From 416871910984579ac80814de3e63eb445a606aba Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 20 Sep 2019 15:00:52 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2015/9xxx/CVE-2015-9384.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9385.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9386.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9387.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9388.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9389.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9390.json | 67 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9391.json | 67 +++++++++++++++++++++++++++++++ 2016/10xxx/CVE-2016-10996.json | 67 +++++++++++++++++++++++++++++++ 2016/10xxx/CVE-2016-10997.json | 67 +++++++++++++++++++++++++++++++ 2016/10xxx/CVE-2016-10998.json | 62 +++++++++++++++++++++++++++++ 2016/10xxx/CVE-2016-10999.json | 62 +++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11000.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11001.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11002.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11003.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11004.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11005.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11006.json | 72 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11007.json | 72 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11008.json | 72 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11009.json | 72 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11010.json | 72 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11011.json | 72 ++++++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11012.json | 67 +++++++++++++++++++++++++++++++ 2016/11xxx/CVE-2016-11013.json | 67 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16642.json | 62 +++++++++++++++++++++++++++++ 27 files changed, 1824 insertions(+) create mode 100644 2015/9xxx/CVE-2015-9384.json create mode 100644 2015/9xxx/CVE-2015-9385.json create mode 100644 2015/9xxx/CVE-2015-9386.json create mode 100644 2015/9xxx/CVE-2015-9387.json create mode 100644 2015/9xxx/CVE-2015-9388.json create mode 100644 2015/9xxx/CVE-2015-9389.json create mode 100644 2015/9xxx/CVE-2015-9390.json create mode 100644 2015/9xxx/CVE-2015-9391.json create mode 100644 2016/10xxx/CVE-2016-10996.json create mode 100644 2016/10xxx/CVE-2016-10997.json create mode 100644 2016/10xxx/CVE-2016-10998.json create mode 100644 2016/10xxx/CVE-2016-10999.json create mode 100644 2016/11xxx/CVE-2016-11000.json create mode 100644 2016/11xxx/CVE-2016-11001.json create mode 100644 2016/11xxx/CVE-2016-11002.json create mode 100644 2016/11xxx/CVE-2016-11003.json create mode 100644 2016/11xxx/CVE-2016-11004.json create mode 100644 2016/11xxx/CVE-2016-11005.json create mode 100644 2016/11xxx/CVE-2016-11006.json create mode 100644 2016/11xxx/CVE-2016-11007.json create mode 100644 2016/11xxx/CVE-2016-11008.json create mode 100644 2016/11xxx/CVE-2016-11009.json create mode 100644 2016/11xxx/CVE-2016-11010.json create mode 100644 2016/11xxx/CVE-2016-11011.json create mode 100644 2016/11xxx/CVE-2016-11012.json create mode 100644 2016/11xxx/CVE-2016-11013.json create mode 100644 2019/16xxx/CVE-2019-16642.json diff --git a/2015/9xxx/CVE-2015-9384.json b/2015/9xxx/CVE-2015-9384.json new file mode 100644 index 00000000000..5857245c330 --- /dev/null +++ b/2015/9xxx/CVE-2015-9384.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9384", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The relevant plugin before 1.0.8 for WordPress has XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8361", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8361" + }, + { + "url": "https://wordpress.org/plugins/relevant/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/relevant/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9385.json b/2015/9xxx/CVE-2015-9385.json new file mode 100644 index 00000000000..8feb6da8801 --- /dev/null +++ b/2015/9xxx/CVE-2015-9385.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9385", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The quotes-and-tips plugin before 1.20 for WordPress has XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8359", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8359" + }, + { + "url": "https://wordpress.org/plugins/quotes-and-tips/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/quotes-and-tips/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9386.json b/2015/9xxx/CVE-2015-9386.json new file mode 100644 index 00000000000..527b95651f0 --- /dev/null +++ b/2015/9xxx/CVE-2015-9386.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9386", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/mtouch-quiz/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/mtouch-quiz/#developers" + }, + { + "url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/", + "refsource": "MISC", + "name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9387.json b/2015/9xxx/CVE-2015-9387.json new file mode 100644 index 00000000000..3ca2a4dc979 --- /dev/null +++ b/2015/9xxx/CVE-2015-9387.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9387", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/mtouch-quiz/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/mtouch-quiz/#developers" + }, + { + "url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/", + "refsource": "MISC", + "name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9388.json b/2015/9xxx/CVE-2015-9388.json new file mode 100644 index 00000000000..8b293c64147 --- /dev/null +++ b/2015/9xxx/CVE-2015-9388.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/mtouch-quiz/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/mtouch-quiz/#developers" + }, + { + "url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/", + "refsource": "MISC", + "name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9389.json b/2015/9xxx/CVE-2015-9389.json new file mode 100644 index 00000000000..3354131ab9e --- /dev/null +++ b/2015/9xxx/CVE-2015-9389.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/mtouch-quiz/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/mtouch-quiz/#developers" + }, + { + "url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/", + "refsource": "MISC", + "name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9390.json b/2015/9xxx/CVE-2015-9390.json new file mode 100644 index 00000000000..116e4fab0df --- /dev/null +++ b/2015/9xxx/CVE-2015-9390.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9390", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/admin-management-xtended/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/admin-management-xtended/#developers" + }, + { + "url": "https://security.szurek.pl/admin-management-xtended-240-privilege-escalation.html", + "refsource": "MISC", + "name": "https://security.szurek.pl/admin-management-xtended-240-privilege-escalation.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9391.json b/2015/9xxx/CVE-2015-9391.json new file mode 100644 index 00000000000..7ee9abf9cf1 --- /dev/null +++ b/2015/9xxx/CVE-2015-9391.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8351", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8351" + }, + { + "url": "https://wordpress.org/plugins/yawpp/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/yawpp/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10996.json b/2016/10xxx/CVE-2016-10996.json new file mode 100644 index 00000000000..89083f6dde8 --- /dev/null +++ b/2016/10xxx/CVE-2016-10996.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/optinmonster/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/optinmonster/#developers" + }, + { + "url": "http://www.pritect.net/blog/optinmonster-1-1-4-6-security-vulnerability", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/optinmonster-1-1-4-6-security-vulnerability" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10997.json b/2016/10xxx/CVE-2016-10997.json new file mode 100644 index 00000000000..b0bc7918079 --- /dev/null +++ b/2016/10xxx/CVE-2016-10997.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8412", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8412" + }, + { + "refsource": "EXPLOIT-DB", + "name": "Exploit Database", + "url": "https://www.exploit-db.com/exploits/39552" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10998.json b/2016/10xxx/CVE-2016-10998.json new file mode 100644 index 00000000000..5c1cd99d834 --- /dev/null +++ b/2016/10xxx/CVE-2016-10998.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8425", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8425" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10999.json b/2016/10xxx/CVE-2016-10999.json new file mode 100644 index 00000000000..80ddaffaa10 --- /dev/null +++ b/2016/10xxx/CVE-2016-10999.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10999", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.vulnerability-lab.com/get_content.php?id=1771", + "refsource": "MISC", + "name": "https://www.vulnerability-lab.com/get_content.php?id=1771" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11000.json b/2016/11xxx/CVE-2016-11000.json new file mode 100644 index 00000000000..4120910545f --- /dev/null +++ b/2016/11xxx/CVE-2016-11000.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/wp-ultimate-exporter/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-ultimate-exporter/#developers" + }, + { + "url": "https://seclists.org/bugtraq/2016/Feb/183", + "refsource": "MISC", + "name": "https://seclists.org/bugtraq/2016/Feb/183" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11001.json b/2016/11xxx/CVE-2016-11001.json new file mode 100644 index 00000000000..7960cc04cb3 --- /dev/null +++ b/2016/11xxx/CVE-2016-11001.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11001", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/user-submitted-posts/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/user-submitted-posts/#developers" + }, + { + "url": "https://www.securityfocus.com/archive/1/537616/30/0/threaded", + "refsource": "MISC", + "name": "https://www.securityfocus.com/archive/1/537616/30/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11002.json b/2016/11xxx/CVE-2016-11002.json new file mode 100644 index 00000000000..d2cd440beb3 --- /dev/null +++ b/2016/11xxx/CVE-2016-11002.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products", + "refsource": "MISC", + "name": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products" + }, + { + "url": "http://www.pritect.net/blog/elegant-themes-security-vulnerability", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/elegant-themes-security-vulnerability" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11003.json b/2016/11xxx/CVE-2016-11003.json new file mode 100644 index 00000000000..77368bbd839 --- /dev/null +++ b/2016/11xxx/CVE-2016-11003.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products", + "refsource": "MISC", + "name": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products" + }, + { + "url": "http://www.pritect.net/blog/elegant-themes-security-vulnerability", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/elegant-themes-security-vulnerability" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11004.json b/2016/11xxx/CVE-2016-11004.json new file mode 100644 index 00000000000..eaa7a8dfe25 --- /dev/null +++ b/2016/11xxx/CVE-2016-11004.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products", + "refsource": "MISC", + "name": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products" + }, + { + "url": "http://www.pritect.net/blog/elegant-themes-security-vulnerability", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/elegant-themes-security-vulnerability" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11005.json b/2016/11xxx/CVE-2016-11005.json new file mode 100644 index 00000000000..cd04e71d792 --- /dev/null +++ b/2016/11xxx/CVE-2016-11005.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11005", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/instalinker/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/instalinker/#developers" + }, + { + "url": "https://rastating.github.io/instalinker-reflected-xss-information-disclosure/", + "refsource": "MISC", + "name": "https://rastating.github.io/instalinker-reflected-xss-information-disclosure/" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11006.json b/2016/11xxx/CVE-2016-11006.json new file mode 100644 index 00000000000..fb22d6efa44 --- /dev/null +++ b/2016/11xxx/CVE-2016-11006.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8378", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8378" + }, + { + "url": "https://wordpress.org/plugins/wp-invoice/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-invoice/#developers" + }, + { + "url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11007.json b/2016/11xxx/CVE-2016-11007.json new file mode 100644 index 00000000000..8d36e4d6e5d --- /dev/null +++ b/2016/11xxx/CVE-2016-11007.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11007", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8378", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8378" + }, + { + "url": "https://wordpress.org/plugins/wp-invoice/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-invoice/#developers" + }, + { + "url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11008.json b/2016/11xxx/CVE-2016-11008.json new file mode 100644 index 00000000000..6c854de10e3 --- /dev/null +++ b/2016/11xxx/CVE-2016-11008.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8378", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8378" + }, + { + "url": "https://wordpress.org/plugins/wp-invoice/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-invoice/#developers" + }, + { + "url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11009.json b/2016/11xxx/CVE-2016-11009.json new file mode 100644 index 00000000000..1ef18052461 --- /dev/null +++ b/2016/11xxx/CVE-2016-11009.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11009", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8378", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8378" + }, + { + "url": "https://wordpress.org/plugins/wp-invoice/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-invoice/#developers" + }, + { + "url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11010.json b/2016/11xxx/CVE-2016-11010.json new file mode 100644 index 00000000000..bdc27ed7714 --- /dev/null +++ b/2016/11xxx/CVE-2016-11010.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8378", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8378" + }, + { + "url": "https://wordpress.org/plugins/wp-invoice/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-invoice/#developers" + }, + { + "url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11011.json b/2016/11xxx/CVE-2016-11011.json new file mode 100644 index 00000000000..0e90a711792 --- /dev/null +++ b/2016/11xxx/CVE-2016-11011.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11011", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8378", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8378" + }, + { + "url": "https://wordpress.org/plugins/wp-invoice/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-invoice/#developers" + }, + { + "url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities", + "refsource": "MISC", + "name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11012.json b/2016/11xxx/CVE-2016-11012.json new file mode 100644 index 00000000000..34f335a56c9 --- /dev/null +++ b/2016/11xxx/CVE-2016-11012.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8389", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8389" + }, + { + "url": "https://wordpress.org/plugins/sola-support-tickets/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/sola-support-tickets/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2016/11xxx/CVE-2016-11013.json b/2016/11xxx/CVE-2016-11013.json new file mode 100644 index 00000000000..c3bbba5aa15 --- /dev/null +++ b/2016/11xxx/CVE-2016-11013.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-11013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp-listings plugin before 2.0.2 for WordPress has includes/views/single-listing.php XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/wp-listings/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-listings/#developers" + }, + { + "url": "https://github.com/agentevolution/wp-listings/pull/52", + "refsource": "MISC", + "name": "https://github.com/agentevolution/wp-listings/pull/52" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16642.json b/2019/16xxx/CVE-2019-16642.json new file mode 100644 index 00000000000..7cd4d420590 --- /dev/null +++ b/2019/16xxx/CVE-2019-16642.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "App\\Mobile\\Controller\\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/yeyinshi/tuzicms/issues/6", + "refsource": "MISC", + "name": "https://github.com/yeyinshi/tuzicms/issues/6" + } + ] + } +} \ No newline at end of file