In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between June 10-11, 2024.
During this period, The National Vulnerability Database published 145, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 10
High: 23
Medium: 43
Low: 2
Severity Not Assigned: 67
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-5785
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability could allow an authenticated user to execute commands inside the router by making a POST request to the URL “/boaform/admin/formUserTracert”.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-comtrend-router
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-34761
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Vulnerability discovered by executing a planned security audit.
Improper Control of Generation of Code ('Code Injection') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows Code Injection.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
References: https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-arbitrary-function-execution-vulnerability?_s_id=cve
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-34762
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Vulnerability discovered by executing a planned security audit.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
References: https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-34800
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3.
References: https://patchstack.com/database/vulnerability/crafthemes-demo-import/wordpress-crafthemes-demo-import-plugin-3-1-arbitrary-plugin-installation-vulnerability?_s_id=cve
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-35658
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2.
References: https://patchstack.com/database/vulnerability/woocommerce-checkout-field-editor-pro/wordpress-checkout-field-editor-for-woocommerce-pro-plugin-3-6-2-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-35677
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12.
References: https://patchstack.com/database/vulnerability/stm-megamenu/wordpress-megamenu-plugin-2-3-12-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-37051
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 5.8
Description: GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
References: https://www.jetbrains.com/privacy-security/issues-fixed/
CWE-ID: CWE-522
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-35743
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6.
References: https://patchstack.com/database/vulnerability/wp-file-checker/wordpress-sc-filechecker-plugin-0-6-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-35744
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0.
References: https://patchstack.com/database/vulnerability/upunzipper/wordpress-upunzipper-plugin-1-0-0-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-35745
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations allows Path Traversal, File Manipulation.This issue affects Strategery Migrations: from n/a through 1.0.
References: https://patchstack.com/database/vulnerability/strategery-migrations/wordpress-strategery-migrations-plugin-1-0-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-35746
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2.
References: https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-35754
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3.
References: https://patchstack.com/database/vulnerability/ovic-import-demo/wordpress-ovic-importer-plugin-1-6-3-arbitrary-file-download-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-36408
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in the `Alerts` controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-2g8f-gjrr-x5cg
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-5597
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution.
References: https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02
CWE-ID: CWE-843
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-36409
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in Tree data entry point. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-pxq4-vw23-v73f
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-36410
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in EmailUIAjax messages count controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-7jj8-m2wj-m6xq
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-36411
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in EmailUIAjax displayView controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-9rvr-mcrf-p4p7
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-36412
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-xjx2-38hv-5hh8
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-36413
Base Score: 8.9
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the import module error view allows for a cross-site scripting attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-ph2c-hvvf-r273
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-36414
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the connectors file verification allows for a server-side request forgery attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-wg74-772c-8gr7
CWE-ID: CWE-918
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-36415
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in uploaded file verification in products allows for remote code execution. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-c82f-58jv-jfrh
CWE-ID: CWE-434 CWE-98
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-36416
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77
CWE-ID: CWE-779
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-36418
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in connectors allows an authenticated user to perform a remote code execution attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-mfj5-37v4-vh5w
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-32849
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
References: https://helpcenter.trendmicro.com/en-us/article/tmka-19175
https://www.zerodayinitiative.com/advisories/ZDI-24-576/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-35241
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `status`, `reinstall` and `remove` commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code. Patches for this issue are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid installing dependencies via git by using `--prefer-dist` or the `preferred-install: dist` config setting.
References: https://github.com/composer/composer/commit/b93fc6ca437da35ae73d667d0618749c763b67d4
https://github.com/composer/composer/commit/ee28354ca8d33c15949ad7de2ce6656ba3f68704
https://github.com/composer/composer/security/advisories/GHSA-47f6-5gq3-vx9c
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-35242
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid cloning potentially compromised repositories.
References: https://github.com/composer/composer/commit/6bd43dff859c597c09bd03a7e7d6443822d0a396
https://github.com/composer/composer/commit/fc57b93603d7d90b71ca8ec77b1c8a9171fdb467
https://github.com/composer/composer/security/advisories/GHSA-v9qv-c7wm-wgmf
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-36302
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not identical to, CVE-2024-36303.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-569/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-36303
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not identical to, CVE-2024-36302.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-570/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-36304
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-571/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-36305
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-572/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-36358
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298151
https://www.zerodayinitiative.com/advisories/ZDI-24-575/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
32. CVE-2024-37166
Base Score: 8.9
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 6.0
Description: ghtml is software that uses tagged templates for template engine functionality. It is possible to introduce user-controlled JavaScript code and trigger a Cross-Site Scripting (XSS) vulnerability in some cases. Version 2.0.0 introduces changes to mitigate this issue. Version 2.0.0 contains updated documentation to clarify that while ghtml escapes characters with special meaning in HTML, it does not provide comprehensive protection against all types of XSS attacks in every scenario. This aligns with the approach taken by other template engines. Developers should be cautious and take additional measures to sanitize user input and prevent potential vulnerabilities. Additionally, the backtick character (`) is now also escaped to prevent the creation of strings in most cases where a malicious actor somehow gains the ability to write JavaScript. This does not provide comprehensive protection either.
References: https://github.com/gurgunday/ghtml/commit/df1ea50fe8968a766fd2b9379a8f9806375227f8
https://github.com/gurgunday/ghtml/security/advisories/GHSA-vvhj-v88f-5gxr
CWE-ID: CWE-79 CWE-80
Common Platform Enumerations (CPE): Not Found
33. CVE-2024-37289
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-577/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between June 10-11, 2024.
During this period, The National Vulnerability Database published 145, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 10
High: 23
Medium: 43
Low: 2
Severity Not Assigned: 67
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-5785
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us version. This vulnerability could allow an authenticated user to execute commands inside the router by making a POST request to the URL “/boaform/admin/formUserTracert”.
References: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-comtrend-router
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-34761
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Vulnerability discovered by executing a planned security audit.
Improper Control of Generation of Code ('Code Injection') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows Code Injection.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
References: https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-arbitrary-function-execution-vulnerability?_s_id=cve
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-34762
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Vulnerability discovered by executing a planned security audit.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
References: https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-34800
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3.
References: https://patchstack.com/database/vulnerability/crafthemes-demo-import/wordpress-crafthemes-demo-import-plugin-3-1-arbitrary-plugin-installation-vulnerability?_s_id=cve
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-35658
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2.
References: https://patchstack.com/database/vulnerability/woocommerce-checkout-field-editor-pro/wordpress-checkout-field-editor-for-woocommerce-pro-plugin-3-6-2-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-35677
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12.
References: https://patchstack.com/database/vulnerability/stm-megamenu/wordpress-megamenu-plugin-2-3-12-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-37051
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 5.8
Description: GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
References: https://www.jetbrains.com/privacy-security/issues-fixed/
CWE-ID: CWE-522
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-35743
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6.
References: https://patchstack.com/database/vulnerability/wp-file-checker/wordpress-sc-filechecker-plugin-0-6-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-35744
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0.
References: https://patchstack.com/database/vulnerability/upunzipper/wordpress-upunzipper-plugin-1-0-0-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-35745
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations allows Path Traversal, File Manipulation.This issue affects Strategery Migrations: from n/a through 1.0.
References: https://patchstack.com/database/vulnerability/strategery-migrations/wordpress-strategery-migrations-plugin-1-0-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-35746
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2.
References: https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-35754
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3.
References: https://patchstack.com/database/vulnerability/ovic-import-demo/wordpress-ovic-importer-plugin-1-6-3-arbitrary-file-download-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-36408
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in the `Alerts` controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-2g8f-gjrr-x5cg
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-5597
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or code execution.
References: https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-02
CWE-ID: CWE-843
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-36409
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in Tree data entry point. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-pxq4-vw23-v73f
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-36410
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in EmailUIAjax messages count controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-7jj8-m2wj-m6xq
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-36411
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.8
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in EmailUIAjax displayView controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-9rvr-mcrf-p4p7
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-36412
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-xjx2-38hv-5hh8
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-36413
Base Score: 8.9
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the import module error view allows for a cross-site scripting attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-ph2c-hvvf-r273
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-36414
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the connectors file verification allows for a server-side request forgery attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-wg74-772c-8gr7
CWE-ID: CWE-918
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-36415
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in uploaded file verification in products allows for remote code execution. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-c82f-58jv-jfrh
CWE-ID: CWE-434 CWE-98
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-36416
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-jrpp-22g3-2j77
CWE-ID: CWE-779
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-36418
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in connectors allows an authenticated user to perform a remote code execution attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
References: https://github.com/salesagility/SuiteCRM/security/advisories/GHSA-mfj5-37v4-vh5w
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-32849
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
References: https://helpcenter.trendmicro.com/en-us/article/tmka-19175
https://www.zerodayinitiative.com/advisories/ZDI-24-576/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-35241
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `status`, `reinstall` and `remove` commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code. Patches for this issue are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid installing dependencies via git by using `--prefer-dist` or the `preferred-install: dist` config setting.
References: https://github.com/composer/composer/commit/b93fc6ca437da35ae73d667d0618749c763b67d4
https://github.com/composer/composer/commit/ee28354ca8d33c15949ad7de2ce6656ba3f68704
https://github.com/composer/composer/security/advisories/GHSA-47f6-5gq3-vx9c
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-35242
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid cloning potentially compromised repositories.
References: https://github.com/composer/composer/commit/6bd43dff859c597c09bd03a7e7d6443822d0a396
https://github.com/composer/composer/commit/fc57b93603d7d90b71ca8ec77b1c8a9171fdb467
https://github.com/composer/composer/security/advisories/GHSA-v9qv-c7wm-wgmf
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-36302
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not identical to, CVE-2024-36303.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-569/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-36303
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability is similar to, but not identical to, CVE-2024-36302.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-570/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-36304
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-571/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-36305
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-572/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-36358
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298151
https://www.zerodayinitiative.com/advisories/ZDI-24-575/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
32. CVE-2024-37166
Base Score: 8.9
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 6.0
Description: ghtml is software that uses tagged templates for template engine functionality. It is possible to introduce user-controlled JavaScript code and trigger a Cross-Site Scripting (XSS) vulnerability in some cases. Version 2.0.0 introduces changes to mitigate this issue. Version 2.0.0 contains updated documentation to clarify that while ghtml escapes characters with special meaning in HTML, it does not provide comprehensive protection against all types of XSS attacks in every scenario. This aligns with the approach taken by other template engines. Developers should be cautious and take additional measures to sanitize user input and prevent potential vulnerabilities. Additionally, the backtick character (`) is now also escaped to prevent the creation of strings in most cases where a malicious actor somehow gains the ability to write JavaScript. This does not provide comprehensive protection either.
References: https://github.com/gurgunday/ghtml/commit/df1ea50fe8968a766fd2b9379a8f9806375227f8
https://github.com/gurgunday/ghtml/security/advisories/GHSA-vvhj-v88f-5gxr
CWE-ID: CWE-79 CWE-80
Common Platform Enumerations (CPE): Not Found
33. CVE-2024-37289
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References: https://success.trendmicro.com/dcx/s/solution/000298063
https://www.zerodayinitiative.com/advisories/ZDI-24-577/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found