generated content from 2025-01-14

mapping.csv

@@ -263229,3 +263229,4 @@ vulnerability,CVE-2025-23038,vulnerability--8f4225c7-9dfc-4838-af68-7b115d9c0a6e
 vulnerability,CVE-2025-23035,vulnerability--fdeaa3af-8af4-471b-8908-4412372350b9
 vulnerability,CVE-2024-12398,vulnerability--72547bd8-36c6-4d7a-b0e5-6e8858c6f038
 vulnerability,CVE-2025-23082,vulnerability--b24a9fb0-1d63-417d-9245-620bb5c865c6
+vulnerability,CVE-2024-13348,vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec

objects/vulnerability/vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--f3b38b52-4cb0-4a4f-a605-b25ce6a6239b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-14T04:22:27.430896Z",
+            "modified": "2025-01-14T04:22:27.430896Z",
+            "name": "CVE-2024-13348",
+            "description": "The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. This is due to missing or incorrect nonce validation on the smartagenda_options_page_html() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13348"
+                }
+            ]
+        }
+    ]
+}