updates 2024-12-02

Signed-off-by: Weston Steimel <[email protected]>

data/anchore/2024/CVE-2024-0837.json

@@ -20,6 +20,7 @@
         "packageName": "bdthemes-element-pack-lite",
         "packageType": "wordpress-plugin",
         "product": "Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)",
+        "repo": "https://plugins.svn.wordpress.org/bdthemes-element-pack-lite",
         "vendor": "bdthemes",
         "versions": [
           {

data/anchore/2024/CVE-2024-10310.json

@@ -20,6 +20,7 @@
         "packageName": "bdthemes-element-pack-lite",
         "packageType": "wordpress-plugin",
         "product": "Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)",
+        "repo": "https://plugins.svn.wordpress.org/bdthemes-element-pack-lite",
         "vendor": "bdthemes",
         "versions": [
           {

data/anchore/2024/CVE-2024-10473.json

@@ -0,0 +1,38 @@
+{
+  "additionalMetadata": {
+    "cna": "wpscan",
+    "cveId": "CVE-2024-10473",
+    "description": "The Logo Slider  WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo Settings when outputing them in pages where the Logo Slider shortcode is embed, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://wpscan.com/vulnerability/7512cbdf-cf27-4a1f-bac8-9fcb14bf463e/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:logichunt:logo_slider:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "logo-slider-wp",
+        "packageType": "wordpress-plugin",
+        "product": "Logo Slider",
+        "repo": "https://plugins.svn.wordpress.org/logo-slider-wp",
+        "vendor": "logichunt",
+        "versions": [
+          {
+            "lessThan": "4.5.0",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-10493.json

@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "wpscan",
+    "cveId": "CVE-2024-10493",
+    "description": "The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) WordPress plugin before 5.10.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://wpscan.com/vulnerability/2e7f7196-054b-4cfd-9219-c60bb8275e8d/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:bdthemes:element_pack_elementor_addons:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "bdthemes-element-pack-lite",
+        "packageType": "wordpress-plugin",
+        "product": "Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows)",
+        "versions": [
+          {
+            "lessThan": "5.10.3",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-10670.json

@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "wordfence",
+    "cveId": "CVE-2024-10670",
+    "description": "The Primary Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.6.2 via the [prim_elementor_template] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created with Elementor that they should not have access to.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3197298%40primary-addon-for-elementor&new=3197298%40primary-addon-for-elementor&sfp_email=&sfph_mail=",
+      "https://www.wordfence.com/threat-intel/vulnerabilities/id/636bd8ce-4737-4117-9581-42c7dcb3ad22?source=cve"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:nicheaddons:primary-addon-for-elementor:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "primary-addon-for-elementor",
+        "packageType": "wordpress-plugin",
+        "product": "Primary Addon for Elementor",
+        "repo": "https://plugins.svn.wordpress.org/primary-addon-for-elementor",
+        "vendor": "nicheaddons",
+        "versions": [
+          {
+            "lessThan": "1.6.3",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-10704.json

@@ -0,0 +1,37 @@
+{
+  "additionalMetadata": {
+    "cna": "wpscan",
+    "cveId": "CVE-2024-10704",
+    "description": "The Photo Gallery by 10Web  WordPress plugin before 1.8.31 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://wpscan.com/vulnerability/6c115117-11c0-4c9e-9988-8547c9364c01/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "photo-gallery",
+        "packageType": "wordpress-plugin",
+        "product": "Photo Gallery by 10Web",
+        "repo": "https://plugins.svn.wordpress.org/photo-gallery",
+        "versions": [
+          {
+            "lessThan": "1.8.31",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-10780.json

@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "wordfence",
+    "cveId": "CVE-2024-10780",
+    "description": "The Restaurant & Cafe Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.9 via the 'narestaurant_elementor_template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3197286%40restaurant-cafe-addon-for-elementor&new=3197286%40restaurant-cafe-addon-for-elementor&sfp_email=&sfph_mail=",
+      "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8c29cbd-6c39-4a54-a2a2-bc4c8feeeb70?source=cve"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:nicheaddons:restaurant_\\&_cafe_addon_for_elementor:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "restaurant-cafe-addon-for-elementor",
+        "packageType": "wordpress-plugin",
+        "product": "Restaurant & Cafe Addon for Elementor",
+        "repo": "https://plugins.svn.wordpress.org/restaurant-cafe-addon-for-elementor",
+        "vendor": "nicheaddons",
+        "versions": [
+          {
+            "lessThan": "1.6.0",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-10798.json

@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "wordfence",
+    "cveId": "CVE-2024-10798",
+    "description": "The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created via Elementor that they should not have access to.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://plugins.trac.wordpress.org/changeset/3195352/royal-elementor-addons/tags/1.7.1004/admin/includes/wpr-templates-shortcode.php?old=3193132&old_path=royal-elementor-addons%2Ftags%2F1.7.1003%2Fadmin%2Fincludes%2Fwpr-templates-shortcode.php",
+      "https://www.wordfence.com/threat-intel/vulnerabilities/id/4a7ef5a0-f6c8-41e1-bb3b-119a682be69f?source=cve"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "royal-elementor-addons",
+        "packageType": "wordpress-plugin",
+        "product": "Royal Elementor Addons and Templates",
+        "repo": "https://plugins.svn.wordpress.org/royal-elementor-addons",
+        "vendor": "wproyal",
+        "versions": [
+          {
+            "lessThan": "1.7.1004",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-10896.json

@@ -0,0 +1,38 @@
+{
+  "additionalMetadata": {
+    "cna": "wpscan",
+    "cveId": "CVE-2024-10896",
+    "description": "The Logo Slider  WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://wpscan.com/vulnerability/1304c2b6-922d-455e-bae8-d6bf855eddd9/"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:logichunt:logo_slider:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "logo-slider-wp",
+        "packageType": "wordpress-plugin",
+        "product": "Logo Slider",
+        "repo": "https://plugins.svn.wordpress.org/logo-slider-wp",
+        "vendor": "logichunt",
+        "versions": [
+          {
+            "lessThan": "4.5.0",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-11082.json

@@ -0,0 +1,41 @@
+{
+  "additionalMetadata": {
+    "cna": "wordfence",
+    "cveId": "CVE-2024-11082",
+    "description": "The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimations_panel() function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/tumult/hype-wordpress-plugin/commit/1702d3d4fd0fae9cb9fc40cdfc3dfb8584d5f04c",
+      "https://plugins.trac.wordpress.org/browser/tumult-hype-animations/trunk/includes/adminpanel.php#L277",
+      "https://plugins.trac.wordpress.org/changeset/3197761/",
+      "https://wordpress.org/plugins/tumult-hype-animations/#developers",
+      "https://www.wordfence.com/threat-intel/vulnerabilities/id/be3a0b4b-cce5-4d78-99d5-697f2cf04427?source=cve"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:tumult:tumult_hype_animations:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "tumult-hype-animations",
+        "packageType": "wordpress-plugin",
+        "product": "Tumult Hype Animations",
+        "vendor": "tumultinc",
+        "versions": [
+          {
+            "lessThan": "1.9.16",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}

data/anchore/2024/CVE-2024-11103.json

@@ -0,0 +1,41 @@
+{
+  "additionalMetadata": {
+    "cna": "wordfence",
+    "cveId": "CVE-2024-11103",
+    "description": "The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://plugins.trac.wordpress.org/browser/contest-gallery/trunk/v10/v10-admin/users/frontend/login/ajax/users-login-check-ajax-lost-password.php#L31",
+      "https://plugins.trac.wordpress.org/browser/contest-gallery/trunk/v10/v10-admin/users/frontend/login/ajax/users-login-check-ajax-password-reset.php#L88",
+      "https://plugins.trac.wordpress.org/changeset/3196011/contest-gallery/tags/24.0.8/v10/v10-admin/users/frontend/login/ajax/users-login-check-ajax-lost-password.php?old=3190068&old_path=contest-gallery%2Ftags%2F24.0.7%2Fv10%2Fv10-admin%2Fusers%2Ffrontend%2Flogin%2Fajax%2Fusers-login-check-ajax-lost-password.php",
+      "https://www.wordfence.com/threat-intel/vulnerabilities/id/0df7f413-2631-46d9-8c0b-d66f05a02c01?source=cve"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:contest-gallery:contest_gallery:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "contest-gallery",
+        "packageType": "wordpress-plugin",
+        "product": "Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons",
+        "repo": "https://plugins.svn.wordpress.org/contest-gallery",
+        "vendor": "contest-gallery",
+        "versions": [
+          {
+            "lessThan": "24.0.8",
+            "status": "affected",
+            "version": "0",
+            "versionType": "semver"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}