diff --git a/mapping.csv b/mapping.csv index c370994aae..c7343d5271 100644 --- a/mapping.csv +++ b/mapping.csv @@ -263229,3 +263229,4 @@ vulnerability,CVE-2025-23038,vulnerability--8f4225c7-9dfc-4838-af68-7b115d9c0a6e vulnerability,CVE-2025-23035,vulnerability--fdeaa3af-8af4-471b-8908-4412372350b9 vulnerability,CVE-2024-12398,vulnerability--72547bd8-36c6-4d7a-b0e5-6e8858c6f038 vulnerability,CVE-2025-23082,vulnerability--b24a9fb0-1d63-417d-9245-620bb5c865c6 +vulnerability,CVE-2024-13348,vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec diff --git a/objects/vulnerability/vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec.json b/objects/vulnerability/vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec.json new file mode 100644 index 0000000000..ecbc3c6191 --- /dev/null +++ b/objects/vulnerability/vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f3b38b52-4cb0-4a4f-a605-b25ce6a6239b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ade2045c-b2fa-422d-a66d-0d153a2b88ec", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2025-01-14T04:22:27.430896Z", + "modified": "2025-01-14T04:22:27.430896Z", + "name": "CVE-2024-13348", + "description": "The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. This is due to missing or incorrect nonce validation on the smartagenda_options_page_html() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2024-13348" + } + ] + } + ] +} \ No newline at end of file