From 0899972a7c3db7cc5543c20fcf1c1aef1388e6d8 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 13 Mar 2023 17:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/4xxx/CVE-2022-4042.json | 7 +-- 2022/4xxx/CVE-2022-4330.json | 7 +-- 2022/4xxx/CVE-2022-4466.json | 72 +++++++++++++++++++++++++++--- 2022/4xxx/CVE-2022-4652.json | 72 +++++++++++++++++++++++++++--- 2022/4xxx/CVE-2022-4661.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0037.json | 81 +++++++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0066.json | 81 +++++++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0073.json | 81 +++++++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0172.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0219.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0477.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0538.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0749.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0772.json | 72 +++++++++++++++++++++++++++--- 2023/0xxx/CVE-2023-0844.json | 72 +++++++++++++++++++++++++++--- 2023/25xxx/CVE-2023-25170.json | 76 +++++++++++++++++++++++++++++-- 16 files changed, 978 insertions(+), 75 deletions(-) diff --git a/2022/4xxx/CVE-2022-4042.json b/2022/4xxx/CVE-2022-4042.json index ca97a489d5e..89d6b5d51e0 100644 --- a/2022/4xxx/CVE-2022-4042.json +++ b/2022/4xxx/CVE-2022-4042.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The Paytium: Mollie payment forms & donations WordPress plugin through 4.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + "value": "The Paytium: Mollie payment forms & donations WordPress plugin before 4.3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] }, @@ -39,8 +39,9 @@ "version": { "version_data": [ { - "version_value": "0", - "version_affected": "=" + "version_affected": "<", + "version_name": "0", + "version_value": "4.3.7" } ] } diff --git a/2022/4xxx/CVE-2022-4330.json b/2022/4xxx/CVE-2022-4330.json index 490afe4a9b0..956a29b275d 100644 --- a/2022/4xxx/CVE-2022-4330.json +++ b/2022/4xxx/CVE-2022-4330.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + "value": "The WP Attachments WordPress plugin before 5.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] }, @@ -39,8 +39,9 @@ "version": { "version_data": [ { - "version_value": "0", - "version_affected": "=" + "version_affected": "<", + "version_name": "0", + "version_value": "5.0.6" } ] } diff --git a/2022/4xxx/CVE-2022-4466.json b/2022/4xxx/CVE-2022-4466.json index 2cebd09cefe..b1098631ef5 100644 --- a/2022/4xxx/CVE-2022-4466.json +++ b/2022/4xxx/CVE-2022-4466.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-4466", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WordPress Infinite Scroll WordPress plugin before 5.6.0.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WordPress Infinite Scroll", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "5.6.0.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/497d0bf9-b750-4293-9662-1722a74442e2", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/497d0bf9-b750-4293-9662-1722a74442e2" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2022/4xxx/CVE-2022-4652.json b/2022/4xxx/CVE-2022-4652.json index f332a021a57..b27b8ba5872 100644 --- a/2022/4xxx/CVE-2022-4652.json +++ b/2022/4xxx/CVE-2022-4652.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-4652", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Video Background WordPress plugin before 2.7.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Video Background", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.7.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/ebf3df99-6939-4ae9-ad55-004f33c1cfbc", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/ebf3df99-6939-4ae9-ad55-004f33c1cfbc" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2022/4xxx/CVE-2022-4661.json b/2022/4xxx/CVE-2022-4661.json index e086a42a498..f514b132e76 100644 --- a/2022/4xxx/CVE-2022-4661.json +++ b/2022/4xxx/CVE-2022-4661.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-4661", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Widgets for WooCommerce Products on Elementor", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "1.0.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/b95956c9-40e5-47aa-86f6-e2da61b3c19f", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/b95956c9-40e5-47aa-86f6-e2da61b3c19f" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0037.json b/2023/0xxx/CVE-2023-0037.json index 56043078bc7..cdf55b1b0fd 100644 --- a/2023/0xxx/CVE-2023-0037.json +++ b/2023/0xxx/CVE-2023-0037.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0037", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "10Web Map Builder for Google Maps", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "1.0.73" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/33ab1fe2-6611-4f43-91ba-52c56f02ed56", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/33ab1fe2-6611-4f43-91ba-52c56f02ed56" + }, + { + "url": "https://bulletin.iese.de/post/wd-google-maps_1-0-72_1", + "refsource": "MISC", + "name": "https://bulletin.iese.de/post/wd-google-maps_1-0-72_1" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Daniel Krohmer (Fraunhofer IESE)" + }, + { + "lang": "en", + "value": "Kunal Sharma (University of Kaiserslautern)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0066.json b/2023/0xxx/CVE-2023-0066.json index f8c49da3732..8dbd514ca59 100644 --- a/2023/0xxx/CVE-2023-0066.json +++ b/2023/0xxx/CVE-2023-0066.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0066", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Companion Sitemap Generator WordPress plugin through 4.5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Companion Sitemap Generator", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "4.5.1.1" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/545c9e2f-bacd-4f30-ae01-de1583e26d32", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/545c9e2f-bacd-4f30-ae01-de1583e26d32" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0073.json b/2023/0xxx/CVE-2023-0073.json index 87b0e2df896..1cd9bc3e24a 100644 --- a/2023/0xxx/CVE-2023-0073.json +++ b/2023/0xxx/CVE-2023-0073.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0073", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Client Logo Carousel WordPress plugin through 3.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Client Logo Carousel", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "3.0.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/e5599968-a435-405a-8829-9840a2144987", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/e5599968-a435-405a-8829-9840a2144987" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0172.json b/2023/0xxx/CVE-2023-0172.json index c70e893f5bf..3c6f96b2965 100644 --- a/2023/0xxx/CVE-2023-0172.json +++ b/2023/0xxx/CVE-2023-0172.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0172", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Juicer WordPress plugin before 1.11 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Embed, curate & aggregate social media feeds into your website using JUICER", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "1.11" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/c8982b8d-985f-4a5d-840d-e8be7c3405bd", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/c8982b8d-985f-4a5d-840d-e8be7c3405bd" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0219.json b/2023/0xxx/CVE-2023-0219.json index c483bcbe33b..766f19bdd77 100644 --- a/2023/0xxx/CVE-2023-0219.json +++ b/2023/0xxx/CVE-2023-0219.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0219", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The FluentSMTP WordPress plugin before 2.2.3 does not sanitize or escape email content, making it vulnerable to stored cross-site scripting attacks (XSS) when an administrator views the email logs. This exploit requires other plugins to enable users to send emails with unfiltered HTML." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "FluentSMTP", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.2.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/71662b72-311c-42db-86c5-a0276d25535c", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/71662b72-311c-42db-86c5-a0276d25535c" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Vaibhav Rajput" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0477.json b/2023/0xxx/CVE-2023-0477.json index a1d33e98145..2bb103fa3b3 100644 --- a/2023/0xxx/CVE-2023-0477.json +++ b/2023/0xxx/CVE-2023-0477.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0477", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload of File with Dangerous Type" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Auto Featured Image (Auto Post Thumbnail)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.9.16" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/e5ef74a2-e04a-4a14-bd0e-d6910cd1c4b4", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/e5ef74a2-e04a-4a14-bd0e-d6910cd1c4b4" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "dc11" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0538.json b/2023/0xxx/CVE-2023-0538.json index c9df58f41ec..84dec85ee56 100644 --- a/2023/0xxx/CVE-2023-0538.json +++ b/2023/0xxx/CVE-2023-0538.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0538", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Campaign URL Builder WordPress plugin before 1.8.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Campaign URL Builder", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "1.8.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/4869fdc7-4fc7-4917-bc00-b6ced9ccc871", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/4869fdc7-4fc7-4917-bc00-b6ced9ccc871" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0749.json b/2023/0xxx/CVE-2023-0749.json index badff5742f9..20e9b7ffd31 100644 --- a/2023/0xxx/CVE-2023-0749.json +++ b/2023/0xxx/CVE-2023-0749.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0749", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Ocean Extra", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.1.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/9caa8d2e-383b-47d7-8d21-d2ed6b1664cb", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/9caa8d2e-383b-47d7-8d21-d2ed6b1664cb" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Erwan LR (WPScan)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0772.json b/2023/0xxx/CVE-2023-0772.json index 16fef9532f0..0f958e92170 100644 --- a/2023/0xxx/CVE-2023-0772.json +++ b/2023/0xxx/CVE-2023-0772.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0772", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Popup Builder by OptinMonster WordPress plugin before 2.12.2 does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or even password protected ones." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Popup Builder by OptinMonster", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.12.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/28754886-b7b4-44f7-9042-b81c542d3c9c", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/28754886-b7b4-44f7-9042-b81c542d3c9c" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Erwan LR (WPScan)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0844.json b/2023/0xxx/CVE-2023-0844.json index ec6a93cea16..9662714ab67 100644 --- a/2023/0xxx/CVE-2023-0844.json +++ b/2023/0xxx/CVE-2023-0844.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0844", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Namaste! LMS WordPress plugin before 2.6 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Namaste! LMS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/8d8e5852-3787-47f9-9931-8308bb81beb1", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/8d8e5852-3787-47f9-9931-8308bb81beb1" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Alex Sanford" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/25xxx/CVE-2023-25170.json b/2023/25xxx/CVE-2023-25170.json index 7b7ac0f129d..cf9a62d39c7 100644 --- a/2023/25xxx/CVE-2023-25170.json +++ b/2023/25xxx/CVE-2023-25170.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-25170", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). When authenticating users, PrestaShop preserves session attributes. Because this does not clear CSRF tokens upon login, this might enable same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. The problem is fixed in version 8.0.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352: Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PrestaShop", + "product": { + "product_data": [ + { + "product_name": "PrestaShop", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.7.0.0, < 8.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3g43-x7qr-96ph", + "refsource": "MISC", + "name": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-3g43-x7qr-96ph" + } + ] + }, + "source": { + "advisory": "GHSA-3g43-x7qr-96ph", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", + "version": "3.1" } ] }