Publish Advisories

GHSA-27hg-cw87-7chh GHSA-2x7q-pj35-9r45 GHSA-3wqh-cc4x-r6p5 GHSA-558m-ww4x-25x6 GHSA-fq34-fqjv-qq54 GHSA-jvmq-2wfh-h2cw GHSA-mr6v-q2h8-q4p5
github · Jan 8, 2025 · bc67994 · bc67994
1 parent 637acbb
commit bc67994
Show file tree

Hide file tree

Showing 7 changed files with 284 additions and 0 deletions.
diff --git a/advisories/unreviewed/2025/01/GHSA-27hg-cw87-7chh/GHSA-27hg-cw87-7chh.json b/advisories/unreviewed/2025/01/GHSA-27hg-cw87-7chh/GHSA-27hg-cw87-7chh.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-27hg-cw87-7chh",
+  "modified": "2025-01-08T12:30:42Z",
+  "published": "2025-01-08T12:30:42Z",
+  "aliases": [
+    "CVE-2024-11423"
+  ],
+  "details": "The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, and Use Advance Coupons With Personalized Templates plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints such as /wp-json/gifting/recharge-giftcard in all versions up to, and including, 3.0.6. This makes it possible for unauthenticated attackers to recharge a gift card balance, without making a payment along with reducing gift card balances without purchasing anything.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11423"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3212554/woo-gift-cards-lite/trunk/includes/giftcard-redeem-api-addon.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3208474%40woo-gift-cards-lite&new=3208474%40woo-gift-cards-lite&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/836884b5-f547-4f50-8a97-5d910d877e5e?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T11:15:06Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-2x7q-pj35-9r45/GHSA-2x7q-pj35-9r45.json b/advisories/unreviewed/2025/01/GHSA-2x7q-pj35-9r45/GHSA-2x7q-pj35-9r45.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2x7q-pj35-9r45",
+  "modified": "2025-01-08T12:30:42Z",
+  "published": "2025-01-08T12:30:42Z",
+  "aliases": [
+    "CVE-2024-12337"
+  ],
+  "details": "The Shipping via Planzer for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘processed-ids’ parameter in all versions up to, and including, 1.0.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12337"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3214785/wc-planzer-shipping"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e80ed130-8ad2-4fb0-a583-02fc675804d6?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T11:15:06Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-3wqh-cc4x-r6p5/GHSA-3wqh-cc4x-r6p5.json b/advisories/unreviewed/2025/01/GHSA-3wqh-cc4x-r6p5/GHSA-3wqh-cc4x-r6p5.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3wqh-cc4x-r6p5",
+  "modified": "2025-01-08T12:30:42Z",
+  "published": "2025-01-08T12:30:42Z",
+  "aliases": [
+    "CVE-2024-11830"
+  ],
+  "details": "The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11830"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3215546%403d-flipbook-dflip-lite&new=3215546%403d-flipbook-dflip-lite&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3218103%403d-flipbook-dflip-lite&new=3218103%403d-flipbook-dflip-lite&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88391d02-66d9-4c00-a519-17f92f64a17a?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T11:15:06Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-558m-ww4x-25x6/GHSA-558m-ww4x-25x6.json b/advisories/unreviewed/2025/01/GHSA-558m-ww4x-25x6/GHSA-558m-ww4x-25x6.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-558m-ww4x-25x6",
+  "modified": "2025-01-08T12:30:42Z",
+  "published": "2025-01-08T12:30:42Z",
+  "aliases": [
+    "CVE-2024-12853"
+  ],
+  "details": "The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 2.11.10. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12853"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3218127%40modula-best-grid-gallery&new=3218127%40modula-best-grid-gallery&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ef86b1f2-d5aa-4e83-a792-5fa35734b3d3?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-434"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T10:15:06Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-fq34-fqjv-qq54/GHSA-fq34-fqjv-qq54.json b/advisories/unreviewed/2025/01/GHSA-fq34-fqjv-qq54/GHSA-fq34-fqjv-qq54.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fq34-fqjv-qq54",
+  "modified": "2025-01-08T12:30:42Z",
+  "published": "2025-01-08T12:30:42Z",
+  "aliases": [
+    "CVE-2024-12854"
+  ],
+  "details": "The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12854"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3215986%40garden-gnome-package&new=3215986%40garden-gnome-package&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6bcfc8f1-e962-4ad7-8a9d-89ce5c9022b6?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-434"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T10:15:07Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-jvmq-2wfh-h2cw/GHSA-jvmq-2wfh-h2cw.json b/advisories/unreviewed/2025/01/GHSA-jvmq-2wfh-h2cw/GHSA-jvmq-2wfh-h2cw.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-jvmq-2wfh-h2cw",
+  "modified": "2025-01-08T12:30:42Z",
+  "published": "2025-01-08T12:30:42Z",
+  "aliases": [
+    "CVE-2025-21102"
+  ],
+  "details": "Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21102"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.dell.com/support/kbdoc/en-us/000269793/dsa-2025-027-security-update-for-dell-vxrail-for-multiple-vulnerabilities?ref=emcadvisory_000269793_High_null"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-256"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T12:15:22Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/01/GHSA-mr6v-q2h8-q4p5/GHSA-mr6v-q2h8-q4p5.json b/advisories/unreviewed/2025/01/GHSA-mr6v-q2h8-q4p5/GHSA-mr6v-q2h8-q4p5.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-mr6v-q2h8-q4p5",
+  "modified": "2025-01-08T12:30:41Z",
+  "published": "2025-01-08T12:30:41Z",
+  "aliases": [
+    "CVE-2024-12712"
+  ],
+  "details": "The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the webhook function in all versions up to, and including, 5.7.8. This makes it possible for unauthenticated attackers to modify order statuses.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12712"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3211285/wp-easycart/trunk/wpeasycart.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28a3f382-3801-4e98-9004-56c27a85f0a2?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-01-08T10:15:06Z"
+  }
+}