diff --git a/2022/47xxx/CVE-2022-47966.json b/2022/47xxx/CVE-2022-47966.json
index 1809845cb88..a8d592204c1 100644
--- a/2022/47xxx/CVE-2022-47966.json
+++ b/2022/47xxx/CVE-2022-47966.json
@@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
- "value": "Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections."
+ "value": "Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active)."
}
]
},
@@ -52,11 +52,6 @@
},
"references": {
"reference_data": [
- {
- "url": "https://manageengine.com",
- "refsource": "MISC",
- "name": "https://manageengine.com"
- },
{
"url": "https://github.com/apache/santuario-xml-security-java/tags?after=1.4.6",
"refsource": "MISC",
@@ -81,6 +76,31 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/170943/Zoho-ManageEngine-Endpoint-Central-MSP-10.1.2228.10-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/170943/Zoho-ManageEngine-Endpoint-Central-MSP-10.1.2228.10-Remote-Code-Execution.html"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://blog.viettelcybersecurity.com/saml-show-stopper/",
+ "url": "https://blog.viettelcybersecurity.com/saml-show-stopper/"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/horizon3ai/CVE-2022-47966",
+ "url": "https://github.com/horizon3ai/CVE-2022-47966"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/",
+ "url": "https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a",
+ "url": "https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a"
+ },
+ {
+ "refsource": "MISC",
+ "name": "https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rapid7-analysis",
+ "url": "https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rapid7-analysis"
}
]
}
diff --git a/2023/2xxx/CVE-2023-2705.json b/2023/2xxx/CVE-2023-2705.json
index 7ea4d2d0631..ae309c267c9 100644
--- a/2023/2xxx/CVE-2023-2705.json
+++ b/2023/2xxx/CVE-2023-2705.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2705",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The gAppointments WordPress plugin before 1.10.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin"
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "gAppointments",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "1.10.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/0b3c83ad-d490-4ca3-8589-39163ea5e24b",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/0b3c83ad-d490-4ca3-8589-39163ea5e24b"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Carlos David Garrido Le\u00f3n"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/35xxx/CVE-2023-35719.json b/2023/35xxx/CVE-2023-35719.json
index a58de6f5c6a..75a0d8e5934 100644
--- a/2023/35xxx/CVE-2023-35719.json
+++ b/2023/35xxx/CVE-2023-35719.json
@@ -58,6 +58,11 @@
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-891",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-891"
+ },
+ {
+ "url": "https://www.manageengine.com/products/self-service-password/kb/our-response-to-CVE-2023-35719.html",
+ "refsource": "MISC",
+ "name": "https://www.manageengine.com/products/self-service-password/kb/our-response-to-CVE-2023-35719.html"
}
]
},
diff --git a/2023/36xxx/CVE-2023-36497.json b/2023/36xxx/CVE-2023-36497.json
index 90d81808452..0d771cb015b 100644
--- a/2023/36xxx/CVE-2023-36497.json
+++ b/2023/36xxx/CVE-2023-36497.json
@@ -1,17 +1,134 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-36497",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "ics-cert@hq.dhs.gov",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \n\ncould allow a guest user to elevate to admin privileges."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-284 Improper Access Control",
+ "cweId": "CWE-284"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Dover Fueling Solutions",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "MAGLINK LX Web Console Configuration",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "2.5.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.5.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.5.3"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.6.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.11"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.0"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.3"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01",
+ "refsource": "MISC",
+ "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.
"
+ }
+ ],
+ "value": "In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Soufian El Yadmani of Darktrace / CSIRT.global reported these vulnerabilities"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 8.8,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2023/38xxx/CVE-2023-38256.json b/2023/38xxx/CVE-2023-38256.json
index bb69b0e5d68..536ce6badd6 100644
--- a/2023/38xxx/CVE-2023-38256.json
+++ b/2023/38xxx/CVE-2023-38256.json
@@ -1,17 +1,134 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38256",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "ics-cert@hq.dhs.gov",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \n\nvulnerable to a path traversal attack, which could allow an attacker to access files stored on the system.\n\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-22 Path Traversal",
+ "cweId": "CWE-22"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Dover Fueling Solutions",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "MAGLINK LX Web Console Configuration",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "2.5.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.5.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.5.3"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.6.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "2.11"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.0"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "3.3"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01",
+ "refsource": "MISC",
+ "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.
"
+ }
+ ],
+ "value": "In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Soufian El Yadmani of Darktrace / CSIRT.global reported these vulnerabilities"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.8,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "HIGH",
+ "scope": "CHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2023/39xxx/CVE-2023-39227.json b/2023/39xxx/CVE-2023-39227.json
index 72e73a39763..f52120c59f3 100644
--- a/2023/39xxx/CVE-2023-39227.json
+++ b/2023/39xxx/CVE-2023-39227.json
@@ -1,17 +1,108 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39227",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "ics-cert@hq.dhs.gov",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "\u200bSoftneta MedDream PACS\u00a0stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user\u2019s credentials.\n\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-256 \u200bPlaintext Storage of a Password",
+ "cweId": "CWE-256"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Softneta",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "MedDream PACS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "0",
+ "version_value": " v7.2.8.810"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01",
+ "refsource": "MISC",
+ "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "\u200b\u200bICSMA-23-248-01",
+ "discovery": "EXTERNAL"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "\n\n\u200bSoftneta recommends users update to v7.2.9.820 of MedDream PACS Server or patch their current system using Fix-v230712.
\u200bFor assistance or additional information about installing the software, please contact Softneta directly.
\n\n
"
+ }
+ ],
+ "value": "\n\u200bSoftneta recommends users update to v7.2.9.820 https://www.softneta.com/files/meddreampacs/premium/230530/MedDream-PACS-Premium-7.2.9.820.exe \u00a0of MedDream PACS Server or patch their current system using Fix-v230712 https://www.softneta.com/files/meddreampacs/premium/Fix-v230712.zip .\n\n\u200bFor assistance or additional information about installing the software, please contact Softneta https://www.softneta.com/contacts/ \u00a0directly.\n\n\n\n\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "\u200bNoam Moshe of Claroty Research reported these vulnerabilities to CISA."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "LOCAL",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.1,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2023/3xxx/CVE-2023-3169.json b/2023/3xxx/CVE-2023-3169.json
index c41b6390298..466e43a5881 100644
--- a/2023/3xxx/CVE-2023-3169.json
+++ b/2023/3xxx/CVE-2023-3169.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3169",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The tagDiv Composer WordPress plugin before 4.2, used as a companion by the Newspaper and Newsmag themes from tagDiv, does not have authorisation in a REST route and does not validate as well as escape some parameters when outputting them back, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "tagDiv Composer",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "4.2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/e6d8216d-ace4-48ba-afca-74da0dc5abb5",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/e6d8216d-ace4-48ba-afca-74da0dc5abb5"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Truoc Phan"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/3xxx/CVE-2023-3170.json b/2023/3xxx/CVE-2023-3170.json
index f41622d73c4..143c0a8ec6c 100644
--- a/2023/3xxx/CVE-2023-3170.json
+++ b/2023/3xxx/CVE-2023-3170.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3170",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The tagDiv Composer WordPress plugin before 4.2, used as a companion by the Newspaper and Newsmag themes from tagDiv, does not validate and escape some settings, which could allow users with Admin privileges to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "tagDiv Composer",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "4.2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/e95ff3c6-283b-4e5e-bea0-1f1375da08da",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/e95ff3c6-283b-4e5e-bea0-1f1375da08da"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Truoc Phan"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/3xxx/CVE-2023-3510.json b/2023/3xxx/CVE-2023-3510.json
index 23529fa4c1b..7843fa9e182 100644
--- a/2023/3xxx/CVE-2023-3510.json
+++ b/2023/3xxx/CVE-2023-3510.json
@@ -1,18 +1,97 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3510",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The FTP Access WordPress plugin through 1.0 does not have authorisation and CSRF checks when updating its settings and is missing sanitisation as well as escaping in them, allowing any authenticated users, such as subscriber to update them with XSS payloads, which will be triggered when an admin will view the settings of the plugin. The attack could also be perform via CSRF against any authenticated user."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ },
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-352 Cross-Site Request Forgery (CSRF)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "FTP Access",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "status": "affected",
+ "versionType": "custom",
+ "version": "0",
+ "lessThanOrEqual": "1.0"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/76abf4ac-5cc1-41a0-84c3-dff42c659581",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/76abf4ac-5cc1-41a0-84c3-dff42c659581"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Bob Matyas"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/40xxx/CVE-2023-40150.json b/2023/40xxx/CVE-2023-40150.json
index b3eae2a37c8..6405e0433c8 100644
--- a/2023/40xxx/CVE-2023-40150.json
+++ b/2023/40xxx/CVE-2023-40150.json
@@ -1,17 +1,108 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40150",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "ics-cert@hq.dhs.gov",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "\n\u200bThe affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution.0"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-749 Exposed Dangerous Method or Function",
+ "cweId": "CWE-749"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Softneta",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "MedDream PACS",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "0",
+ "version_value": " v7.2.8.810"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01",
+ "refsource": "MISC",
+ "name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "advisory": "\u200b\u200bICSMA-23-248-01",
+ "discovery": "EXTERNAL"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "\n\n\u200bSoftneta recommends users update to v7.2.9.820 of MedDream PACS Server or patch their current system using Fix-v230712.
\u200bFor assistance or additional information about installing the software, please contact Softneta directly.
\n\n
"
+ }
+ ],
+ "value": "\n\u200bSoftneta recommends users update to v7.2.9.820 https://www.softneta.com/files/meddreampacs/premium/230530/MedDream-PACS-Premium-7.2.9.820.exe \u00a0of MedDream PACS Server or patch their current system using Fix-v230712 https://www.softneta.com/files/meddreampacs/premium/Fix-v230712.zip .\n\n\u200bFor assistance or additional information about installing the software, please contact Softneta https://www.softneta.com/contacts/ \u00a0directly.\n\n\n\n\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "\u200bNoam Moshe of Claroty Research reported these vulnerabilities to CISA."
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "version": "3.1"
}
]
}
diff --git a/2023/40xxx/CVE-2023-40944.json b/2023/40xxx/CVE-2023-40944.json
index a5c0488f0ca..1c8e6da2214 100644
--- a/2023/40xxx/CVE-2023-40944.json
+++ b/2023/40xxx/CVE-2023-40944.json
@@ -1,17 +1,61 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2023-40944",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2023-40944",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at ~\\header.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/KLSEHB/vulnerability-report/blob/main/Schoolmate_CVE-2023-40944",
+ "url": "https://github.com/KLSEHB/vulnerability-report/blob/main/Schoolmate_CVE-2023-40944"
}
]
}
diff --git a/2023/40xxx/CVE-2023-40945.json b/2023/40xxx/CVE-2023-40945.json
index ee8f26d4cd3..131b02bb6d6 100644
--- a/2023/40xxx/CVE-2023-40945.json
+++ b/2023/40xxx/CVE-2023-40945.json
@@ -1,17 +1,61 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2023-40945",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2023-40945",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\\myDetails.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/KLSEHB/vulnerability-report/blob/main/Doctormms_CVE-2023-40945",
+ "url": "https://github.com/KLSEHB/vulnerability-report/blob/main/Doctormms_CVE-2023-40945"
}
]
}
diff --git a/2023/40xxx/CVE-2023-40946.json b/2023/40xxx/CVE-2023-40946.json
index e782dfccf37..4b926f49153 100644
--- a/2023/40xxx/CVE-2023-40946.json
+++ b/2023/40xxx/CVE-2023-40946.json
@@ -1,17 +1,61 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2023-40946",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2023-40946",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "refsource": "MISC",
+ "name": "https://github.com/KLSEHB/vulnerability-report/blob/main/Schoolmate_CVE-2023-40946",
+ "url": "https://github.com/KLSEHB/vulnerability-report/blob/main/Schoolmate_CVE-2023-40946"
}
]
}
diff --git a/2023/41xxx/CVE-2023-41336.json b/2023/41xxx/CVE-2023-41336.json
index 6bf6c24daaf..50c56fe8c9f 100644
--- a/2023/41xxx/CVE-2023-41336.json
+++ b/2023/41xxx/CVE-2023-41336.json
@@ -1,17 +1,100 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41336",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security-advisories@github.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an `EntityType` that is *not* part of the valid choices. The problem has been fixed in `symfony/ux-autocomplete` version 2.11.2."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-20: Improper Input Validation",
+ "cweId": "CWE-20"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "symfony",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "ux-autocomplete",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "< 2.11.2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://github.com/symfony/ux-autocomplete/security/advisories/GHSA-4cpv-669c-r79x",
+ "refsource": "MISC",
+ "name": "https://github.com/symfony/ux-autocomplete/security/advisories/GHSA-4cpv-669c-r79x"
+ },
+ {
+ "url": "https://github.com/symfony/ux-autocomplete/commit/fabcb2eee14b9e84a45b276711853a560b5d770c",
+ "refsource": "MISC",
+ "name": "https://github.com/symfony/ux-autocomplete/commit/fabcb2eee14b9e84a45b276711853a560b5d770c"
+ },
+ {
+ "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/ux-autocomplete/CVE-2023-41336.yaml",
+ "refsource": "MISC",
+ "name": "https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/ux-autocomplete/CVE-2023-41336.yaml"
+ },
+ {
+ "url": "https://symfony.com/bundles/ux-autocomplete/current/index.html#usage-in-a-form-with-ajax",
+ "refsource": "MISC",
+ "name": "https://symfony.com/bundles/ux-autocomplete/current/index.html#usage-in-a-form-with-ajax"
+ }
+ ]
+ },
+ "source": {
+ "advisory": "GHSA-4cpv-669c-r79x",
+ "discovery": "UNKNOWN"
+ },
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2023/4xxx/CVE-2023-4022.json b/2023/4xxx/CVE-2023-4022.json
index a75722d4d8d..44f7b42c982 100644
--- a/2023/4xxx/CVE-2023-4022.json
+++ b/2023/4xxx/CVE-2023-4022.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4022",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Herd Effects WordPress plugin before 5.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Herd Effects",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "5.2.3"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/c4ac0b19-58b1-4620-b3b7-fbe6dd6c8dd5",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/c4ac0b19-58b1-4620-b3b7-fbe6dd6c8dd5"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Bob Matyas"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4060.json b/2023/4xxx/CVE-2023-4060.json
index 28c28105d84..55b5966fa85 100644
--- a/2023/4xxx/CVE-2023-4060.json
+++ b/2023/4xxx/CVE-2023-4060.json
@@ -1,18 +1,76 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4060",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The WP Adminify WordPress plugin before 3.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "WP Adminify",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "3.1.6"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/88745c9b-1c20-4004-89f6-d9ee223651f2",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/88745c9b-1c20-4004-89f6-d9ee223651f2"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4270.json b/2023/4xxx/CVE-2023-4270.json
index bd3853682d2..33e84106dad 100644
--- a/2023/4xxx/CVE-2023-4270.json
+++ b/2023/4xxx/CVE-2023-4270.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4270",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Min Max Control",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "4.6"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/04560bf1-676b-46fb-9344-4150862f2686",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/04560bf1-676b-46fb-9344-4150862f2686"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Animesh Gaurav"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4278.json b/2023/4xxx/CVE-2023-4278.json
index 69f70a8eee7..a8ee4d8294a 100644
--- a/2023/4xxx/CVE-2023-4278.json
+++ b/2023/4xxx/CVE-2023-4278.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4278",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-269 Improper Privilege Management"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "MasterStudy LMS WordPress Plugin",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "3.0.18"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/cb3173ec-9891-4bd8-9d05-24fe805b5235",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/cb3173ec-9891-4bd8-9d05-24fe805b5235"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Revan Arifio"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4294.json b/2023/4xxx/CVE-2023-4294.json
index c0d4b43108a..ff03081db66 100644
--- a/2023/4xxx/CVE-2023-4294.json
+++ b/2023/4xxx/CVE-2023-4294.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4294",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Cross-Site Scripting (XSS)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "URL Shortify",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "1.7.6"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/1fc71fc7-861a-46cc-a147-1c7ece9a7776",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/1fc71fc7-861a-46cc-a147-1c7ece9a7776"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Bartlomiej Marek and Tomasz Swiadek"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4307.json b/2023/4xxx/CVE-2023-4307.json
index 85020287317..bd4d7fc6928 100644
--- a/2023/4xxx/CVE-2023-4307.json
+++ b/2023/4xxx/CVE-2023-4307.json
@@ -1,18 +1,89 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4307",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Lock User Account WordPress plugin through 1.0.3 does not have CSRF check when bulk locking and unlocking accounts, which could allow attackers to make logged in admins lock and unlock arbitrary users via a CSRF attack"
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-352 Cross-Site Request Forgery (CSRF)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Lock User Account",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "status": "affected",
+ "versionType": "custom",
+ "version": "0",
+ "lessThanOrEqual": "1.0.3"
+ }
+ ],
+ "defaultStatus": "affected"
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/06f7aa45-b5d0-4afb-95cc-8f1c82f6f8b3",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/06f7aa45-b5d0-4afb-95cc-8f1c82f6f8b3"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Dmitrii Ignatyev"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4314.json b/2023/4xxx/CVE-2023-4314.json
index 588b129ef6a..a2d6aa1d4e3 100644
--- a/2023/4xxx/CVE-2023-4314.json
+++ b/2023/4xxx/CVE-2023-4314.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4314",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The wpDataTables WordPress plugin before 2.1.66 does not validate the \"Serialized PHP array\" input data before deserializing the data. This allows admins to deserialize arbitrary data which may lead to remote code execution if a suitable gadget chain is present on the server. This is impactful in environments where admin users should not be allowed to execute arbitrary code, such as multisite."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-502 Deserialization of Untrusted Data"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "wpDataTables",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "2.1.66"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/1ab192d7-72ac-4f12-8a51-f28ee4db91bc",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/1ab192d7-72ac-4f12-8a51-f28ee4db91bc"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Jonatas Souza Villa Flor"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/4xxx/CVE-2023-4318.json b/2023/4xxx/CVE-2023-4318.json
index 0e5ec26870e..545e68e09d7 100644
--- a/2023/4xxx/CVE-2023-4318.json
+++ b/2023/4xxx/CVE-2023-4318.json
@@ -1,18 +1,80 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4318",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "contact@wpscan.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "The Herd Effects WordPress plugin before 5.2.4 does not have CSRF when deleting its items, which could allow attackers to make logged in admins delete arbitrary effects via a CSRF attack"
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-352 Cross-Site Request Forgery (CSRF)"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Unknown",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Herd Effects",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<",
+ "version_name": "0",
+ "version_value": "5.2.4"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://wpscan.com/vulnerability/93b40030-3706-4063-bf59-4ec983afdbb6",
+ "refsource": "MISC",
+ "name": "https://wpscan.com/vulnerability/93b40030-3706-4063-bf59-4ec983afdbb6"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "WPScan CVE Generator"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Erwan LR (WPScan)"
+ },
+ {
+ "lang": "en",
+ "value": "WPScan"
+ }
+ ]
}
\ No newline at end of file