admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-05-20 20:01:41 +00:00
parent f46c47d229
commit 2467fe1cb0
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 392 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
2021/36xxx/CVE-2021-36833.json
View File

@ -1,18 +1,105 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2022-03-02T07:15:00.000Z",
"ID": "CVE-2021-36833",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "WordPress MC4WP plugin <= 4.8.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MC4WP: Mailchimp for WordPress",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "<= 4.8.6",
"version_value": "4.8.6"
}
]
}
}
]
},
"vendor_name": "ibericode"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Asif Nawaz Minhas (Patchstack Alliance)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode's MC4WP plugin <= 4.8.6 at WordPress."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/mailchimp-for-wp/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/mailchimp-for-wp/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/mailchimp-for-wp/wordpress-mc4wp-plugin-4-8-6-authenticated-stored-cross-site-scripting-xss-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/mailchimp-for-wp/wordpress-mc4wp-plugin-4-8-6-authenticated-stored-cross-site-scripting-xss-vulnerability"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to 4.8.7 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}

20
2022/29xxx/CVE-2022-29182.json
View File

@ -69,16 +69,6 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589",
"refsource": "CONFIRM",
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589"
},
{
"name": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477",
"refsource": "MISC",
"url": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477"
},
{
"name": "https://github.com/gocd/gocd/releases/tag/22.1.0",
"refsource": "MISC",
@ -88,6 +78,16 @@
"name": "https://www.gocd.org/releases/#22-1-0",
"refsource": "MISC",
"url": "https://www.gocd.org/releases/#22-1-0"
},
{
"name": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589",
"refsource": "CONFIRM",
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-qcg6-4q44-3589"
},
{
"name": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477",
"refsource": "MISC",
"url": "https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477"
}
]
},

20
2022/29xxx/CVE-2022-29184.json
View File

@ -77,16 +77,6 @@
},
"references": {
"reference_data": [
{
"name": "https://github.com/gocd/gocd/security/advisories/GHSA-vf5r-r7j2-cf2h",
"refsource": "CONFIRM",
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-vf5r-r7j2-cf2h"
},
{
"name": "https://github.com/gocd/gocd/commit/37d35115db2ada2190173f9413cfe1bc6c295ecb",
"refsource": "MISC",
"url": "https://github.com/gocd/gocd/commit/37d35115db2ada2190173f9413cfe1bc6c295ecb"
},
{
"name": "https://github.com/gocd/gocd/releases/tag/22.1.0",
"refsource": "MISC",
@ -96,6 +86,16 @@
"name": "https://www.gocd.org/releases/#22-1-0",
"refsource": "MISC",
"url": "https://www.gocd.org/releases/#22-1-0"
},
{
"name": "https://github.com/gocd/gocd/security/advisories/GHSA-vf5r-r7j2-cf2h",
"refsource": "CONFIRM",
"url": "https://github.com/gocd/gocd/security/advisories/GHSA-vf5r-r7j2-cf2h"
},
{
"name": "https://github.com/gocd/gocd/commit/37d35115db2ada2190173f9413cfe1bc6c295ecb",
"refsource": "MISC",
"url": "https://github.com/gocd/gocd/commit/37d35115db2ada2190173f9413cfe1bc6c295ecb"
}
]
},

99
2022/29xxx/CVE-2022-29424.json
View File

@ -1,18 +1,105 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2022-05-04T06:31:00.000Z",
"ID": "CVE-2022-29424",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Image Hover Effects Ultimate (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "<= 9.7.1",
"version_value": "9.7.1"
}
]
}
}
]
},
"vendor_name": "Biplob Adhikari"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Nguy Minh Tuan (Patchstack Alliance)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/image-hover-effects-ultimate/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/image-hover-effects-ultimate/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/image-hover-effects-ultimate/wordpress-image-hover-effects-ultimate-plugin-9-7-1-authenticated-reflected-cross-site-scripting-xss-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/image-hover-effects-ultimate/wordpress-image-hover-effects-ultimate-plugin-9-7-1-authenticated-reflected-cross-site-scripting-xss-vulnerability"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to 9.7.2 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}

99
2022/29xxx/CVE-2022-29425.json
View File

@ -1,18 +1,105 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2022-05-04T06:49:00.000Z",
"ID": "CVE-2022-29425",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "WordPress Checkout Files Upload for WooCommerce plugin <= 2.1.2 - Cross-Site Scripting (XSS) vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Checkout Files Upload for WooCommerce (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "<= 2.1.2",
"version_value": "2.1.2"
}
]
}
}
]
},
"vendor_name": "WP Wham"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Lucio S\u00e1 (Patchstack Alliance)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-Site Scripting (XSS) vulnerability in WP Wham's Checkout Files Upload for WooCommerce plugin <= 2.1.2 at WordPress."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/checkout-files-upload-woocommerce/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/checkout-files-upload-woocommerce/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/checkout-files-upload-woocommerce/wordpress-checkout-files-upload-for-woocommerce-plugin-2-1-2-cross-site-scripting-xss-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/checkout-files-upload-woocommerce/wordpress-checkout-files-upload-for-woocommerce-plugin-2-1-2-cross-site-scripting-xss-vulnerability"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to 2.1.3 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}

99
2022/29xxx/CVE-2022-29448.json
View File

@ -1,18 +1,105 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2022-05-16T06:54:00.000Z",
"ID": "CVE-2022-29448",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "WordPress Herd Effects plugin <= 5.2 - Local File Inclusion (LFI) vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Herd Effects (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "<= 5.2",
"version_value": "5.2"
}
]
}
}
]
},
"vendor_name": "Wow-Company"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by 0xB9 (Patchstack Alliance)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local File Inclusion (LFI)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/mwp-herd-effect/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/mwp-herd-effect/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/mwp-herd-effect/wordpress-herd-effects-plugin-5-2-local-file-inclusion-lfi-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/mwp-herd-effect/wordpress-herd-effects-plugin-5-2-local-file-inclusion-lfi-vulnerability"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to 5.2.1 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}