Skip to content

Commit

Permalink
20241013
Browse files Browse the repository at this point in the history
  • Loading branch information
@actions-user
actions-user committed Oct 13, 2024
1 parent c2b4ca5 commit 72b4593
Show file tree
Hide file tree
Showing 37 changed files with 1,954 additions and 1 deletion.
2 changes: 1 addition & 1 deletion date.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
20241012
20241013
34 changes: 34 additions & 0 deletions poc.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43295,6 +43295,7 @@
./poc/cve/CVE-2024-7486-4944a37a1f08a4c0f808d31cb701abc0.yaml
./poc/cve/CVE-2024-7486.yaml
./poc/cve/CVE-2024-7489-aa8f1735fc553f9668252fa41454f24d.yaml
./poc/cve/CVE-2024-7489.yaml
./poc/cve/CVE-2024-7491-57292cedf3ffe8a05f22b0a34a93f1e7.yaml
./poc/cve/CVE-2024-7491.yaml
./poc/cve/CVE-2024-7492-2a27ab15f61a26513636485e06679756.yaml
Expand Down Expand Up @@ -43693,7 +43694,9 @@
./poc/cve/CVE-2024-8490-248af65f72b1c2b0295c9ea833e7478d.yaml
./poc/cve/CVE-2024-8490.yaml
./poc/cve/CVE-2024-8492-94675fec1abc838fe0b6b303f8fc36d8.yaml
./poc/cve/CVE-2024-8492.yaml
./poc/cve/CVE-2024-8493-187c32b4472ed4bbe2ad3f6482869576.yaml
./poc/cve/CVE-2024-8493.yaml
./poc/cve/CVE-2024-8499-c9a5372eb2c0d1af0e98c1a128e1ba17.yaml
./poc/cve/CVE-2024-8499.yaml
./poc/cve/CVE-2024-8505-83a08aab53494aec2ab7878bf97aab78.yaml
Expand Down Expand Up @@ -43734,6 +43737,7 @@
./poc/cve/CVE-2024-8552-3fed4d10e5322d73ee0e8c653106a656.yaml
./poc/cve/CVE-2024-8552.yaml
./poc/cve/CVE-2024-8619-68e42e392b92a31acf5085fd0331fe98.yaml
./poc/cve/CVE-2024-8619.yaml
./poc/cve/CVE-2024-8621-7d60a8cdcf557152f36b470b1896351c.yaml
./poc/cve/CVE-2024-8621.yaml
./poc/cve/CVE-2024-8622-0703e404cdba311680d3e36cfe2a24e3.yaml
Expand Down Expand Up @@ -43834,9 +43838,11 @@
./poc/cve/CVE-2024-8747-f757d510ac120bf89329e22a6153766c.yaml
./poc/cve/CVE-2024-8747.yaml
./poc/cve/CVE-2024-8757-234bd8d60a5f32f1b24409ba56f236a6.yaml
./poc/cve/CVE-2024-8757.yaml
./poc/cve/CVE-2024-8758-b4b201de72ae2112a1088c6a9330f891.yaml
./poc/cve/CVE-2024-8758.yaml
./poc/cve/CVE-2024-8760-97bda91e9d60d0f1065494ed99fe53b7.yaml
./poc/cve/CVE-2024-8760.yaml
./poc/cve/CVE-2024-8761-c4b3560e76a2e821342571d2f628840d.yaml
./poc/cve/CVE-2024-8761.yaml
./poc/cve/CVE-2024-8771-56576a1d647813c40294e7136a5f117c.yaml
Expand Down Expand Up @@ -43879,6 +43885,7 @@
./poc/cve/CVE-2024-8872-af9dba20c77deb90e6dc21e6e1a04408.yaml
./poc/cve/CVE-2024-8872.yaml
./poc/cve/CVE-2024-8902-973a09e850f27d16cf400f1ff83278bd.yaml
./poc/cve/CVE-2024-8902.yaml
./poc/cve/CVE-2024-8910-a21139e5574bbe79da0b0184ae2f61a0.yaml
./poc/cve/CVE-2024-8910.yaml
./poc/cve/CVE-2024-8911-4f15541bff60904dde80229d21bf76b6.yaml
Expand All @@ -43888,6 +43895,7 @@
./poc/cve/CVE-2024-8914-a880cd2d5e4d4bdbe19c9508e28fe443.yaml
./poc/cve/CVE-2024-8914.yaml
./poc/cve/CVE-2024-8915-c96fbadd6669597791ff972bbeeaf8cd.yaml
./poc/cve/CVE-2024-8915.yaml
./poc/cve/CVE-2024-8917-6aaaaa729e35997797a61f2cd09b6335.yaml
./poc/cve/CVE-2024-8917.yaml
./poc/cve/CVE-2024-8919-fb0057a26cabecd9dfc880674f08a19a.yaml
Expand Down Expand Up @@ -43928,6 +43936,7 @@
./poc/cve/CVE-2024-9028-dc0d91d4955ed06391d200994359ce87.yaml
./poc/cve/CVE-2024-9028.yaml
./poc/cve/CVE-2024-9047-4fa9dae40fda722965808b936ffa6acb.yaml
./poc/cve/CVE-2024-9047.yaml
./poc/cve/CVE-2024-9049-0c91c2c9811f2f85c273c97777dda20b.yaml
./poc/cve/CVE-2024-9049.yaml
./poc/cve/CVE-2024-9051-d0cc990c4c2c72b3f1c15bf197875f13.yaml
Expand Down Expand Up @@ -43987,6 +43996,7 @@
./poc/cve/CVE-2024-9177-178dee7653fa8d80dc1711bad3dcec51.yaml
./poc/cve/CVE-2024-9177.yaml
./poc/cve/CVE-2024-9187-8b43f9d2f6a2b591d59c81d2238caf51.yaml
./poc/cve/CVE-2024-9187.yaml
./poc/cve/CVE-2024-9189-887572e2c273c4a4bdeea21969a91124.yaml
./poc/cve/CVE-2024-9189.yaml
./poc/cve/CVE-2024-9204-0c84a13d3a82918c5d6c0973f90aa654.yaml
Expand Down Expand Up @@ -44116,29 +44126,41 @@
./poc/cve/CVE-2024-9587-9addb86845d8c338383a9caf97ac21e2.yaml
./poc/cve/CVE-2024-9587.yaml
./poc/cve/CVE-2024-9592-fff4a8a541e39d94b5f0980d29acdfe3.yaml
./poc/cve/CVE-2024-9592.yaml
./poc/cve/CVE-2024-9595-0c12058c023c26b1446aa326839994fd.yaml
./poc/cve/CVE-2024-9595.yaml
./poc/cve/CVE-2024-9610-22573cea45a3c22fba477c8e4bf581f3.yaml
./poc/cve/CVE-2024-9610.yaml
./poc/cve/CVE-2024-9611-e3d072056298fd4e81d4dfecee6ae07e.yaml
./poc/cve/CVE-2024-9611.yaml
./poc/cve/CVE-2024-9616-74cbb74314a998222d17f0108bdd1b47.yaml
./poc/cve/CVE-2024-9616.yaml
./poc/cve/CVE-2024-9656-5e11b0669cd68a7b45a069c732842ecd.yaml
./poc/cve/CVE-2024-9656.yaml
./poc/cve/CVE-2024-9670-590d40c02bbb47b092deffa0e1d25829.yaml
./poc/cve/CVE-2024-9670.yaml
./poc/cve/CVE-2024-9685-162e285486f85718f1eff0c9fc075030.yaml
./poc/cve/CVE-2024-9685.yaml
./poc/cve/CVE-2024-9696-7eb3ceca660ff8ed51fe8b0a6a2f165c.yaml
./poc/cve/CVE-2024-9696.yaml
./poc/cve/CVE-2024-9704-f21a430d525f14c5222622c2499dbc1f.yaml
./poc/cve/CVE-2024-9704.yaml
./poc/cve/CVE-2024-9707-4fb16dfc3a442890f762f60d876d8c4d.yaml
./poc/cve/CVE-2024-9707.yaml
./poc/cve/CVE-2024-9756-64a408f630e792f3ff717cc9822672de.yaml
./poc/cve/CVE-2024-9756.yaml
./poc/cve/CVE-2024-9776-b87b3db31f1eda93892f1d85c0aa0846.yaml
./poc/cve/CVE-2024-9776.yaml
./poc/cve/CVE-2024-9778-f12d8ad8d5a8b1346844c8509cb8d77c.yaml
./poc/cve/CVE-2024-9778.yaml
./poc/cve/CVE-2024-9821-3c976b43c465f64b4e1fa1afc3ed719b.yaml
./poc/cve/CVE-2024-9821.yaml
./poc/cve/CVE-2024-9822-69ea5c9c3890154ffaf61e4bd66bce90.yaml
./poc/cve/CVE-2024-9822.yaml
./poc/cve/CVE-2024-9824-44742b5dfe15bf136d8b10c8fdb6d6e7.yaml
./poc/cve/CVE-2024-9824.yaml
./poc/cve/CVE-2024-9860-b04ee97e5d460a289f93568831e0cf5e.yaml
./poc/cve/CVE-2024-9860.yaml
./poc/cve/CVE202127562-220331-222408.yaml
./poc/cve/CVE_2023_49442.yaml
./poc/cve/CVE_2023_51467.yaml
Expand Down Expand Up @@ -47648,6 +47670,7 @@
./poc/cve/cve-2019-16920-3960.yaml
./poc/cve/cve-2019-16920-3961.yaml
./poc/cve/cve-2019-16920-3962.yaml
./poc/cve/cve-2019-16920.yaml
./poc/cve/cve-2019-16931(1).yaml
./poc/cve/cve-2019-16931-3963.yaml
./poc/cve/cve-2019-16931.yaml
Expand Down Expand Up @@ -58101,6 +58124,7 @@
./poc/header/host-header-injection-8001.yaml
./poc/header/host-header-injection-8002.yaml
./poc/header/host-header-injection.yaml
./poc/header/host-header-injection_.yaml
./poc/header/host-header-poisoning.yaml
./poc/header/hostheaderpoisoning.yaml
./poc/header/http-cache-header.yaml
Expand Down Expand Up @@ -58531,6 +58555,7 @@
./poc/injection/host-header-injection-8001.yaml
./poc/injection/host-header-injection-8002.yaml
./poc/injection/host-header-injection.yaml
./poc/injection/host-header-injection_.yaml
./poc/injection/injection-guard-4875992ccc89ab6c03d9298f0ea07338.yaml
./poc/injection/injection-guard-4a32f73a586451a52bc0604215b90d03.yaml
./poc/injection/injection-guard-55f31168b1f68836ada04260aaedb591.yaml
Expand Down Expand Up @@ -63800,6 +63825,7 @@
./poc/other/2848712183.yaml
./poc/other/2939021635.yaml
./poc/other/2d-tag-cloud-widget-by-sujin-f775dedf778f01d96f3cf104b4a5ff00.yaml
./poc/other/2d-tag-cloud-widget-by-sujin.yaml
./poc/other/2j-slideshow-398188b565cef4627bb1cc2005473d42.yaml
./poc/other/2j-slideshow-a2cb29fa8d73411375a9f25f28aec131.yaml
./poc/other/2j-slideshow-a7ee719525508426f77934740c1310d6.yaml
Expand Down Expand Up @@ -69221,6 +69247,7 @@
./poc/other/category-grid-view-gallery-ec1de78c58c23ac8308ebf650b24c84a.yaml
./poc/other/category-grid-view-gallery.yaml
./poc/other/category-icon-1ba7a71509a41771343e0fdcceeb4a9f.yaml
./poc/other/category-icon.yaml
./poc/other/category-list-portfolio-page-c3ec7120a4b92459e512233c50f2a028.yaml
./poc/other/category-list-portfolio-page.yaml
./poc/other/category-page-icons-02e0417d125f209136fe3c33ea09f1de.yaml
Expand Down Expand Up @@ -78545,6 +78572,7 @@
./poc/other/image-gallery-with-slideshow-72b9b91cc4acaa06a4eeec68b450f837.yaml
./poc/other/image-gallery-with-slideshow-d86316f172e2cc00097a0b5d6774c1b2.yaml
./poc/other/image-gallery-with-slideshow.yaml
./poc/other/image-gallery.yaml
./poc/other/image-horizontal-reel-scroll-slideshow-29d01eb4c98f0f4e9fcbd15dcac7b08c.yaml
./poc/other/image-horizontal-reel-scroll-slideshow-5f09e55636613e78488ea83c9a30f2be.yaml
./poc/other/image-horizontal-reel-scroll-slideshow.yaml
Expand Down Expand Up @@ -83084,6 +83112,7 @@
./poc/other/mylot.yaml
./poc/other/mymfans.yaml
./poc/other/mynx-page-builder-e5ef52784bd604a03534c96c5c5b985d.yaml
./poc/other/mynx-page-builder.yaml
./poc/other/mypixs-758377262af71e2390f649acd5c89b73.yaml
./poc/other/mypixs.yaml
./poc/other/myportfolio.yaml
Expand Down Expand Up @@ -84848,6 +84877,7 @@
./poc/other/paypal-donations-5eead37a379def1e3474abcddf3a225c.yaml
./poc/other/paypal-donations.yaml
./poc/other/paypal-gift-certificate-7a1c89e0233f23e5f8c8d08caace9488.yaml
./poc/other/paypal-gift-certificate.yaml
./poc/other/paypal-pay-buy-donation-and-cart-buttons-shortcode-055ed7df687e1bb906d206bc5dc26037.yaml
./poc/other/paypal-pay-buy-donation-and-cart-buttons-shortcode-b134b6aa0693a308331bb83085898e83.yaml
./poc/other/paypal-pay-buy-donation-and-cart-buttons-shortcode.yaml
Expand Down Expand Up @@ -98417,6 +98447,7 @@
./poc/remote_code_execution/bosa-elementor-for-woocommerce-01a4f2980d5d921fdb4f483338cf1391.yaml
./poc/remote_code_execution/bosa-elementor-for-woocommerce.yaml
./poc/remote_code_execution/bot-for-telegram-on-woocommerce-95e4471cf7b0cdfb6c9aec1a9d40a0ae.yaml
./poc/remote_code_execution/bot-for-telegram-on-woocommerce.yaml
./poc/remote_code_execution/brands-for-woocommerce-018c818356c6b000ed4656a96a0c372c.yaml
./poc/remote_code_execution/brands-for-woocommerce-055e1820b3e7ef430034aac2fbd3cb4b.yaml
./poc/remote_code_execution/brands-for-woocommerce-25f970a8a780b560ba186742cd55ae28.yaml
Expand Down Expand Up @@ -99477,6 +99508,7 @@
./poc/remote_code_execution/order-and-inventory-manager-for-woocommerce-cb43a3033745f9235059b7d1b7a3d855.yaml
./poc/remote_code_execution/order-and-inventory-manager-for-woocommerce.yaml
./poc/remote_code_execution/order-attachments-for-woocommerce-d72cf819fcb5997a2922f8848f39656f.yaml
./poc/remote_code_execution/order-attachments-for-woocommerce.yaml
./poc/remote_code_execution/order-auto-complete-for-woocommerce-d52da6d8785fe0d333ad93221eb739c1.yaml
./poc/remote_code_execution/order-auto-complete-for-woocommerce.yaml
./poc/remote_code_execution/order-delivery-date-for-woocommerce-0a1e73557358a5b2fa4a31e0b34b7e12.yaml
Expand Down Expand Up @@ -102768,6 +102800,7 @@
./poc/social/duitku-social-payment-gateway-00bd2277c641ac0f8870ff39d1abb82f.yaml
./poc/social/duitku-social-payment-gateway.yaml
./poc/social/dvk-social-sharing-89c738e746dab8d430975f04439c54b6.yaml
./poc/social/dvk-social-sharing.yaml
./poc/social/easy-facebook-like-box-7f8f19fc7534d3a20291e7d36a6962a1.yaml
./poc/social/easy-facebook-like-box.yaml
./poc/social/easy-facebook-likebox-0351c9b7f28bf4dade309063cdc5cccc.yaml
Expand Down Expand Up @@ -112221,6 +112254,7 @@
./poc/ssrf/ssrf-blind-host.yaml
./poc/ssrf/ssrf-blind.yaml
./poc/ssrf/ssrf-by-proxy.yaml
./poc/ssrf/ssrf-detect.yaml
./poc/ssrf/ssrf-detection.yaml
./poc/ssrf/ssrf-fuzz.yaml
./poc/ssrf/ssrf-injection.yaml
Expand Down
59 changes: 59 additions & 0 deletions poc/cve/CVE-2024-7489.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
id: CVE-2024-7489

info:
name: >
Forms for Mailchimp by Optin Cat <= 2.5.6 - Authenticated (Editor+) Stored Cross-Site Scripting via Form Color Parameters
author: topscoder
severity: low
description: >
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
reference:
- https://github.com/topscoder/nuclei-wordfence-cve
- https://www.wordfence.com/threat-intel/vulnerabilities/id/52f9db86-7fed-4b32-8384-3ceb300f9249?source=api-prod
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
cvss-score: 4.4
cve-id: CVE-2024-7489
metadata:
fofa-query: "wp-content/plugins/mailchimp-wp/"
google-query: inurl:"/wp-content/plugins/mailchimp-wp/"
shodan-query: 'vuln:CVE-2024-7489'
tags: cve,wordpress,wp-plugin,mailchimp-wp,low

http:
- method: GET
redirects: true
max-redirects: 3
path:
- "{{BaseURL}}/wp-content/plugins/mailchimp-wp/readme.txt"

extractors:
- type: regex
name: version
part: body
group: 1
internal: true
regex:
- "(?mi)Stable tag: ([0-9.]+)"

- type: regex
name: version
part: body
group: 1
regex:
- "(?mi)Stable tag: ([0-9.]+)"

matchers-condition: and
matchers:
- type: status
status:
- 200

- type: word
words:
- "mailchimp-wp"
part: body

- type: dsl
dsl:
- compare_versions(version, '<= 2.5.6')
59 changes: 59 additions & 0 deletions poc/cve/CVE-2024-8492.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
id: CVE-2024-8492

info:
name: >
Hustle <= 7.8.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
author: topscoder
severity: low
description: >
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 7.8.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
reference:
- https://github.com/topscoder/nuclei-wordfence-cve
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d7023a3e-35ba-4d52-8092-ae40b53d5efa?source=api-prod
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
cvss-score: 4.4
cve-id: CVE-2024-8492
metadata:
fofa-query: "wp-content/plugins/wordpress-popup/"
google-query: inurl:"/wp-content/plugins/wordpress-popup/"
shodan-query: 'vuln:CVE-2024-8492'
tags: cve,wordpress,wp-plugin,wordpress-popup,low

http:
- method: GET
redirects: true
max-redirects: 3
path:
- "{{BaseURL}}/wp-content/plugins/wordpress-popup/readme.txt"

extractors:
- type: regex
name: version
part: body
group: 1
internal: true
regex:
- "(?mi)Stable tag: ([0-9.]+)"

- type: regex
name: version
part: body
group: 1
regex:
- "(?mi)Stable tag: ([0-9.]+)"

matchers-condition: and
matchers:
- type: status
status:
- 200

- type: word
words:
- "wordpress-popup"
part: body

- type: dsl
dsl:
- compare_versions(version, '<= 7.8.4')
59 changes: 59 additions & 0 deletions poc/cve/CVE-2024-8493.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
id: CVE-2024-8493

info:
name: >
The Events Calendar <= 6.6.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
author: topscoder
severity: low
description: >
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
reference:
- https://github.com/topscoder/nuclei-wordfence-cve
- https://www.wordfence.com/threat-intel/vulnerabilities/id/6df29b14-0c9d-4ecf-96be-8c39c93121e2?source=api-prod
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
cvss-score: 4.4
cve-id: CVE-2024-8493
metadata:
fofa-query: "wp-content/plugins/the-events-calendar/"
google-query: inurl:"/wp-content/plugins/the-events-calendar/"
shodan-query: 'vuln:CVE-2024-8493'
tags: cve,wordpress,wp-plugin,the-events-calendar,low

http:
- method: GET
redirects: true
max-redirects: 3
path:
- "{{BaseURL}}/wp-content/plugins/the-events-calendar/readme.txt"

extractors:
- type: regex
name: version
part: body
group: 1
internal: true
regex:
- "(?mi)Stable tag: ([0-9.]+)"

- type: regex
name: version
part: body
group: 1
regex:
- "(?mi)Stable tag: ([0-9.]+)"

matchers-condition: and
matchers:
- type: status
status:
- 200

- type: word
words:
- "the-events-calendar"
part: body

- type: dsl
dsl:
- compare_versions(version, '<= 6.6.3')
Loading

0 comments on commit 72b4593

Please sign in to comment.