bft-autoresponder/wordpress-arigato-autoresponder-and-newsletter-plugin-2-7-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.7.2.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:kibokolabs:arigato_autoresponder_and_newsletter:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "bft-autoresponder", + "product": "Arigato Autoresponder and Newsletter", + "repo": "https://plugins.svn.wordpress.org/bft-autoresponder", + "vendor": "Kiboko Labs", + "versions": [ + { + "lessThan": "2.7.2.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34825.json b/data/anchore/2024/CVE-2024-34825.json new file mode 100644 index 00000000..110006a2 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34825.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34825", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/social-warfare/wordpress-social-warfare-plugin-4-4-5-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.4.6 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "social-warfare", + "product": "Social Warfare", + "repo": "https://plugins.svn.wordpress.org/social-warfare", + "vendor": "Warfare Plugins", + "versions": [ + { + "lessThan": "4.4.6", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34827.json b/data/anchore/2024/CVE-2024-34827.json new file mode 100644 index 00000000..c786f81b --- /dev/null +++ b/data/anchore/2024/CVE-2024-34827.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34827", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/translatepress-multilingual/wordpress-translate-multilingual-sites-translatepress-plugin-2-7-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.7.6 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:cozmoslabs:translatepress:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "translatepress-multilingual", + "product": "TranslatePress", + "repo": "https://plugins.svn.wordpress.org/translatepress-multilingual", + "vendor": "Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban", + "versions": [ + { + "lessThan": "2.7.6", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34828.json b/data/anchore/2024/CVE-2024-34828.json new file mode 100644 index 00000000..90ee0ac3 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34828.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34828", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-1-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.2.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "church-admin", + "product": "Church Admin", + "repo": "https://plugins.svn.wordpress.org/church-admin", + "vendor": "Andy Moyle", + "versions": [ + { + "lessThan": "4.2.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35166.json b/data/anchore/2024/CVE-2024-35166.json new file mode 100644 index 00000000..9fc23f21 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35166.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35166", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/filebird/wordpress-filebird-wordpress-media-library-folders-file-manager-plugin-5-6-3-sensitive-data-exposure-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.6.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ninjateam:filebird:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "filebird", + "product": "Filebird", + "repo": "https://plugins.svn.wordpress.org/filebird", + "vendor": "Ninja Team", + "versions": [ + { + "lessThan": "5.6.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35169.json b/data/anchore/2024/CVE-2024-35169.json new file mode 100644 index 00000000..d5af4aaf --- /dev/null +++ b/data/anchore/2024/CVE-2024-35169.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35169", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/all-bootstrap-blocks/wordpress-all-bootstrap-blocks-plugin-1-3-15-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.16 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:areoi:all_bootstrap_blocks:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "all-bootstrap-blocks", + "product": "All Bootstrap Blocks", + "repo": "https://plugins.svn.wordpress.org/all-bootstrap-blocks", + "vendor": "AREOI", + "versions": [ + { + "lessThan": "1.3.16", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35171.json b/data/anchore/2024/CVE-2024-35171.json new file mode 100644 index 00000000..413c7466 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35171.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35171", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/academy/wordpress-academy-lms-plugin-1-9-25-sensitive-data-exposure-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.9.26 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:creativeitem:academy_lms:*:*:*:*:*:*:*:*" + ], + "packageName": "academy", + "product": "Academy LMS", + "repo": "https://plugins.svn.wordpress.org/academy", + "vendor": "Academy LMS", + "versions": [ + { + "lessThan": "1.9.26", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35172.json b/data/anchore/2024/CVE-2024-35172.json new file mode 100644 index 00000000..cc09b48c --- /dev/null +++ b/data/anchore/2024/CVE-2024-35172.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35172", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/shortpixel-adaptive-images/wordpress-shortpixel-adaptive-images-plugin-3-8-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.8.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:shortpixel:shortpixel_adaptive_images:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "shortpixel-adaptive-images", + "product": "ShortPixel Adaptive Images", + "repo": "https://plugins.svn.wordpress.org/shortpixel-adaptive-images", + "vendor": "ShortPixel", + "versions": [ + { + "lessThan": "3.8.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35173.json b/data/anchore/2024/CVE-2024-35173.json new file mode 100644 index 00000000..a18e349e --- /dev/null +++ b/data/anchore/2024/CVE-2024-35173.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35173", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wc-serial-numbers/wordpress-wc-serial-numbers-plugin-1-7-2-broken-access-control-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pluginever:wc_serial_numbers:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wc-serial-numbers", + "product": "Serial Numbers for WooCommerce – License Manager", + "repo": "https://plugins.svn.wordpress.org/wc-serial-numbers", + "vendor": "PluginEver", + "versions": [ + { + "lessThanOrEqual": "1.7.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35174.json b/data/anchore/2024/CVE-2024-35174.json new file mode 100644 index 00000000..a2df0dec --- /dev/null +++ b/data/anchore/2024/CVE-2024-35174.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35174", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/flo-forms/wordpress-flo-forms-plugin-1-0-42-broken-access-control-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:flothemes:flo_forms:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "flo-forms", + "product": "Flo Forms", + "repo": "https://plugins.svn.wordpress.org/flo-forms", + "vendor": "Flothemes", + "versions": [ + { + "lessThanOrEqual": "1.0.42", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4214.json b/data/anchore/2024/CVE-2024-4214.json new file mode 100644 index 00000000..38e1e496 --- /dev/null +++ b/data/anchore/2024/CVE-2024-4214.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-4214", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/cardealer/wordpress-cardealer-plugin-4-15-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.16 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:car_dealer_project:car_dealer:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "cardealer", + "product": "Car Dealer", + "repo": "https://plugins.svn.wordpress.org/cardealer", + "vendor": "Bill Minozzi", + "versions": [ + { + "lessThan": "4.16", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4689.json b/data/anchore/2024/CVE-2024-4689.json new file mode 100644 index 00000000..a4607cf5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-4689.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-4689", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/shortpixel-adaptive-images/wordpress-shortpixel-adaptive-images-plugin-3-8-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.8.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:shortpixel:shortpixel_adaptive_images:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "shortpixel-adaptive-images", + "product": "ShortPixel Adaptive Images", + "repo": "https://plugins.svn.wordpress.org/shortpixel-adaptive-images", + "vendor": "ShortPixel", + "versions": [ + { + "lessThan": "3.8.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file