generated content from 2025-01-14

CVELab · Jan 14, 2025 · 7cc1ef5 · 7cc1ef5
1 parent 8064a0b
commit 7cc1ef5
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/mapping.csv b/mapping.csv
@@ -263247,3 +263247,4 @@ vulnerability,CVE-2024-56841,vulnerability--3e2cf671-8ab9-413f-ae31-2bbcd23026c9
 vulnerability,CVE-2024-53649,vulnerability--38767296-c5c3-4dcf-b867-ec29b5f8f892
 vulnerability,CVE-2024-47100,vulnerability--129a1005-103e-4b06-b4f7-dafcd23d94f8
 vulnerability,CVE-2024-45385,vulnerability--95caa5e7-b0df-47ff-8288-4e815412dd61
+vulnerability,CVE-2024-12240,vulnerability--ff38791c-8dd8-44f0-9eb6-9ccd4e6faeb3
diff --git a/objects/vulnerability/vulnerability--ff38791c-8dd8-44f0-9eb6-9ccd4e6faeb3.json b/objects/vulnerability/vulnerability--ff38791c-8dd8-44f0-9eb6-9ccd4e6faeb3.json
@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--638ff526-89b4-4ed7-bd05-fc8f7e903842",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--ff38791c-8dd8-44f0-9eb6-9ccd4e6faeb3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-14T12:36:54.035447Z",
+            "modified": "2025-01-14T12:36:54.035447Z",
+            "name": "CVE-2024-12240",
+            "description": "The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the row label parameter in all versions up to, and including, 2.31.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-12240"
+                }
+            ]
+        }
+    ]
+}