Update Sun Jan 12 20:21:03 UTC 2025

trickest · Jan 12, 2025 · cc05860 · cc05860
1 parent bc5f623
commit cc05860
Show file tree

Hide file tree

Showing 53 changed files with 553 additions and 3 deletions.
diff --git a/2008/CVE-2008-4031.md b/2008/CVE-2008-4031.md
@@ -13,5 +13,5 @@ Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlo
 - https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-072
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/linataataa/Ml_chatbot
 
diff --git a/2016/CVE-2016-10033.md b/2016/CVE-2016-10033.md
@@ -64,6 +64,7 @@ The mailSend function in the isMail transport in PHPMailer before 5.2.18 might a
 - https://github.com/Mugdho55/Air_Ticket_Management_System
 - https://github.com/NCSU-DANCE-Research-Group/CDL
 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io
+- https://github.com/Niveditakm/homeRental
 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System
 - https://github.com/Preeti1502kashyap/loginpage
 - https://github.com/Rachna-2018/email

diff --git a/2016/CVE-2016-10045.md b/2016/CVE-2016-10045.md
@@ -37,6 +37,7 @@ The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to
 - https://github.com/Mona-Mishra/User-Registration-System
 - https://github.com/Mugdho55/Air_Ticket_Management_System
 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io
+- https://github.com/Niveditakm/homeRental
 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System
 - https://github.com/Preeti1502kashyap/loginpage
 - https://github.com/Rachna-2018/email

diff --git a/2016/CVE-2016-4074.md b/2016/CVE-2016-4074.md
@@ -10,7 +10,7 @@ The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/NixOS/nixpkgs/pull/18908
 
 #### Github
 - https://github.com/andir/nixos-issue-db-example

diff --git a/2017/CVE-2017-5223.md b/2017/CVE-2017-5223.md
@@ -31,6 +31,7 @@ An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method a
 - https://github.com/Mona-Mishra/User-Registration-System
 - https://github.com/Mugdho55/Air_Ticket_Management_System
 - https://github.com/NikhilReddyPuli/thenikhilreddy.github.io
+- https://github.com/Niveditakm/homeRental
 - https://github.com/PatelMisha/Online-Flight-Booking-Management-System
 - https://github.com/Preeti1502kashyap/loginpage
 - https://github.com/Rachna-2018/email

diff --git a/2018/CVE-2018-1459.md b/2018/CVE-2018-1459.md
@@ -13,5 +13,6 @@ IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.
 No PoCs from references.
 
 #### Github
+- https://github.com/Abacus-Group-RTO/pyExploitDb
 - https://github.com/GoVanguard/pyExploitDb
 
diff --git a/2018/CVE-2018-14592.md b/2018/CVE-2018-14592.md
@@ -14,5 +14,6 @@ The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article At
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/Abacus-Group-RTO/pyExploitDb
 - https://github.com/GoVanguard/pyExploitDb
 
diff --git a/2018/CVE-2018-15832.md b/2018/CVE-2018-15832.md
@@ -15,4 +15,5 @@ upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attac
 #### Github
 - https://github.com/0xT11/CVE-POC
 - https://github.com/JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0
+- https://github.com/JacksonKuo/ubisoft-uplay-desktop-client-63.0.5699.0
 
diff --git a/2018/CVE-2018-7935.md b/2018/CVE-2018-7935.md
@@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/0xT11/CVE-POC
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/lawrenceamer/CVE-2018-7935
+- https://github.com/zux0x3a/CVE-2018-7935
 
diff --git a/2019/CVE-2019-0836.md b/2019/CVE-2019-0836.md
@@ -40,4 +40,5 @@ An elevation of privilege vulnerability exists when Windows improperly handles c
 - https://github.com/rasta-mouse/Watson
 - https://github.com/rnbochsr/Relevant
 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-0841.md b/2019/CVE-2019-0841.md
@@ -81,4 +81,5 @@ An elevation of privilege vulnerability exists when Windows AppX Deployment Serv
 - https://github.com/txuswashere/Pentesting-Windows
 - https://github.com/weeka10/-hktalent-TOP
 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-1064.md b/2019/CVE-2019-1064.md
@@ -48,4 +48,5 @@ No PoCs from references.
 - https://github.com/rasta-mouse/Watson
 - https://github.com/rnbochsr/Relevant
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-1130.md b/2019/CVE-2019-1130.md
@@ -42,4 +42,5 @@ No PoCs from references.
 - https://github.com/rasta-mouse/Watson
 - https://github.com/rnbochsr/Relevant
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md
@@ -4269,6 +4269,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/jetskibruce/HollinsFTC
 - https://github.com/jev770/badmoodle-scan
 - https://github.com/jhadenfeldt/vue-uhf
+- https://github.com/jhcschool/robotics-2022
 - https://github.com/jhou-23/AdvancedFTCSoftware
 - https://github.com/jia-xie-jason/Settings.java
 - https://github.com/jingyi9/UltimateGoal-Parham_Baghbanbashi

diff --git a/2019/CVE-2019-1253.md b/2019/CVE-2019-1253.md
@@ -73,4 +73,5 @@ An elevation of privilege vulnerability exists when the Windows AppX Deployment
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-1315.md b/2019/CVE-2019-1315.md
@@ -48,4 +48,5 @@ No PoCs from references.
 - https://github.com/rnbochsr/Relevant
 - https://github.com/sailay1996/SpoolTrigger
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-1385.md b/2019/CVE-2019-1385.md
@@ -37,4 +37,5 @@ No PoCs from references.
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/rnbochsr/Relevant
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-1388.md b/2019/CVE-2019-1388.md
@@ -111,4 +111,5 @@ No PoCs from references.
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-1405.md b/2019/CVE-2019-1405.md
@@ -77,4 +77,5 @@ An elevation of privilege vulnerability exists when the Windows Universal Plug a
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2019/CVE-2019-3568.md b/2019/CVE-2019-3568.md
@@ -26,6 +26,7 @@ No PoCs from references.
 - https://github.com/EnableSecurity/awesome-rtc-hacking
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/actuator/Android-Security-Exploits-YouTube-Curriculum
 - https://github.com/alphaSeclab/sec-daily-2019
 - https://github.com/ashutoshshah1/Android-hacking-ultimate
 - https://github.com/becrevex/Kampai

diff --git a/2020/CVE-2020-0787.md b/2020/CVE-2020-0787.md
@@ -114,4 +114,5 @@ An elevation of privilege vulnerability exists when the Windows Background Intel
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
 - https://github.com/yisan1/hh
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2020/CVE-2020-0796.md b/2020/CVE-2020-0796.md
@@ -400,5 +400,6 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve
 - https://github.com/zathizh/cve-796-mit
 - https://github.com/zer0yu/Awesome-CobaltStrike
 - https://github.com/zhouzu/SMBGhost-Full-RCE
+- https://github.com/zux0x3a/0xsp-Mongoose
 - https://github.com/zzyss-marker/NetworkSecuritySelf-study
 
diff --git a/2020/CVE-2020-0797.md b/2020/CVE-2020-0797.md
@@ -30,4 +30,5 @@ No PoCs from references.
 - https://github.com/lawrenceamer/0xsp-Mongoose
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/soosmile/POC
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2020/CVE-2020-1472.md b/2020/CVE-2020-1472.md
@@ -416,4 +416,5 @@ An elevation of privilege vulnerability exists when an attacker establishes a vu
 - https://github.com/zha0/CVE-2020-1474
 - https://github.com/zha0/WeaponizeKali.sh
 - https://github.com/zizzs3228/PENTEST
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2021/CVE-2021-1675.md b/2021/CVE-2021-1675.md
@@ -345,4 +345,5 @@ Windows Print Spooler Remote Code Execution Vulnerability
 - https://github.com/zer0yu/Awesome-CobaltStrike
 - https://github.com/zeze-zeze/2021iThome
 - https://github.com/zha0/Microsoft-CVE-2021-1675
+- https://github.com/zux0x3a/0xsp-Mongoose
 
diff --git a/2021/CVE-2021-29669.md b/2021/CVE-2021-29669.md
@@ -0,0 +1,17 @@
+### [CVE-2021-29669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29669)
+![](https://img.shields.io/static/v1?label=Product&message=Jazz%20Foundation&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%206.0.6%2C%206.0.6.1%2C%207.0%2C%207.0.1%2C%207.0.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+IBM Jazz Foundation 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2021/CVE-2021-3449.md b/2021/CVE-2021-3449.md
@@ -43,6 +43,7 @@ An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation Clie
 - https://github.com/jntass/TASSL-1.1.1k
 - https://github.com/juwisnie/AZDevops-TrivyScan-Pipe
 - https://github.com/k0mi-tg/CVE-POC
+- https://github.com/lennysec/awesome-tls-hacks
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/riptl/cve-2021-3449

diff --git a/2023/CVE-2023-36243.md b/2023/CVE-2023-36243.md
@@ -13,5 +13,5 @@ FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metada
 - https://github.com/noirotm/flvmeta/issues/19
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/DiRaltvein/memory-corruption-examples
 
diff --git a/2023/CVE-2023-45681.md b/2023/CVE-2023-45681.md
@@ -0,0 +1,17 @@
+### [CVE-2023-45681](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45681)
+![](https://img.shields.io/static/v1?label=Product&message=stb&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%201.22%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-787%3A%20Out-of-bounds%20Write&color=brighgreen)
+
+### Description
+
+stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/DiRaltvein/memory-corruption-examples
+
diff --git a/2024/CVE-2024-11327.md b/2024/CVE-2024-11327.md
@@ -0,0 +1,18 @@
+### [CVE-2024-11327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11327)
+![](https://img.shields.io/static/v1?label=Product&message=ClickWhale%20%E2%80%93%20Link%20Manager%2C%20Link%20Shortener%20and%20Click%20Tracker%20for%20Affiliate%20Links%20%26%20Link%20Pages&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.4.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.4.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-11386.md b/2024/CVE-2024-11386.md
@@ -0,0 +1,18 @@
+### [CVE-2024-11386](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11386)
+![](https://img.shields.io/static/v1?label=Product&message=GatorMail%20SmartForms&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.1.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gatormailsmartform' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-11758.md b/2024/CVE-2024-11758.md
@@ -0,0 +1,18 @@
+### [CVE-2024-11758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11758)
+![](https://img.shields.io/static/v1?label=Product&message=WP%20SPID%20Italia&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.9%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-11874.md b/2024/CVE-2024-11874.md
@@ -0,0 +1,18 @@
+### [CVE-2024-11874](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11874)
+![](https://img.shields.io/static/v1?label=Product&message=Grid%20Accordion%20Lite&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.5.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'grid_accordion' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-11892.md b/2024/CVE-2024-11892.md
@@ -0,0 +1,18 @@
+### [CVE-2024-11892](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11892)
+![](https://img.shields.io/static/v1?label=Product&message=Accordion%20Slider%20Lite&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.5.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Accordion Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordion_slider' shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-11915.md b/2024/CVE-2024-11915.md
@@ -0,0 +1,18 @@
+### [CVE-2024-11915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11915)
+![](https://img.shields.io/static/v1?label=Product&message=RRAddons%20for%20Elementor&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.1.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+The RRAddons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.0 via the Popup block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-12116.md b/2024/CVE-2024-12116.md
@@ -0,0 +1,18 @@
+### [CVE-2024-12116](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12116)
+![](https://img.shields.io/static/v1?label=Product&message=Unlimited%20Theme%20Addon%20For%20Elementor%20and%20WooCommerce&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.2.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.1 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
diff --git a/2024/CVE-2024-12204.md b/2024/CVE-2024-12204.md
@@ -0,0 +1,18 @@
+### [CVE-2024-12204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12204)
+![](https://img.shields.io/static/v1?label=Product&message=Coupon%20X%3A%20Discount%20Pop%20Up%2C%20Promo%20Code%20Pop%20Ups%2C%20Announcement%20Pop%20Up%2C%20WooCommerce%20Popups&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.3.5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+
+### Description
+
+The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in the class-cx-rest.php file in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create 100% off coupons, delete posts, delete leads, and update coupon statuses.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+