20241027

date.txt

@@ -1 +1 @@
-20241026
+20241027

poc.txt

@@ -5689,6 +5689,7 @@
 ./poc/auth/wordpress-weak-credentials.yaml
 ./poc/auth/wp-activate-register-redirect.yaml
 ./poc/auth/wp-awesome-login-bff57ffdf8ed44b0944be0d854802a8a.yaml
+./poc/auth/wp-awesome-login.yaml
 ./poc/auth/wp-cookie-law-info-1482e7982321747b7cd5ff73a34a6241.yaml
 ./poc/auth/wp-cookie-law-info.yaml
 ./poc/auth/wp-cookie-user-info-d2666c85e1e86cfe042cf280f363f5ef.yaml
@@ -33576,10 +33577,13 @@
 ./poc/cve/CVE-2024-10080-e752dddf0fc4544c6494ed49850e78fe.yaml
 ./poc/cve/CVE-2024-10080.yaml
 ./poc/cve/CVE-2024-10091-47d98d91216f898ff00624ad6961c9a7.yaml
+./poc/cve/CVE-2024-10091.yaml
 ./poc/cve/CVE-2024-10092-d032ec31ce8980271a8c19e352a437d5.yaml
+./poc/cve/CVE-2024-10092.yaml
 ./poc/cve/CVE-2024-10112-b49134293bd607a2527227eff1da1897.yaml
 ./poc/cve/CVE-2024-10112.yaml
 ./poc/cve/CVE-2024-10117-0f80cc12896c22d305bb403aa391d732.yaml
+./poc/cve/CVE-2024-10117.yaml
 ./poc/cve/CVE-2024-10148-66e8a68a811d5893a9baabebb92f1d1e.yaml
 ./poc/cve/CVE-2024-10148.yaml
 ./poc/cve/CVE-2024-10150-430c4ec0389798d1691a4f250437c712.yaml
@@ -33600,13 +33604,15 @@
 ./poc/cve/CVE-2024-10343-4b62a3038a6fc336914f3ddb9e620492.yaml
 ./poc/cve/CVE-2024-10343.yaml
 ./poc/cve/CVE-2024-10357-4f61676917f036bdaefc6591bc3b8254.yaml
+./poc/cve/CVE-2024-10357.yaml
 ./poc/cve/CVE-2024-1037-b7f7f3d961a0c33ea429c4b0e05a6902.yaml
 ./poc/cve/CVE-2024-1037.yaml
 ./poc/cve/CVE-2024-10374-0f08cd74cdc8b699792d2afd2c3f92eb.yaml
 ./poc/cve/CVE-2024-10374.yaml
 ./poc/cve/CVE-2024-1038-09acb945d02620d1c14081c7f022392a.yaml
 ./poc/cve/CVE-2024-1038.yaml
 ./poc/cve/CVE-2024-10402-d19daccb93672a4dbbaf6e7359c6a5a0.yaml
+./poc/cve/CVE-2024-10402.yaml
 ./poc/cve/CVE-2024-1041-4d41bff9bd3d73f09dd9d25dcb4b1efa.yaml
 ./poc/cve/CVE-2024-1041.yaml
 ./poc/cve/CVE-2024-1042-ca45873031b9d1dfe7f3cbf642a8c725.yaml
@@ -44271,6 +44277,7 @@
 ./poc/cve/CVE-2024-8379-fe39d989e4d132f5087243fbc500f6e9.yaml
 ./poc/cve/CVE-2024-8379.yaml
 ./poc/cve/CVE-2024-8392-db179437e5435523a5ac158b341c5f4a.yaml
+./poc/cve/CVE-2024-8392.yaml
 ./poc/cve/CVE-2024-8397-f8ed9bac7a5f8d7b68439c90f9db0afe.yaml
 ./poc/cve/CVE-2024-8397.yaml
 ./poc/cve/CVE-2024-8398-a53f57792e12705bd0beeb0752bb48c8.yaml
@@ -44549,6 +44556,7 @@
 ./poc/cve/CVE-2024-8861-7f19d6c6df275a879611d8e4c8bdab3a.yaml
 ./poc/cve/CVE-2024-8861.yaml
 ./poc/cve/CVE-2024-8870-3f393859fb4dbe11c34bee4e987a2a84.yaml
+./poc/cve/CVE-2024-8870.yaml
 ./poc/cve/CVE-2024-8872-af9dba20c77deb90e6dc21e6e1a04408.yaml
 ./poc/cve/CVE-2024-8872.yaml
 ./poc/cve/CVE-2024-8902-973a09e850f27d16cf400f1ff83278bd.yaml
@@ -44665,6 +44673,7 @@
 ./poc/cve/CVE-2024-9115-07ac47d03400519778a0be24bcd69ac7.yaml
 ./poc/cve/CVE-2024-9115.yaml
 ./poc/cve/CVE-2024-9116-88d043fe717b048d3fe8e54bed9128fe.yaml
+./poc/cve/CVE-2024-9116.yaml
 ./poc/cve/CVE-2024-9117-acfad5d521304a0a4745f09b7afbdfed.yaml
 ./poc/cve/CVE-2024-9117.yaml
 ./poc/cve/CVE-2024-9118-4d37054e1e6278b61b3d2964154e5d77.yaml
@@ -44853,17 +44862,22 @@
 ./poc/cve/CVE-2024-9452-31c0646fe6fd4340189c7a11a4726afa.yaml
 ./poc/cve/CVE-2024-9452.yaml
 ./poc/cve/CVE-2024-9454-980cdf931a417d706bab314e69bd623f.yaml
+./poc/cve/CVE-2024-9454.yaml
 ./poc/cve/CVE-2024-9455-a14edcb4af91ec88c5513b8bfa9f2d1c.yaml
 ./poc/cve/CVE-2024-9455.yaml
 ./poc/cve/CVE-2024-9456-b83c2c7ffe0e43b2ca905c6b5975fe4e.yaml
+./poc/cve/CVE-2024-9456.yaml
 ./poc/cve/CVE-2024-9457-72dd9bc9875b76de9e691aa9064bfa77.yaml
 ./poc/cve/CVE-2024-9457.yaml
 ./poc/cve/CVE-2024-9462-997ea01500055b7e00f4aeed22a63b86.yaml
+./poc/cve/CVE-2024-9462.yaml
 ./poc/cve/CVE-2024-9465.yaml
 ./poc/cve/CVE-2024-9475-d454aa0f8e831ad96768c0f42bd26d3a.yaml
+./poc/cve/CVE-2024-9475.yaml
 ./poc/cve/CVE-2024-9488-71bbc14254aeeb3532913cac8f75c128.yaml
 ./poc/cve/CVE-2024-9488.yaml
 ./poc/cve/CVE-2024-9501-75b9d56a40fe1396bb3b9ef1c7d11ff3.yaml
+./poc/cve/CVE-2024-9501.yaml
 ./poc/cve/CVE-2024-9507-698602582a898ef6e8ecf4cbadd940fc.yaml
 ./poc/cve/CVE-2024-9507.yaml
 ./poc/cve/CVE-2024-9518-feda24c489ca1e9c4a2da83d340cc3c2.yaml
@@ -44909,7 +44923,9 @@
 ./poc/cve/CVE-2024-9583-f06bea33a635ec4ee89945c82b347411.yaml
 ./poc/cve/CVE-2024-9583.yaml
 ./poc/cve/CVE-2024-9584-7d2cb9fd0ff4fce24c145e8b28898747.yaml
+./poc/cve/CVE-2024-9584.yaml
 ./poc/cve/CVE-2024-9585-e0563c3b6c2fb019adad95332763e2a3.yaml
+./poc/cve/CVE-2024-9585.yaml
 ./poc/cve/CVE-2024-9586-404a2b9f88295f375d192c2e8553e42b.yaml
 ./poc/cve/CVE-2024-9586-f509e3aaffd9c01e8512cf309a44c111.yaml
 ./poc/cve/CVE-2024-9586.yaml
@@ -44940,10 +44956,12 @@
 ./poc/cve/CVE-2024-9611-e3d072056298fd4e81d4dfecee6ae07e.yaml
 ./poc/cve/CVE-2024-9611.yaml
 ./poc/cve/CVE-2024-9613-749d376baf8bd777cc22e9c75fddf8e1.yaml
+./poc/cve/CVE-2024-9613.yaml
 ./poc/cve/CVE-2024-9616-74cbb74314a998222d17f0108bdd1b47.yaml
 ./poc/cve/CVE-2024-9616.yaml
 ./poc/cve/CVE-2024-9617.yaml
 ./poc/cve/CVE-2024-9626-af1c539630d4722fdfbc41cbfd653dc2.yaml
+./poc/cve/CVE-2024-9626.yaml
 ./poc/cve/CVE-2024-9627-609d2082cbf88b0e9c345dfb753e9c47.yaml
 ./poc/cve/CVE-2024-9627.yaml
 ./poc/cve/CVE-2024-9628-3d855d9a00666119c6c4dc4121ccafb1.yaml
@@ -44953,7 +44971,9 @@
 ./poc/cve/CVE-2024-9634-d865b6fc0ac9d8d7dca8d3f6df89b5a1.yaml
 ./poc/cve/CVE-2024-9634.yaml
 ./poc/cve/CVE-2024-9637-ed8f677ba17c0237622212bbd0010ac9.yaml
+./poc/cve/CVE-2024-9637.yaml
 ./poc/cve/CVE-2024-9642-1ae87b0821db46b44dcefe11197d31b9.yaml
+./poc/cve/CVE-2024-9642.yaml
 ./poc/cve/CVE-2024-9647-7e123a97b0971ee91cbec517bbcda15d.yaml
 ./poc/cve/CVE-2024-9647.yaml
 ./poc/cve/CVE-2024-9649-29e8bedb3d9bfa693dc072c3086eb367.yaml
@@ -44987,6 +45007,7 @@
 ./poc/cve/CVE-2024-9756-64a408f630e792f3ff717cc9822672de.yaml
 ./poc/cve/CVE-2024-9756.yaml
 ./poc/cve/CVE-2024-9772-5094698925e989ea36420156bd740e26.yaml
+./poc/cve/CVE-2024-9772.yaml
 ./poc/cve/CVE-2024-9776-b87b3db31f1eda93892f1d85c0aa0846.yaml
 ./poc/cve/CVE-2024-9776.yaml
 ./poc/cve/CVE-2024-9778-f12d8ad8d5a8b1346844c8509cb8d77c.yaml
@@ -45008,6 +45029,7 @@
 ./poc/cve/CVE-2024-9848-ac1bebcc37e467cdd99a1009c53e8491.yaml
 ./poc/cve/CVE-2024-9848.yaml
 ./poc/cve/CVE-2024-9853-27aa4fef5686ec88f8690928d6ccf437.yaml
+./poc/cve/CVE-2024-9853.yaml
 ./poc/cve/CVE-2024-9860-b04ee97e5d460a289f93568831e0cf5e.yaml
 ./poc/cve/CVE-2024-9860.yaml
 ./poc/cve/CVE-2024-9861-cfe0d10a7099e61a765c45a5117c1825.yaml
@@ -45027,6 +45049,7 @@
 ./poc/cve/CVE-2024-9889-f1c27f9a559d74f1dde6c33ab83ad87d.yaml
 ./poc/cve/CVE-2024-9889.yaml
 ./poc/cve/CVE-2024-9890-f52fa2cdcccb4a891e802de699a879b0.yaml
+./poc/cve/CVE-2024-9890.yaml
 ./poc/cve/CVE-2024-9891-2ab1858bc0a4346f292143b3e3d4717f.yaml
 ./poc/cve/CVE-2024-9891.yaml
 ./poc/cve/CVE-2024-9892-b0879d1e1000451889fc889db7f6e49b.yaml
@@ -45043,9 +45066,13 @@
 ./poc/cve/CVE-2024-9927-4042f4103ac06d0689368d6a3984a106.yaml
 ./poc/cve/CVE-2024-9927.yaml
 ./poc/cve/CVE-2024-9930-807d4f623d84b600ff1b114d224d59bc.yaml
+./poc/cve/CVE-2024-9930.yaml
 ./poc/cve/CVE-2024-9931-8ce28bba21197933e0ab450a2480bf89.yaml
+./poc/cve/CVE-2024-9931.yaml
 ./poc/cve/CVE-2024-9932-7558b83919bdb2cc193ccec87ae1cb78.yaml
+./poc/cve/CVE-2024-9932.yaml
 ./poc/cve/CVE-2024-9933-e1ec60c544c2e28af5a94072e33b5a84.yaml
+./poc/cve/CVE-2024-9933.yaml
 ./poc/cve/CVE-2024-9937-9915217ba7d6f29cd232016898fb9998.yaml
 ./poc/cve/CVE-2024-9937.yaml
 ./poc/cve/CVE-2024-9940-7282ba1c7231feca51bd0ab70c139261.yaml
@@ -45059,6 +45086,7 @@
 ./poc/cve/CVE-2024-9951-be046d8362f1832edd91856d0526cdb7.yaml
 ./poc/cve/CVE-2024-9951.yaml
 ./poc/cve/CVE-2024-9967-588327a449d255859025a57006363402.yaml
+./poc/cve/CVE-2024-9967.yaml
 ./poc/cve/CVE202127562-220331-222408.yaml
 ./poc/cve/CVE_2023_49442.yaml
 ./poc/cve/CVE_2023_51467.yaml
@@ -86421,6 +86449,7 @@
 ./poc/other/editable-table-3567eaf7c77e82215d146cc8a3d945cc.yaml
 ./poc/other/editable-table.yaml
 ./poc/other/editor-custom-color-palette-af7d5a272df8fc33ce4739259a4dfac7.yaml
+./poc/other/editor-custom-color-palette.yaml
 ./poc/other/editorial-calendar-6590a2c32c8097bb35048af41a913c40.yaml
 ./poc/other/editorial-calendar-ba32b1a3f3cbfbb6dc697395c0e610b4.yaml
 ./poc/other/editorial-calendar.yaml
@@ -91328,6 +91357,7 @@
 ./poc/other/idpay-contact-form-7-e3b0819e93c2e92645175f698a388c69.yaml
 ./poc/other/idpay-contact-form-7.yaml
 ./poc/other/ids-skills-installer.yaml
+./poc/other/idsk-toolkit.yaml
 ./poc/other/idx-broker-platinum-2e1c5afdc34843f1ec1c79c758c88037.yaml
 ./poc/other/idx-broker-platinum-50e65a3f99c52bbfe6b12b49e219925c.yaml
 ./poc/other/idx-broker-platinum-68ca13759a1c8be412922f1ad880366b.yaml
@@ -99376,6 +99406,7 @@
 ./poc/other/printfriendly.yaml
 ./poc/other/printmonitor.yaml
 ./poc/other/pripre-de1173e8e2676ffb603d3398584dc401.yaml
+./poc/other/pripre.yaml
 ./poc/other/prismatic-1401893d8af5a9859c30c849b9b087ae.yaml
 ./poc/other/prismatic-578b6dd52597b66b80dd55b835f4359c.yaml
 ./poc/other/prismatic.yaml
@@ -101645,6 +101676,7 @@
 ./poc/other/sb-child-list-0b2143dfb86dd824a1b7aed5ba06f945.yaml
 ./poc/other/sb-child-list.yaml
 ./poc/other/sb-core-944486dd668c02219630fc7d4d551137.yaml
+./poc/other/sb-core.yaml
 ./poc/other/sb-random-posts-widget-f10e2da5d4a8325de799114542f5e5f6.yaml
 ./poc/other/sb-random-posts-widget.yaml
 ./poc/other/scalable-vector-graphics-svg-7ebcc23c4b2581aa9b5947fe9c79480d.yaml
@@ -103631,6 +103663,7 @@
 ./poc/other/sofurry.yaml
 ./poc/other/sogo-version.yaml
 ./poc/other/sogrid-0b049dac8f0c9e9b3cd81bb2929809ec.yaml
+./poc/other/sogrid.yaml
 ./poc/other/soisy-pagamento-rateale-c5d4d639573497519eabfcc5f40c1297.yaml
 ./poc/other/soisy-pagamento-rateale.yaml
 ./poc/other/sola-newsletters.yaml
@@ -106401,6 +106434,7 @@
 ./poc/other/uipress-lite-e0e0443bec6c88230f3c6ee8ebdaf776.yaml
 ./poc/other/uipress-lite.yaml
 ./poc/other/uix-shortcodes-65bdf7e6505fe2c12ab9379bb04386eb.yaml
+./poc/other/uix-shortcodes.yaml
 ./poc/other/uji-countdown-8094a6f63777b04f50660b48e680df7e.yaml
 ./poc/other/uji-countdown-b7a28bd9935470a097a7e4bc0ef269bc.yaml
 ./poc/other/uji-countdown.yaml
@@ -107314,6 +107348,7 @@
 ./poc/other/user-submitted-posts-e02d5bdc2e68f48af958dac86b69126a.yaml
 ./poc/other/user-submitted-posts.yaml
 ./poc/other/user-toolkit-4e7e7d46054984e8623f88f5adcf1021.yaml
+./poc/other/user-toolkit.yaml
 ./poc/other/user-verification-c06b6d972d8765c6d992ac0f07d4113e.yaml
 ./poc/other/user-verification.yaml
 ./poc/other/useragent-spy-6e06788734ccaf9ae4a7ff5001884f5b.yaml
@@ -109589,6 +109624,7 @@
 ./poc/other/wupo-group-attributes.yaml
 ./poc/other/wux-blog-editor-6074a4d7ccaf34f601cee0145c1e4e2d.yaml
 ./poc/other/wux-blog-editor-87c202cd8ff3d08c0af831dac6c1d0dd.yaml
+./poc/other/wux-blog-editor.yaml
 ./poc/other/wwc-amz-aff-2a64bd473f3bd2ef97a83b82c11806b0.yaml
 ./poc/other/wwc-amz-aff-9f4e0bf30f472f45589133e5fa544116.yaml
 ./poc/other/wwc-amz-aff-d41d8cd98f00b204e9800998ecf8427e.yaml
@@ -110124,6 +110160,7 @@
 ./poc/other/zelist-directory-plugin.yaml
 ./poc/other/zelist-directory.yaml
 ./poc/other/zemanta-d186fbe6649a61d813626a610478c788.yaml
+./poc/other/zemanta.yaml
 ./poc/other/zen-mobile-app-native-3dc86c7ba63a760d3be76da4bba9af01.yaml
 ./poc/other/zen-mobile-app-native.yaml
 ./poc/other/zen_cart-shopping.yaml
@@ -129339,6 +129376,7 @@
 ./poc/wordpress/miniorange-wp-as-saml-idp-a5372fd416884c51d3c321547a9d9d91.yaml
 ./poc/wordpress/miniorange-wp-as-saml-idp.yaml
 ./poc/wordpress/monkee-boy-wp-essentials-a4f637c48f8a66fc48a486d6a7ee8698.yaml
+./poc/wordpress/monkee-boy-wp-essentials.yaml
 ./poc/wordpress/monsters-editor-10-for-wp-super-edit-39fdcfda5eb1be9c6763a06c61167b24.yaml
 ./poc/wordpress/monsters-editor-10-for-wp-super-edit-973edbc42b401e04f2817347dbb88982.yaml
 ./poc/wordpress/monsters-editor-10-for-wp-super-edit-d41d8cd98f00b204e9800998ecf8427e.yaml
@@ -131078,6 +131116,7 @@
 ./poc/wordpress/wp-awesome-faq-plugin.yaml
 ./poc/wordpress/wp-awesome-faq.yaml
 ./poc/wordpress/wp-awesome-login-bff57ffdf8ed44b0944be0d854802a8a.yaml
+./poc/wordpress/wp-awesome-login.yaml
 ./poc/wordpress/wp-back-button-288fc732de1cf63fb58e554a04b1bb48.yaml
 ./poc/wordpress/wp-back-button.yaml
 ./poc/wordpress/wp-backgrounds-lite-2cfe38875f8efd3658b5f1a40330fb6c.yaml
@@ -134179,6 +134218,7 @@
 ./poc/wordpress/wp-shoutbox-live-chat-726b81e1c4853df361109117c705944a.yaml
 ./poc/wordpress/wp-shoutbox-live-chat.yaml
 ./poc/wordpress/wp-show-more-9d16a961e2a83091c699d93ef2a296d0.yaml
+./poc/wordpress/wp-show-more.yaml
 ./poc/wordpress/wp-show-posts-5ec43a10a5f6211935644f8e4e7b0015.yaml
 ./poc/wordpress/wp-show-posts-bb35c711645681b86e7a8ed2c6d61401.yaml
 ./poc/wordpress/wp-show-posts-f4b4711a5e8af1a1c5b11fad4caf6494.yaml

poc/auth/wp-awesome-login.yaml

@@ -0,0 +1,59 @@
+id: wp-awesome-login
+
+info:
+  name: >
+    WP Awesome Login <= 0.4.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
+  author: topscoder
+  severity: low
+  description: >
+    
+  reference:
+    - https://github.com/topscoder/nuclei-wordfence-cve
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/0841127c-fe81-47b1-964f-15e006f618af?source=api-scan
+  classification:
+    cvss-metrics: 
+    cvss-score: 
+    cve-id: 
+  metadata:
+    fofa-query: "wp-content/plugins/wp-awesome-login/"
+    google-query: inurl:"/wp-content/plugins/wp-awesome-login/"
+    shodan-query: 'vuln:'
+  tags: cve,wordpress,wp-plugin,wp-awesome-login,low
+
+http:
+  - method: GET
+    redirects: true
+    max-redirects: 3
+    path:
+      - "{{BaseURL}}/wp-content/plugins/wp-awesome-login/readme.txt"
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        internal: true
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "wp-awesome-login"
+        part: body
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '<= 0.4.0')

poc/cve/CVE-2024-10091.yaml

@@ -0,0 +1,59 @@
+id: CVE-2024-10091
+
+info:
+  name: >
+    ElementsKit Elementor addons <= 3.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison Widget
+  author: topscoder
+  severity: low
+  description: >
+    The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Comparison Widget in all versions up to, and including, 3.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+  reference:
+    - https://github.com/topscoder/nuclei-wordfence-cve
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/00b278af-6ce6-4e70-a83a-a1b035542cd4?source=api-prod
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 6.4
+    cve-id: CVE-2024-10091
+  metadata:
+    fofa-query: "wp-content/plugins/elementskit-lite/"
+    google-query: inurl:"/wp-content/plugins/elementskit-lite/"
+    shodan-query: 'vuln:CVE-2024-10091'
+  tags: cve,wordpress,wp-plugin,elementskit-lite,low
+
+http:
+  - method: GET
+    redirects: true
+    max-redirects: 3
+    path:
+      - "{{BaseURL}}/wp-content/plugins/elementskit-lite/readme.txt"
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        internal: true
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "elementskit-lite"
+        part: body
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '<= 3.2.9')