From 5cc27db37cece16121c721e37d1d2c5b945e8b08 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 9 Jun 2023 06:00:43 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/0xxx/CVE-2023-0291.json | 85 ++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0292.json | 85 ++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0688.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0691.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0692.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0693.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0694.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0695.json | 75 +++++++++++++++++++++-- 2023/0xxx/CVE-2023-0708.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0709.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0710.json | 75 +++++++++++++++++++++-- 2023/0xxx/CVE-2023-0721.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0729.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0831.json | 79 ++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0832.json | 79 ++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0992.json | 80 +++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0993.json | 80 +++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1016.json | 69 +++++++++++++++++++-- 2023/1xxx/CVE-2023-1169.json | 80 +++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1375.json | 80 +++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1403.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1404.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1430.json | 74 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1615.json | 84 ++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1807.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1843.json | 80 +++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1888.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1889.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1895.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1910.json | 75 +++++++++++++++++++++-- 2023/1xxx/CVE-2023-1917.json | 85 ++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1978.json | 75 +++++++++++++++++++++-- 2023/27xxx/CVE-2023-27986.json | 7 ++- 2023/2xxx/CVE-2023-2031.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2066.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2067.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2083.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2084.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2085.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2086.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2087.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2159.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2184.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2189.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2237.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2249.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2275.json | 90 ++++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2280.json | 84 ++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2289.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2305.json | 90 ++++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2402.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2414.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2450.json | 79 ++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2452.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2484.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2526.json | 85 ++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2555.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2556.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2557.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2558.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2584.json | 92 ++++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2599.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2604.json | 75 +++++++++++++++++++++-- 2023/2xxx/CVE-2023-2607.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2688.json | 94 +++++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2764.json | 80 +++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2767.json | 94 +++++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2891.json | 75 +++++++++++++++++++++-- 2023/3xxx/CVE-2023-3176.json | 106 +++++++++++++++++++++++++++++++++ 2023/3xxx/CVE-2023-3177.json | 106 +++++++++++++++++++++++++++++++++ 70 files changed, 5273 insertions(+), 269 deletions(-) create mode 100644 2023/3xxx/CVE-2023-3176.json create mode 100644 2023/3xxx/CVE-2023-3177.json diff --git a/2023/0xxx/CVE-2023-0291.json b/2023/0xxx/CVE-2023-0291.json index c64455a5c51..8dde5c34fb7 100644 --- a/2023/0xxx/CVE-2023-0291.json +++ b/2023/0xxx/CVE-2023-0291.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0291", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove_file_fd_question AJAX action in versions up to, and including, 8.0.8. This makes it possible for unauthenticated attackers to delete arbitrary media files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "expresstech", + "product": { + "product_data": [ + { + "product_name": "Quiz And Survey Master \u2013 Best Quiz, Exam and Survey Plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "8.0.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68110321-db1a-4634-98cd-0afd3ec933b8?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68110321-db1a-4634-98cd-0afd3ec933b8?source=cve" + }, + { + "url": "https://wordpress.org/plugins/quiz-master-next/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/quiz-master-next/" + }, + { + "url": "https://packetstormsecurity.com/files/171011/wpqsm808-xsrf.txt", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/171011/wpqsm808-xsrf.txt" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2834471/quiz-master-next", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2834471/quiz-master-next" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Julien Ahrens" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] } diff --git a/2023/0xxx/CVE-2023-0292.json b/2023/0xxx/CVE-2023-0292.json index 7521691bab3..3d8865eb89e 100644 --- a/2023/0xxx/CVE-2023-0292.json +++ b/2023/0xxx/CVE-2023-0292.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0292", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to missing nonce validation on the function associated with the qsm_remove_file_fd_question AJAX action. This makes it possible for unauthenticated attackers to delete arbitrary media files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "expresstech", + "product": { + "product_data": [ + { + "product_name": "Quiz And Survey Master \u2013 Best Quiz, Exam and Survey Plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "8.0.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c75e6d27-7f6b-4bec-b653-c2024504f427?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c75e6d27-7f6b-4bec-b653-c2024504f427?source=cve" + }, + { + "url": "https://wordpress.org/plugins/quiz-master-next/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/quiz-master-next/" + }, + { + "url": "https://packetstormsecurity.com/files/171011/wpqsm808-xsrf.txt", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/171011/wpqsm808-xsrf.txt" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2834471/quiz-master-next", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2834471/quiz-master-next" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Julien Ahrens" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0688.json b/2023/0xxx/CVE-2023-0688.json index e0f9af4b7f3..a5cd4ffb925 100644 --- a/2023/0xxx/CVE-2023-0688.json +++ b/2023/0xxx/CVE-2023-0688.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0688", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_thankyou' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about form submissions, including payment status, and transaction ID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81fc41a4-9206-404c-bd5b-821c77ff3593?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81fc41a4-9206-404c-bd5b-821c77ff3593?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2910040/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2910040/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0691.json b/2023/0xxx/CVE-2023-0691.json index d790a55decd..23bec846d96 100644 --- a/2023/0xxx/CVE-2023-0691.json +++ b/2023/0xxx/CVE-2023-0691.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0691", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_last_name' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary form submissions, specifically the submitter's last name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fc4b815-dc05-4270-bf7a-3b01622739d7?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fc4b815-dc05-4270-bf7a-3b01622739d7?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2910040/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2910040/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0692.json b/2023/0xxx/CVE-2023-0692.json index 4108c075497..802590aa85f 100644 --- a/2023/0xxx/CVE-2023-0692.json +++ b/2023/0xxx/CVE-2023-0692.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0692", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_payment_status' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the payment status of arbitrary form submissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ddd85ff2-6607-4ac8-b91c-88f6f2fa6c56?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ddd85ff2-6607-4ac8-b91c-88f6f2fa6c56?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2910040/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2910040/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0693.json b/2023/0xxx/CVE-2023-0693.json index b7a33bfe632..7075e5cb851 100644 --- a/2023/0xxx/CVE-2023-0693.json +++ b/2023/0xxx/CVE-2023-0693.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0693", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_transaction_id' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the transaction ids of arbitrary form submissions that included payment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f33a8db-7cd0-4a53-b2c1-cd5b7cd16214?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f33a8db-7cd0-4a53-b2c1-cd5b7cd16214?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2910040/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2910040/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0694.json b/2023/0xxx/CVE-2023-0694.json index 98de686743e..f40f6819dc9 100644 --- a/2023/0xxx/CVE-2023-0694.json +++ b/2023/0xxx/CVE-2023-0694.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0694", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about any standard form field of any form submission." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a8b194c-371f-4adc-98fa-8f4e47a38ee7?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a8b194c-371f-4adc-98fa-8f4e47a38ee7?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2910040/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2910040/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0695.json b/2023/0xxx/CVE-2023-0695.json index 5e66ce2355c..5902d399b3c 100644 --- a/2023/0xxx/CVE-2023-0695.json +++ b/2023/0xxx/CVE-2023-0695.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0695", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf' shortcode to echo unescaped form submissions in versions up to, and including, 3.3.0. This allows authenticated attackers, with contributor-level permissions or above, to inject arbitrary web scripts in pages that will execute when the victim visits a specific link. Note that getting the JavaScript to execute still requires user interaction as the victim must visit a crafted link with the form entry id, but the script itself is stored in the site database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c866d8d-399c-4bda-a3c9-17c7e5d2ffb8?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c866d8d-399c-4bda-a3c9-17c7e5d2ffb8?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0708.json b/2023/0xxx/CVE-2023-0708.json index a02f582e994..667a98e569a 100644 --- a/2023/0xxx/CVE-2023-0708.json +++ b/2023/0xxx/CVE-2023-0708.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0708", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf_first_name' shortcode to echo unescaped form submissions in versions up to, and including, 3.3.0. This allows authenticated attackers, with contributor-level permissions or above, to inject arbitrary web scripts in pages that will execute when the victim visits a a page containing the shortcode when the submission id is present in the query string. Note that getting the JavaScript to execute requires user interaction as the victim must visit a crafted link with the form entry id, but the script itself is stored in the site database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae7549db-9a4b-4dee-8023-d7863dc3b4c8?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae7549db-9a4b-4dee-8023-d7863dc3b4c8?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2907471/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2907471/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0709.json b/2023/0xxx/CVE-2023-0709.json index bc030f7362a..6d4dfcde60b 100644 --- a/2023/0xxx/CVE-2023-0709.json +++ b/2023/0xxx/CVE-2023-0709.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0709", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf_last_name' shortcode to echo unescaped form submissions in versions up to, and including, 3.3.0. This allows authenticated attackers, with contributor-level permissions or above, to inject arbitrary web scripts in pages that will execute when the victim visits a a page containing the shortcode when the submission id is present in the query string. Note that getting the JavaScript to execute requires user interaction as the victim must visit a crafted link with the form entry id, but the script itself is stored in the site database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/25200656-a6a2-42f2-a607-26d4ff502cbf?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/25200656-a6a2-42f2-a607-26d4ff502cbf?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2907471/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2907471/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0710.json b/2023/0xxx/CVE-2023-0710.json index 191aa7d388e..95c07012e4a 100644 --- a/2023/0xxx/CVE-2023-0710.json +++ b/2023/0xxx/CVE-2023-0710.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0710", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'fname' attribute of the 'mf_thankyou' shortcode to echo unescaped form submissions in versions up to, and including, 3.3.0. This allows authenticated attackers, with contributor-level permissions or above, to inject arbitrary web scripts in pages that will execute when the victim visits a a page containing the shortcode when the submission id is present in the query string. Note that getting the JavaScript to execute requires user interaction as the victim must visit a crafted link with the form entry id, but the script itself is stored in the site database. Additionally this requires successful payment, increasing the complexity." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89a98053-33c7-4e75-87a1-0f483a990641?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/89a98053-33c7-4e75-87a1-0f483a990641?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0721.json b/2023/0xxx/CVE-2023-0721.json index 012f875c395..e2a5b8e14dc 100644 --- a/2023/0xxx/CVE-2023-0721.json +++ b/2023/0xxx/CVE-2023-0721.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0721", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in versions up to, and including, 3.3.0. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccd85a72-1872-4c4f-8ba7-7f91b0b37d4a?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ccd85a72-1872-4c4f-8ba7-7f91b0b37d4a?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/export.php?rev=2845078", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/core/entries/export.php?rev=2845078" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2907471/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2907471/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", + "baseScore": 8.3, + "baseSeverity": "HIGH" } ] } diff --git a/2023/0xxx/CVE-2023-0729.json b/2023/0xxx/CVE-2023-0729.json index 3f7e34c42b1..6b5f4230d32 100644 --- a/2023/0xxx/CVE-2023-0729.json +++ b/2023/0xxx/CVE-2023-0729.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0729", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajax_save_sort_order function. This makes it possible for unauthenticated attackers to invoke this function via forged request granted they can trick a site administrator into performing an action such as clicking on a link leading them to perform actions intended for administrators such as changing the folder structure maintained by the plugin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wickedplugins", + "product": { + "product_data": [ + { + "product_name": "Wicked Folders", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "2.18.16" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8dbf54-ea62-4901-b34f-079b708ca0b5?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8dbf54-ea62-4901-b34f-079b708ca0b5?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wicked-folders/tags/2.18.16/lib/class-wicked-folders-ajax.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wicked-folders/tags/2.18.16/lib/class-wicked-folders-ajax.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2860994%40wicked-folders%2Ftrunk&old=2805161%40wicked-folders%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2860994%40wicked-folders%2Ftrunk&old=2805161%40wicked-folders%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0831.json b/2023/0xxx/CVE-2023-0831.json index 61174ba87d8..b7e32d46585 100644 --- a/2023/0xxx/CVE-2023-0831.json +++ b/2023/0xxx/CVE-2023-0831.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0831", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Under Construction plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.96. This is due to missing or incorrect nonce validation on the dismiss_notice function called via the admin_action_ucp_dismiss_notice action. This makes it possible for unauthenticated attackers to dismiss plugin notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "webfactory", + "product": { + "product_data": [ + { + "product_name": "Under Construction", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.96" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/031a1203-6b0d-453b-be8a-12e7f55cb401?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/031a1203-6b0d-453b-be8a-12e7f55cb401?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/under-construction-page/trunk/under-construction.php?rev=2848705#L901", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/under-construction-page/trunk/under-construction.php?rev=2848705#L901" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + }, + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0832.json b/2023/0xxx/CVE-2023-0832.json index cf8d1c39d48..e2422f21a72 100644 --- a/2023/0xxx/CVE-2023-0832.json +++ b/2023/0xxx/CVE-2023-0832.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0832", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Under Construction plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.96. This is due to missing or incorrect nonce validation on the install_weglot function called via the admin_action_install_weglot action. This makes it possible for unauthenticated attackers to perform an unauthorized install of the Weglot Translate plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "webfactory", + "product": { + "product_data": [ + { + "product_name": "Under Construction", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.96" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4fa84388-3597-4a54-9ae8-d6e04afe9061?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4fa84388-3597-4a54-9ae8-d6e04afe9061?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/under-construction-page/trunk/under-construction.php?rev=2848705#L2389", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/under-construction-page/trunk/under-construction.php?rev=2848705#L2389" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + }, + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/0xxx/CVE-2023-0992.json b/2023/0xxx/CVE-2023-0992.json index b6534469688..3b8aba4645e 100644 --- a/2023/0xxx/CVE-2023-0992.json +++ b/2023/0xxx/CVE-2023-0992.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0992", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Shield Security plugin for WordPress is vulnerable to stored Cross-Site Scripting in versions up to, and including, 17.0.17 via the 'User-Agent' header. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "paultgoodchild", + "product": { + "product_data": [ + { + "product_name": "Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "*", + "version_value": "17.0.18" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/162dff28-94ea-4a47-a6cb-a13317cf1a04?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/162dff28-94ea-4a47-a6cb-a13317cf1a04?source=cve" + }, + { + "url": "https://wordpress.org/plugins/wp-simple-firewall/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-simple-firewall/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2883864%40wp-simple-firewall%2Ftrunk&old=2883536%40wp-simple-firewall%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2883864%40wp-simple-firewall%2Ftrunk&old=2883536%40wp-simple-firewall%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] } diff --git a/2023/0xxx/CVE-2023-0993.json b/2023/0xxx/CVE-2023-0993.json index 80d53b8f7b3..e0824a37979 100644 --- a/2023/0xxx/CVE-2023-0993.json +++ b/2023/0xxx/CVE-2023-0993.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0993", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin-file' AJAX action in versions up to, and including, 17.0.17. This allows authenticated attackers to add arbitrary audit log entries indicating that a theme or plugin has been edited, and is also a vector for Cross-Site Scripting via CVE-2023-0992." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "paultgoodchild", + "product": { + "product_data": [ + { + "product_name": "Shield Security \u2013 Smart Bot Blocking & Intrusion Prevention", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "*", + "version_value": "17.0.18" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/674461ad-9b61-48c4-af2a-5dfcaeb38215?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/674461ad-9b61-48c4-af2a-5dfcaeb38215?source=cve" + }, + { + "url": "https://wordpress.org/plugins/wp-simple-firewall/", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-simple-firewall/" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2883864%40wp-simple-firewall%2Ftrunk&old=2883536%40wp-simple-firewall%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2883864%40wp-simple-firewall%2Ftrunk&old=2883536%40wp-simple-firewall%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1016.json b/2023/1xxx/CVE-2023-1016.json index 4cb6646f656..0a0db96c63f 100644 --- a/2023/1xxx/CVE-2023-1016.json +++ b/2023/1xxx/CVE-2023-1016.json @@ -1,17 +1,78 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1016", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.3, due to insufficient escaping on the user supplied 'objects' and 'tags' parameters and lack of sufficient preparation in the 'update_options' function as well as the 'refresh' function which runs queries on the same values. This allows authenticated attackers, with administrator permissions, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Note that this attack may only be practical on configurations where it is possible to bypass addslashes due to the database using a nonstandard character set such as GBK." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "hijiri", + "product": { + "product_data": [ + { + "product_name": "Intuitive Custom Post Order", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.1.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc878508-200d-4bc7-aa99-c34e63cba4b3?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc878508-200d-4bc7-aa99-c34e63cba4b3?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/intuitive-custom-post-order/trunk/intuitive-custom-post-order.php?rev=2530122", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/intuitive-custom-post-order/trunk/intuitive-custom-post-order.php?rev=2530122" + } + ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1169.json b/2023/1xxx/CVE-2023-1169.json index 87c8846a1dc..17b9c3198af 100644 --- a/2023/1xxx/CVE-2023-1169.json +++ b/2023/1xxx/CVE-2023-1169.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1169", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to missing authorization due to a missing capability check on the 'file_uploader_callback' function in versions up to, and including, 2.1.4. This makes it possible for subscriber-level attackers to upload image attachments to the site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ooohboi", + "product": { + "product_data": [ + { + "product_name": "OoohBoi Steroids for Elementor", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "2.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c56ed896-9267-49e6-a207-fe5362fe18cd?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c56ed896-9267-49e6-a207-fe5362fe18cd?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ooohboi-steroids-for-elementor/tags/2.1.3/inc/exopite-simple-options/upload-class.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/ooohboi-steroids-for-elementor/tags/2.1.3/inc/exopite-simple-options/upload-class.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2888622/ooohboi-steroids-for-elementor/tags/2.1.5/inc/exopite-simple-options/upload-class.php?old=2874981&old_path=ooohboi-steroids-for-elementor%2Ftags%2F2.1.4%2Finc%2Fexopite-simple-options%2Fupload-class.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2888622/ooohboi-steroids-for-elementor/tags/2.1.5/inc/exopite-simple-options/upload-class.php?old=2874981&old_path=ooohboi-steroids-for-elementor%2Ftags%2F2.1.4%2Finc%2Fexopite-simple-options%2Fupload-class.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1375.json b/2023/1xxx/CVE-2023-1375.json index dfc166ed9a8..7a505b18fe1 100644 --- a/2023/1xxx/CVE-2023-1375.json +++ b/2023/1xxx/CVE-2023-1375.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1375", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized cache deletion in versions up to, and including, 1.1.2 due to a missing capability check in the deleteCacheToolbar function . This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete the site's cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "emrevona", + "product": { + "product_data": [ + { + "product_name": "WP Fastest Cache", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae643666-70cb-4eb4-a183-e1649264ded4?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae643666-70cb-4eb4-a183-e1649264ded4?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wp-fastest-cache/trunk/wpFastestCache.php#L866", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wp-fastest-cache/trunk/wpFastestCache.php#L866" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2893158%40wp-fastest-cache&new=2893158%40wp-fastest-cache&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2893158%40wp-fastest-cache&new=2893158%40wp-fastest-cache&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1403.json b/2023/1xxx/CVE-2023-1403.json index 8d73ba72b11..053e770462b 100644 --- a/2023/1xxx/CVE-2023-1403.json +++ b/2023/1xxx/CVE-2023-1403.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1403", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Weaver Xtreme Theme for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in versions up to, and including, 5.0.7. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpweaver", + "product": { + "product_data": [ + { + "product_name": "Weaver Xtreme", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "5.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5b2bef63-c871-45e4-bb05-12bbba20ca5e?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5b2bef63-c871-45e4-bb05-12bbba20ca5e?source=cve" + }, + { + "url": "https://themes.trac.wordpress.org/browser/weaver-xtreme/5.0.7/includes/lib-content.php#L1081", + "refsource": "MISC", + "name": "https://themes.trac.wordpress.org/browser/weaver-xtreme/5.0.7/includes/lib-content.php#L1081" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1404.json b/2023/1xxx/CVE-2023-1404.json index f44bf5d5e60..abd25bc3be2 100644 --- a/2023/1xxx/CVE-2023-1404.json +++ b/2023/1xxx/CVE-2023-1404.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1404", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Weaver Show Posts Plugin for WordPress is vulnerable to stored Cross-Site Scripting due to insufficient escaping of the profile display name in versions up to, and including, 1.6. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpweaver", + "product": { + "product_data": [ + { + "product_name": "Weaver Show Posts", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8647c44-4879-4895-bd07-19f7d62a7326?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8647c44-4879-4895-bd07-19f7d62a7326?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/show-posts/tags/1.6/includes/atw-showposts-sc.php#L368", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/show-posts/tags/1.6/includes/atw-showposts-sc.php#L368" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1430.json b/2023/1xxx/CVE-2023-1430.json index 2c10824d0d8..893707cb83b 100644 --- a/2023/1xxx/CVE-2023-1430.json +++ b/2023/1xxx/CVE-2023-1430.json @@ -1,17 +1,83 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1430", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.7.40 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated attackers to unsubscribe users from lists and manage subscriptions, granted they gain access to any targeted subscribers email address." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-759 Use of a One-Way Hash without a Salt" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "techjewel", + "product": { + "product_data": [ + { + "product_name": "Email Marketing, Newsletter, Email Automation and CRM Plugin for WordPress by FluentCRM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.7.40" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de6da87e-8f7d-4120-8a1b-390ef7733d84?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de6da87e-8f7d-4120-8a1b-390ef7733d84?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2899218/fluent-crm/tags/2.8.0/app/Hooks/Handlers/ExternalPages.php?old=2873074&old_path=fluent-crm%2Ftags%2F2.7.40%2Fapp%2FHooks%2FHandlers%2FExternalPages.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2899218/fluent-crm/tags/2.8.0/app/Hooks/Handlers/ExternalPages.php?old=2873074&old_path=fluent-crm%2Ftags%2F2.7.40%2Fapp%2FHooks%2FHandlers%2FExternalPages.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Karl Emil Nikka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1615.json b/2023/1xxx/CVE-2023-1615.json index ccc512500fc..a4bdd63ec8d 100644 --- a/2023/1xxx/CVE-2023-1615.json +++ b/2023/1xxx/CVE-2023-1615.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1615", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Ultimate Addons for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in versions up to, and including, 3.1.23. This makes it possible for authenticated attackers of any authorization level to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "psdtowpservice", + "product": { + "product_data": [ + { + "product_name": "Ultimate Addons for Contact Form 7", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "3.1.23" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/817ca119-ddaf-4525-beee-68c4e0aac544?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/817ca119-ddaf-4525-beee-68c4e0aac544?source=cve" + }, + { + "url": "https://wordpress.org/plugins/ultimate-addons-for-contact-form-7/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/ultimate-addons-for-contact-form-7/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ultimate-addons-for-contact-form-7/trunk/addons/database/database.php?rev=2897709#L255", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/ultimate-addons-for-contact-form-7/trunk/addons/database/database.php?rev=2897709#L255" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2901676/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2901676/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Etan Imanol Castro Aldrete" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/1xxx/CVE-2023-1807.json b/2023/1xxx/CVE-2023-1807.json index bd51c4fdff7..3c7c554bb91 100644 --- a/2023/1xxx/CVE-2023-1807.json +++ b/2023/1xxx/CVE-2023-1807.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1807", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Elementor Addons, Widgets and Enhancements \u2013 Stax plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.3. This is due to missing or incorrect nonce validation on the toggle_widget function. This makes it possible for unauthenticated attackers to enable or disable Elementor widgets via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "staxwp", + "product": { + "product_data": [ + { + "product_name": "Elementor Addons, Widgets and Enhancements \u2013 Stax", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.4.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c12094bd-aa23-4f9b-92e1-d1d4284fb2a0?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c12094bd-aa23-4f9b-92e1-d1d4284fb2a0?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/stax-addons-for-elementor/trunk/core/admin/pages/Widgets.php#L31", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/stax-addons-for-elementor/trunk/core/admin/pages/Widgets.php#L31" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1843.json b/2023/1xxx/CVE-2023-1843.json index 3068413f895..4e1b2ce284b 100644 --- a/2023/1xxx/CVE-2023-1843.json +++ b/2023/1xxx/CVE-2023-1843.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1843", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a missing capability check on the permalink_setup function in versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackers to change the permalink structure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xpeedstudio", + "product": { + "product_data": [ + { + "product_name": "Metform Elementor Contact Form Builder \u2013 Flexible and Design-Friendly Contact Form builder plugin for WordPress", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5db00eb6-3e05-42fa-bb84-2df4bcae3955?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5db00eb6-3e05-42fa-bb84-2df4bcae3955?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/metform/trunk/plugin.php#L544", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/metform/trunk/plugin.php#L544" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2907471/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2907471/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1888.json b/2023/1xxx/CVE-2023-1888.json index d1f140c7371..489dad26398 100644 --- a/2023/1xxx/CVE-2023-1888.json +++ b/2023/1xxx/CVE-2023-1888.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1888", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset the password of an arbitrary user and gain elevated (e.g., administrator) privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpwax", + "product": { + "product_data": [ + { + "product_name": "Directorist \u2013 WordPress Business Directory Plugin with Classified Ads Listings", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "7.5.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/01943559-e05b-4dca-b322-d880b2729ee7?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/01943559-e05b-4dca-b322-d880b2729ee7?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2920100/directorist", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2920100/directorist" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/1xxx/CVE-2023-1889.json b/2023/1xxx/CVE-2023-1889.json index 21bd556bc0d..c11051ac200 100644 --- a/2023/1xxx/CVE-2023-1889.json +++ b/2023/1xxx/CVE-2023-1889.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1889", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in versions up to, and including, 7.5.4. This is due to improper validation and authorization checks within the listing_task function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpwax", + "product": { + "product_data": [ + { + "product_name": "Directorist \u2013 WordPress Business Directory Plugin with Classified Ads Listings", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "7.5.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b47edd57-cac7-463f-88cc-8922f1b34612?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b47edd57-cac7-463f-88cc-8922f1b34612?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2920100/directorist", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2920100/directorist" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1895.json b/2023/1xxx/CVE-2023-1895.json index 874fe75ba78..d2e74cc3468 100644 --- a/2023/1xxx/CVE-2023-1895.json +++ b/2023/1xxx/CVE-2023-1895.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1895", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API endpoint in versions up to, and including, 1.8.3. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-918 Server-Side Request Forgery (SSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "jetmonsters", + "product": { + "product_data": [ + { + "product_name": "Getwid \u2013 Gutenberg Blocks", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.8.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e9c2a942-c14c-4b59-92a7-6946b2e4731b?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e9c2a942-c14c-4b59-92a7-6946b2e4731b?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/getwid/tags/1.8.3/includes/rest-api.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/getwid/tags/1.8.3/includes/rest-api.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", + "baseScore": 8.5, + "baseSeverity": "HIGH" } ] } diff --git a/2023/1xxx/CVE-2023-1910.json b/2023/1xxx/CVE-2023-1910.json index 20ee07bcbd5..41fb43389da 100644 --- a/2023/1xxx/CVE-2023-1910.json +++ b/2023/1xxx/CVE-2023-1910.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1910", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Getwid \u2013 Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the get_remote_templates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level permissions or above to flush the remote template cache. Cached template information can also be accessed via this endpoint but these are not considered sensitive as they are publicly accessible from the developer's site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285 Improper Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "jetmonsters", + "product": { + "product_data": [ + { + "product_name": "Getwid \u2013 Gutenberg Blocks", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.8.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cd64ab0-007b-4778-9d92-06e530638fad?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cd64ab0-007b-4778-9d92-06e530638fad?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/getwid/tags/1.8.3/includes/rest-api.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/getwid/tags/1.8.3/includes/rest-api.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1917.json b/2023/1xxx/CVE-2023-1917.json index c01487718ec..7c185a924fa 100644 --- a/2023/1xxx/CVE-2023-1917.json +++ b/2023/1xxx/CVE-2023-1917.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1917", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The PowerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: A partial fix for the issue was introduced in version 10.0.1, and an additional patch (version 10.0.2) was released to address a workaround." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "amandato", + "product": { + "product_data": [ + { + "product_name": "PowerPress Podcasting plugin by Blubrry", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "10.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44583cb7-bc32-4e62-8431-f5f1f6baeff2?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44583cb7-bc32-4e62-8431-f5f1f6baeff2?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/powerpress/trunk/powerpress-player.php#L102", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/powerpress/trunk/powerpress-player.php#L102" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2896729/powerpress", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2896729/powerpress" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2899207/powerpress", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2899207/powerpress" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1978.json b/2023/1xxx/CVE-2023-1978.json index b6d9580880e..9a18befe62b 100644 --- a/2023/1xxx/CVE-2023-1978.json +++ b/2023/1xxx/CVE-2023-1978.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1978", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "plainware", + "product": { + "product_data": [ + { + "product_name": "ShiftController Employee Shift Scheduling", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.9.25" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5c61212-e68e-4198-b078-18121576b767?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b5c61212-e68e-4198-b078-18121576b767?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2898274/shiftcontroller", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2898274/shiftcontroller" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/27xxx/CVE-2023-27986.json b/2023/27xxx/CVE-2023-27986.json index 58e41eff915..3d0fe31d615 100644 --- a/2023/27xxx/CVE-2023-27986.json +++ b/2023/27xxx/CVE-2023-27986.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters." + "value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90." } ] }, @@ -66,6 +66,11 @@ "refsource": "MLIST", "name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop", "url": "http://www.openwall.com/lists/oss-security/2023/03/09/1" + }, + { + "refsource": "MISC", + "name": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/", + "url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/" } ] } diff --git a/2023/2xxx/CVE-2023-2031.json b/2023/2xxx/CVE-2023-2031.json index 8ea291685f6..69819d98f06 100644 --- a/2023/2xxx/CVE-2023-2031.json +++ b/2023/2xxx/CVE-2023-2031.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2031", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Locatoraid Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 3.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "plainware", + "product": { + "product_data": [ + { + "product_name": "Locatoraid Store Locator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.9.14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dba0a90b-f13c-4914-b6b7-278227ffc122?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dba0a90b-f13c-4914-b6b7-278227ffc122?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/locatoraid/trunk/modules/front/view_shortcode.php#L4", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/locatoraid/trunk/modules/front/view_shortcode.php#L4" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2900106/locatoraid", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2900106/locatoraid" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2066.json b/2023/2xxx/CVE-2023-2066.json index 1bcbdb3ad97..aecaa140c32 100644 --- a/2023/2xxx/CVE-2023-2066.json +++ b/2023/2xxx/CVE-2023-2066.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2066", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Announcement & Notification Banner \u2013 Bulletin plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'bulletinwp_update_bulletin_status', 'bulletinwp_update_bulletin', 'bulletinwp_update_settings', 'bulletinwp_update_status', 'bulletinwp_export_bulletins', and 'bulletinwp_import_bulletins' functions functions in versions up to, and including, 3.6.0. This makes it possible for authenticated attackers with subscriber-level access, and above, to modify the plugin's settings, modify bulletins, create new bulletins, and more." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mikewire_rocksolid", + "product": { + "product_data": [ + { + "product_name": "Announcement & Notification Banner \u2013 Bulletin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.6.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d242a466-0611-4e64-8145-29f64100e62b?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d242a466-0611-4e64-8145-29f64100e62b?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2906036/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2906036/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Chloe Chamberland" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2067.json b/2023/2xxx/CVE-2023-2067.json index 201599f2182..455265899d6 100644 --- a/2023/2xxx/CVE-2023-2067.json +++ b/2023/2xxx/CVE-2023-2067.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2067", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Announcement & Notification Banner \u2013 Bulletin plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce validation on the 'bulletinwp_update_bulletin_status', 'bulletinwp_update_bulletin', 'bulletinwp_update_settings', 'bulletinwp_update_status', 'bulletinwp_export_bulletins', and 'bulletinwp_import_bulletins' functions in versions up to, and including, 3.7.0. This makes it possible for unauthenticated attackers to modify the plugin's settings, modify bulletins, create new bulletins, and more, via a forged request granted they can trick a site's user into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mikewire_rocksolid", + "product": { + "product_data": [ + { + "product_name": "Announcement & Notification Banner \u2013 Bulletin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b808450f-0ebf-4c49-a9e3-f1c1f2b1f632?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b808450f-0ebf-4c49-a9e3-f1c1f2b1f632?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2910991/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2910991/bulletin-announcements/trunk/classes/class-bulletinwp-ajax.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Chloe Chamberland" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2083.json b/2023/2xxx/CVE-2023-2083.json index 81308a766f8..944166a0162 100644 --- a/2023/2xxx/CVE-2023-2083.json +++ b/2023/2xxx/CVE-2023-2083.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2083", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the save function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to save plugin settings. While a nonce check is present, it is only executed when a nonce is provided. Not providing a nonce results in the nonce verification to be skipped. There is no capability check." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevteam", + "product": { + "product_data": [ + { + "product_name": "Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8bf0933-1c97-4374-b323-c55b91fe4d27?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8bf0933-1c97-4374-b323-c55b91fe4d27?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2084.json b/2023/2xxx/CVE-2023-2084.json index dbb4e1e857a..71a6381d21c 100644 --- a/2023/2xxx/CVE-2023-2084.json +++ b/2023/2xxx/CVE-2023-2084.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2084", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the get function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin settings. While a nonce check is present, it is only executed when a nonce is provided. Not providing a nonce results in the nonce verification to be skipped. There is no capability check." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevteam", + "product": { + "product_data": [ + { + "product_name": "Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0be8c668-0f1c-4f83-8a71-49c8bb9b67ae?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0be8c668-0f1c-4f83-8a71-49c8bb9b67ae?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2085.json b/2023/2xxx/CVE-2023-2085.json index b0c1c2fd8b5..117a839108f 100644 --- a/2023/2xxx/CVE-2023-2085.json +++ b/2023/2xxx/CVE-2023-2085.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2085", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templates function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While a nonce check is present, it is only executed when a nonce is provided. Not providing a nonce results in the nonce verification to be skipped. There is no capability check." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevteam", + "product": { + "product_data": [ + { + "product_name": "Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad2c1ab6-5c78-4317-b5e7-c86e2eebeb4f?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad2c1ab6-5c78-4317-b5e7-c86e2eebeb4f?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2086.json b/2023/2xxx/CVE-2023-2086.json index 523c5b7d82c..e534c59f4d9 100644 --- a/2023/2xxx/CVE-2023-2086.json +++ b/2023/2xxx/CVE-2023-2086.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2086", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the template_count function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While a nonce check is present, it is only executed when a nonce is provided. Not providing a nonce results in the nonce verification to be skipped. There is no capability check." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevteam", + "product": { + "product_data": [ + { + "product_name": "Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9efc782a-ec61-4741-81fd-a263a2739e16?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9efc782a-ec61-4741-81fd-a263a2739e16?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2087.json b/2023/2xxx/CVE-2023-2087.json index 056017b50be..50de74aeb61 100644 --- a/2023/2xxx/CVE-2023-2087.json +++ b/2023/2xxx/CVE-2023-2087.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2087", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Essential Blocks plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.6. This is due to missing or incorrect nonce validation on the save function. This makes it possible for unauthenticated attackers to change plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpdevteam", + "product": { + "product_data": [ + { + "product_name": "Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d38d41c7-8786-4145-9591-3e24eff3b79c?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d38d41c7-8786-4145-9591-3e24eff3b79c?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2159.json b/2023/2xxx/CVE-2023-2159.json index 4f5cd11d1ae..53b7e7626f9 100644 --- a/2023/2xxx/CVE-2023-2159.json +++ b/2023/2xxx/CVE-2023-2159.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2159", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The CMP \u2013 Coming Soon & Maintenance plugin for WordPress is vulnerable to Maintenance Mode Bypass in versions up to, and including, 4.1.7. A correct cmp_bypass GET parameter in the URL (equal to the md5-hashed home_url in the default setting) allows users to visit a site placed in maintenance mode thus bypassing the plugin's provided feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284 Improper Access Control" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "niteo", + "product": { + "product_data": [ + { + "product_name": "CMP \u2013 Coming Soon & Maintenance Plugin by NiteoThemes", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.1.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af955f69-b18c-446e-b05e-6a57a5f16dfa?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af955f69-b18c-446e-b05e-6a57a5f16dfa?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/cmp-coming-soon-maintenance/tags/4.1.6/niteo-cmp.php#L808", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/cmp-coming-soon-maintenance/tags/4.1.6/niteo-cmp.php#L808" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2900571/cmp-coming-soon-maintenance/tags/4.1.8/cmp-advanced.php?old=2873620&old_path=cmp-coming-soon-maintenance%2Ftags%2F4.1.7%2Fcmp-advanced.php", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2900571/cmp-coming-soon-maintenance/tags/4.1.8/cmp-advanced.php?old=2873620&old_path=cmp-coming-soon-maintenance%2Ftags%2F4.1.7%2Fcmp-advanced.php" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2184.json b/2023/2xxx/CVE-2023-2184.json index 2befc4cc5aa..95ba3a3f604 100644 --- a/2023/2xxx/CVE-2023-2184.json +++ b/2023/2xxx/CVE-2023-2184.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2184", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Responsive Tabs horizontal vertical and accordion Tabs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.1.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nik00726", + "product": { + "product_data": [ + { + "product_name": "WP Responsive Tabs horizontal vertical and accordion Tabs", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.15" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fe54c37f-1421-48aa-b502-045847d13ae3?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fe54c37f-1421-48aa-b502-045847d13ae3?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825016%40responsive-horizontal-vertical-and-accordion-tabs%2Ftags%2F1.1.15&new=2900990%40responsive-horizontal-vertical-and-accordion-tabs%2Ftags%2F1.1.16", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825016%40responsive-horizontal-vertical-and-accordion-tabs%2Ftags%2F1.1.15&new=2900990%40responsive-horizontal-vertical-and-accordion-tabs%2Ftags%2F1.1.16" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2189.json b/2023/2xxx/CVE-2023-2189.json index a387889efce..e837ef659e9 100644 --- a/2023/2xxx/CVE-2023-2189.json +++ b/2023/2xxx/CVE-2023-2189.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2189", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Elementor Addons, Widgets and Enhancements \u2013 Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the toggle_widget function in versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to enable or disable Elementor widgets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "staxwp", + "product": { + "product_data": [ + { + "product_name": "Elementor Addons, Widgets and Enhancements \u2013 Stax", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.4.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/926550bb-265d-4811-a375-10c47e9fb4d6?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/926550bb-265d-4811-a375-10c47e9fb4d6?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/stax-addons-for-elementor/trunk/core/admin/pages/Widgets.php#L31", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/stax-addons-for-elementor/trunk/core/admin/pages/Widgets.php#L31" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2237.json b/2023/2xxx/CVE-2023-2237.json index 0015c1a68b7..87845d2d1ca 100644 --- a/2023/2xxx/CVE-2023-2237.json +++ b/2023/2xxx/CVE-2023-2237.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2237", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Replicate Post plugin for WordPress is vulnerable to SQL Injection via the post_id parameter in versions up to, and including, 4.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for contributor-level attackers or higher to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "yudiz", + "product": { + "product_data": [ + { + "product_name": "WP Replicate Post", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.0.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/916e6f8b-cb29-4062-9a05-0337cfdb382a?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/916e6f8b-cb29-4062-9a05-0337cfdb382a?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wp-replicate-post/trunk/init/functions.php#L81", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wp-replicate-post/trunk/init/functions.php#L81" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910474%40wp-replicate-post%2Ftrunk&old=2896518%40wp-replicate-post%2Ftrunk&sfp_email=&sfph_mail=#file3", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910474%40wp-replicate-post%2Ftrunk&old=2896518%40wp-replicate-post%2Ftrunk&sfp_email=&sfph_mail=#file3" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/2xxx/CVE-2023-2249.json b/2023/2xxx/CVE-2023-2249.json index dd68425d378..3c20225254e 100644 --- a/2023/2xxx/CVE-2023-2249.json +++ b/2023/2xxx/CVE-2023-2249.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2249", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of file_get_contents without appropriate verification of the data being supplied to the function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to retrieve the contents of files like wp-config.php hosted on the system, perform a deserialization attack and possibly achieve remote code execution, and make requests to internal services." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "tomdever", + "product": { + "product_data": [ + { + "product_name": "wpForo Forum", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "2.1.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.7/classes/Actions.php#L444", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.7/classes/Actions.php#L444" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.8/classes/Actions.php#L437", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wpforo/tags/2.1.8/classes/Actions.php#L437" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Hamed" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] } diff --git a/2023/2xxx/CVE-2023-2275.json b/2023/2xxx/CVE-2023-2275.json index 46b6212d90d..bcda4bd4c05 100644 --- a/2023/2xxx/CVE-2023-2275.json +++ b/2023/2xxx/CVE-2023-2275.json @@ -1,17 +1,99 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2275", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WooCommerce Multivendor Marketplace \u2013 REST API plugin for WordPress is vulnerable to unauthorized access of data and addition of data due to a missing capability check on the 'get_item', 'get_order_notes' and 'add_order_note' functions in versions up to, and including, 1.5.3. This makes it possible for authenticated attackers with subscriber privileges or above, to view the order details and order notes, and add order notes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wclovers", + "product": { + "product_data": [ + { + "product_name": "WooCommerce Multivendor Marketplace \u2013 REST API", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.5.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0520601-7e5c-412d-a8da-df1bf8ce28df?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0520601-7e5c-412d-a8da-df1bf8ce28df?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wcfm-marketplace-rest-api/tags/1.5.3/includes/api/class-api-order-controller.php#L151", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wcfm-marketplace-rest-api/tags/1.5.3/includes/api/class-api-order-controller.php#L151" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wcfm-marketplace-rest-api/tags/1.5.3/includes/api/class-api-order-controller.php#L167", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wcfm-marketplace-rest-api/tags/1.5.3/includes/api/class-api-order-controller.php#L167" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wcfm-marketplace-rest-api/tags/1.5.3/includes/api/class-api-order-controller.php#L175", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wcfm-marketplace-rest-api/tags/1.5.3/includes/api/class-api-order-controller.php#L175" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2904331/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2904331/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2280.json b/2023/2xxx/CVE-2023-2280.json index 5fe705b2886..dff83f7c7d1 100644 --- a/2023/2xxx/CVE-2023-2280.json +++ b/2023/2xxx/CVE-2023-2280.json @@ -1,17 +1,93 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2280", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'ajax_public' function in versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to delete or change plugin settings, import demo data, delete Directory Kit related posts and terms, and install arbitrary plugins. A partial patch was introduced in version 1.2.0 and an additional partial patch was introduced in version 1.2.2, but the issue was not fully patched until 1.2.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "listingthemes", + "product": { + "product_data": [ + { + "product_name": "WP Directory Kit", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abb1a758-5c16-4841-b1c7-0705ab16b328?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abb1a758-5c16-4841-b1c7-0705ab16b328?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wpdirectorykit/tags/1.1.8/public/class-wpdirectorykit-public.php#L249", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/wpdirectorykit/tags/1.1.8/public/class-wpdirectorykit-public.php#L249" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2907164/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2907164/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ramuel Gall" + }, + { + "lang": "en", + "value": "Lana Codes" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2289.json b/2023/2xxx/CVE-2023-2289.json index d692e60ff86..90ac182cab9 100644 --- a/2023/2xxx/CVE-2023-2289.json +++ b/2023/2xxx/CVE-2023-2289.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2289", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The wordpress vertical image slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018search_term\u2019 parameter in versions up to, and including, 1.2.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nik00726", + "product": { + "product_data": [ + { + "product_name": "wordpress vertical image slider plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.2.16" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9983364-9b52-4acc-91d4-b352c6d24d52?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9983364-9b52-4acc-91d4-b352c6d24d52?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824902%40wp-vertical-image-slider%2Ftags%2F1.2.16&new=2902084%40wp-vertical-image-slider%2Ftags%2F1.2.17", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2824902%40wp-vertical-image-slider%2Ftags%2F1.2.16&new=2902084%40wp-vertical-image-slider%2Ftags%2F1.2.17" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2305.json b/2023/2xxx/CVE-2023-2305.json index 498a20ff33e..83a714ef029 100644 --- a/2023/2xxx/CVE-2023-2305.json +++ b/2023/2xxx/CVE-2023-2305.json @@ -1,17 +1,99 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2305", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdm_members', 'wpdm_login_form', 'wpdm_reg_form' shortcodes in versions up to, and including, 3.2.70 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "codename065", + "product": { + "product_data": [ + { + "product_name": "Download Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.2.70" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a66bc196-e5f8-46b4-a81c-c888eb64021c?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a66bc196-e5f8-46b4-a81c-c888eb64021c?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.70/src/User/views/members.php#L10", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.70/src/User/views/members.php#L10" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.70/src/User/views/login-form.php#L10", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.70/src/User/views/login-form.php#L10" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.70/src/User/views/reg-form.php#L11", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/download-manager/tags/3.2.70/src/User/views/reg-form.php#L11" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2906403%40download-manager&new=2906403%40download-manager&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2906403%40download-manager&new=2906403%40download-manager&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2402.json b/2023/2xxx/CVE-2023-2402.json index 115938b6093..80f776a3ed9 100644 --- a/2023/2xxx/CVE-2023-2402.json +++ b/2023/2xxx/CVE-2023-2402.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2402", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nik00726", + "product": { + "product_data": [ + { + "product_name": "Photo Gallery Slideshow & Masonry Tiled Gallery", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.0.13" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51a1c2de-56be-4487-874a-a916e8a6992a?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51a1c2de-56be-4487-874a-a916e8a6992a?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2808029%40wp-responsive-photo-gallery%2Ftags%2F1.0.13&new=2905480%40wp-responsive-photo-gallery%2Ftags%2F1.0.14", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2808029%40wp-responsive-photo-gallery%2Ftags%2F1.0.13&new=2905480%40wp-responsive-photo-gallery%2Ftags%2F1.0.14" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2414.json b/2023/2xxx/CVE-2023-2414.json index 75e9e10fd3c..fccb2251d19 100644 --- a/2023/2xxx/CVE-2023-2414.json +++ b/2023/2xxx/CVE-2023-2414.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2414", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_save_settings_callback function in versions up to, and including, 4.2.10. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to modify the plugins settings, upload media files, and inject malicious JavaScript." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vcita", + "product": { + "product_data": [ + { + "product_name": "Online Booking & Scheduling Calendar for WordPress by vcita", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.2.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3c99aab5-a995-44ae-bc14-09f73e6b22c5?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3c99aab5-a995-44ae-bc14-09f73e6b22c5?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/meeting-scheduler-by-vcita/trunk/vcita-ajax-function.php#L88", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/meeting-scheduler-by-vcita/trunk/vcita-ajax-function.php#L88" + }, + { + "url": "https://blog.jonh.eu/blog/security-vulnerabilities-in-wordpress-plugins-by-vcita", + "refsource": "MISC", + "name": "https://blog.jonh.eu/blog/security-vulnerabilities-in-wordpress-plugins-by-vcita" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Jonas H\u00f6benreich" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2450.json b/2023/2xxx/CVE-2023-2450.json index 93e95385ddd..e15fba482db 100644 --- a/2023/2xxx/CVE-2023-2450.json +++ b/2023/2xxx/CVE-2023-2450.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2450", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The FiboSearch - AJAX Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.23.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "damian-gora", + "product": { + "product_data": [ + { + "product_name": "FiboSearch \u2013 Ajax Search for WooCommerce", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.23.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/880573d8-6dad-4a1b-a5db-33e1dc243062?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/880573d8-6dad-4a1b-a5db-33e1dc243062?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.23.0/includes/Helpers.php#L1229", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.23.0/includes/Helpers.php#L1229" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fajax-search-for-woocommerce%2Ftags%2F1.23.0&old=2917453&new_path=%2Fajax-search-for-woocommerce%2Ftags%2F1.24.0&new=2917453&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fajax-search-for-woocommerce%2Ftags%2F1.23.0&old=2917453&new_path=%2Fajax-search-for-woocommerce%2Ftags%2F1.24.0&new=2917453&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ivan Kuzymchak" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2452.json b/2023/2xxx/CVE-2023-2452.json index 8111f709765..c8ce948bdd8 100644 --- a/2023/2xxx/CVE-2023-2452.json +++ b/2023/2xxx/CVE-2023-2452.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2452", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mihail-barinov", + "product": { + "product_data": [ + { + "product_name": "Advanced Woo Search", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "2.77" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4278e9d7-aa1e-47a5-b715-09dae5156303?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4278e9d7-aa1e-47a5-b715-09dae5156303?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-woo-search/tags/2.77/includes/admin/class-aws-admin-options.php#L473", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/advanced-woo-search/tags/2.77/includes/admin/class-aws-admin-options.php#L473" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/advanced-woo-search/tags/2.77/includes/admin/class-aws-admin-options.php#L481", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/advanced-woo-search/tags/2.77/includes/admin/class-aws-admin-options.php#L481" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Ivan Kuzymchak" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2484.json b/2023/2xxx/CVE-2023-2484.json index 27af2b30c4d..59face4e79c 100644 --- a/2023/2xxx/CVE-2023-2484.json +++ b/2023/2xxx/CVE-2023-2484.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2484", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Active Directory Integration plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 4.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "cyberlord92", + "product": { + "product_data": [ + { + "product_name": "Active Directory Integration / LDAP Integration", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3eedc57b-79cc-4569-b6d6-676a22aa1e06?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3eedc57b-79cc-4569-b6d6-676a22aa1e06?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] } diff --git a/2023/2xxx/CVE-2023-2526.json b/2023/2xxx/CVE-2023-2526.json index 1b38c120ae3..86b916c70b9 100644 --- a/2023/2xxx/CVE-2023-2526.json +++ b/2023/2xxx/CVE-2023-2526.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.11.7. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to executes AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "supsysticcom", + "product": { + "product_data": [ + { + "product_name": "Easy Google Maps", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.11.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ea4ca00-185b-4f5d-9c5c-f81ba4edad05?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ea4ca00-185b-4f5d-9c5c-f81ba4edad05?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/google-maps-easy/trunk/classes/frame.php?rev=2777743#L246", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/google-maps-easy/trunk/classes/frame.php?rev=2777743#L246" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2916430/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2916430/" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2916430/google-maps-easy/trunk/classes/frame.php?contextall=1", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2916430/google-maps-easy/trunk/classes/frame.php?contextall=1" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2555.json b/2023/2xxx/CVE-2023-2555.json index 57e0651c19e..1ed9ed702fc 100644 --- a/2023/2xxx/CVE-2023-2555.json +++ b/2023/2xxx/CVE-2023-2555.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2555", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WPCS \u2013 WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create function in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create a custom drop-down currency switcher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "realmag777", + "product": { + "product_data": [ + { + "product_name": "WPCS \u2013 WordPress Currency Switcher Professional", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd6b5d6d-5f5b-4b38-a25a-02cc1c041d37?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd6b5d6d-5f5b-4b38-a25a-02cc1c041d37?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2556.json b/2023/2xxx/CVE-2023-2556.json index 0d7bfb6e2a0..027b51c0f9a 100644 --- a/2023/2xxx/CVE-2023-2556.json +++ b/2023/2xxx/CVE-2023-2556.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2556", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WPCS \u2013 WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the anonymous function for the wpcs_sd_delete action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete an arbitrary custom drop-down currency switcher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "realmag777", + "product": { + "product_data": [ + { + "product_name": "WPCS \u2013 WordPress Currency Switcher Professional", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc44c95e-9ca0-46d0-8315-72612ef3f855?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc44c95e-9ca0-46d0-8315-72612ef3f855?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2557.json b/2023/2xxx/CVE-2023-2557.json index 1faacf74166..22c80604fb4 100644 --- a/2023/2xxx/CVE-2023-2557.json +++ b/2023/2xxx/CVE-2023-2557.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2557", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WPCS \u2013 WordPress Currency Switcher Professional plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save function in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to edit an arbitrary custom drop-down currency switcher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "realmag777", + "product": { + "product_data": [ + { + "product_name": "WPCS \u2013 WordPress Currency Switcher Professional", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4c79242-5c89-40c0-abcc-c112f7a64a74?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4c79242-5c89-40c0-abcc-c112f7a64a74?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2558.json b/2023/2xxx/CVE-2023-2558.json index 615bdd55a50..bc933051c43 100644 --- a/2023/2xxx/CVE-2023-2558.json +++ b/2023/2xxx/CVE-2023-2558.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2558", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WPCS \u2013 WordPress Currency Switcher Professional plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcs_current_currency shortcode in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "realmag777", + "product": { + "product_data": [ + { + "product_name": "WPCS \u2013 WordPress Currency Switcher Professional", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.1.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be054481-89b4-47d8-ad06-8622edea367f?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be054481-89b4-47d8-ad06-8622edea367f?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2584.json b/2023/2xxx/CVE-2023-2584.json index a012a8c1f3a..457f962be1b 100644 --- a/2023/2xxx/CVE-2023-2584.json +++ b/2023/2xxx/CVE-2023-2584.json @@ -1,17 +1,101 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2584", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.3.6 (9.6.1 in the Pro version) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "pixelyoursite", + "product": { + "product_data": [ + { + "product_name": "PixelYourSite Pro \u2013 Your smart PIXEL (TAG) Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "9.6.1" + } + ] + } + }, + { + "product_name": "PixelYourSite \u2013 Your smart PIXEL (TAG) Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "9.3.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ebf1e83-50b8-4f56-ba76-10100375edda?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ebf1e83-50b8-4f56-ba76-10100375edda?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/pixelyoursite/trunk/modules/head_footer/head_footer.php?rev=2773949#L73", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/pixelyoursite/trunk/modules/head_footer/head_footer.php?rev=2773949#L73" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2912301%40pixelyoursite%2Ftrunk&old=2897911%40pixelyoursite%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2912301%40pixelyoursite%2Ftrunk&old=2897911%40pixelyoursite%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2599.json b/2023/2xxx/CVE-2023-2599.json index 1d161360107..5195c963b71 100644 --- a/2023/2xxx/CVE-2023-2599.json +++ b/2023/2xxx/CVE-2023-2599.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2599", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Active Directory Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 4.1.4 due to missing nonce verification on the get_users function and insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to cause resource exhaustion via a forged request granted they can trick an administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "cyberlord92", + "product": { + "product_data": [ + { + "product_name": "Active Directory Integration / LDAP Integration", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74089b16-76fa-4654-9007-3f0c2e894894?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74089b16-76fa-4654-9007-3f0c2e894894?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", + "baseScore": 3.1, + "baseSeverity": "LOW" } ] } diff --git a/2023/2xxx/CVE-2023-2604.json b/2023/2xxx/CVE-2023-2604.json index f4bd01d62ae..a09669e4361 100644 --- a/2023/2xxx/CVE-2023-2604.json +++ b/2023/2xxx/CVE-2023-2604.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2604", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018search_term\u2019 parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nik00726", + "product": { + "product_data": [ + { + "product_name": "Team Circle Image Slider With Lightbox", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.0.17" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2627ac2b-25a8-480d-ac83-ee0ca323b3a1?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2627ac2b-25a8-480d-ac83-ee0ca323b3a1?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fcircle-image-slider-with-lightbox%2Ftags%2F1.0.17&old=2910236&new_path=%2Fcircle-image-slider-with-lightbox%2Ftags%2F1.0.18&new=2910236&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fcircle-image-slider-with-lightbox%2Ftags%2F1.0.17&old=2910236&new_path=%2Fcircle-image-slider-with-lightbox%2Ftags%2F1.0.18&new=2910236&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2607.json b/2023/2xxx/CVE-2023-2607.json index 404f78aaf0d..4afd2a1f1e9 100644 --- a/2023/2xxx/CVE-2023-2607.json +++ b/2023/2xxx/CVE-2023-2607.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2607", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via the orderby and order parameters in versions up to, and including, 3.3.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "themeisle", + "product": { + "product_data": [ + { + "product_name": "Multiple Page Generator Plugin \u2013 MPG", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.3.17" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1575f0ad-0a77-4047-844c-48db4c8b4e91?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1575f0ad-0a77-4047-844c-48db4c8b4e91?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/multiple-pages-generator-by-porthas/trunk/controllers/ProjectsListManage.php#L40", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/multiple-pages-generator-by-porthas/trunk/controllers/ProjectsListManage.php#L40" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910686%40multiple-pages-generator-by-porthas%2Ftrunk&old=2905353%40multiple-pages-generator-by-porthas%2Ftrunk&sfp_email=&sfph_mail=", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910686%40multiple-pages-generator-by-porthas%2Ftrunk&old=2905353%40multiple-pages-generator-by-porthas%2Ftrunk&sfp_email=&sfph_mail=" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.2, + "baseSeverity": "HIGH" } ] } diff --git a/2023/2xxx/CVE-2023-2688.json b/2023/2xxx/CVE-2023-2688.json index 6c99b4ef0c7..980de0f5ef9 100644 --- a/2023/2xxx/CVE-2023-2688.json +++ b/2023/2xxx/CVE-2023-2688.json @@ -1,17 +1,103 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2688", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Path Traversal in versions up to, and including, 4.19.1 via the vulnerable parameter wfu_newpath. This allows administrator-level attackers to move files uploaded with the plugin (located in wp-content/uploads by default) outside of the web root." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nickboss", + "product": { + "product_data": [ + { + "product_name": "WordPress File Upload", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.19.1" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WordPress File Upload Pro", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.19.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abd6eeac-0a7e-4762-809f-593cd85f303d?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abd6eeac-0a7e-4762-809f-593cd85f303d?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2764.json b/2023/2xxx/CVE-2023-2764.json index 632ab091886..7327edbf3b5 100644 --- a/2023/2xxx/CVE-2023-2764.json +++ b/2023/2xxx/CVE-2023-2764.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2764", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Draw Attention plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_set_featured_image function in versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change the featured image of arbitrary posts with an image that exists in the media library." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "croixhaug", + "product": { + "product_data": [ + { + "product_name": "Interactive Image Map Plugin \u2013 Draw Attention", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "2.0.11" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18530601-a294-448c-a1b2-c3995f9042ac?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18530601-a294-448c-a1b2-c3995f9042ac?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/draw-attention/trunk/public/includes/lib/drag-drop-featured-image/index.php#L500", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/draw-attention/trunk/public/includes/lib/drag-drop-featured-image/index.php#L500" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2917528/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2917528/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2767.json b/2023/2xxx/CVE-2023-2767.json index fe9746fbd3e..f9e934de811 100644 --- a/2023/2xxx/CVE-2023-2767.json +++ b/2023/2xxx/CVE-2023-2767.json @@ -1,17 +1,103 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2767", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.19.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "nickboss", + "product": { + "product_data": [ + { + "product_name": "WordPress File Upload", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.19.1" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WordPress File Upload Pro", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.19.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23334d94-e5b8-4c88-8765-02ad19e17248?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23334d94-e5b8-4c88-8765-02ad19e17248?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Marco Wotschka" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/2xxx/CVE-2023-2891.json b/2023/2xxx/CVE-2023-2891.json index 9dcba1c1d3c..2ef78dfb564 100644 --- a/2023/2xxx/CVE-2023-2891.json +++ b/2023/2xxx/CVE-2023-2891.json @@ -1,17 +1,84 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2891", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_delete_product function. This makes it possible for unauthenticated attackers to delete products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "levelfourstorefront", + "product": { + "product_data": [ + { + "product_name": "Shopping Cart & eCommerce Store", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "5.4.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bcca7ade-8b35-4ba1-a8b4-b1e815b025e3?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bcca7ade-8b35-4ba1-a8b4-b1e815b025e3?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2917958/wp-easycart", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/2917958/wp-easycart" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Alex Thomas" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/3xxx/CVE-2023-3176.json b/2023/3xxx/CVE-2023-3176.json new file mode 100644 index 00000000000..fa0e37d132d --- /dev/null +++ b/2023/3xxx/CVE-2023-3176.json @@ -0,0 +1,106 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2023-3176", + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file admin\\user\\manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-231150 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in SourceCodester Lost and Found Information System 1.0 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei admin\\user\\manage_user.php. Durch das Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Lost and Found Information System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.231150", + "refsource": "MISC", + "name": "https://vuldb.com/?id.231150" + }, + { + "url": "https://vuldb.com/?ctiid.231150", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.231150" + }, + { + "url": "https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-adminusermanage_userphp", + "refsource": "MISC", + "name": "https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-adminusermanage_userphp" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "hu faxiang (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseSeverity": "MEDIUM" + } + ] + } +} \ No newline at end of file diff --git a/2023/3xxx/CVE-2023-3177.json b/2023/3xxx/CVE-2023-3177.json new file mode 100644 index 00000000000..781ca3e1971 --- /dev/null +++ b/2023/3xxx/CVE-2023-3177.json @@ -0,0 +1,106 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2023-3177", + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin\\inquiries\\view_inquiry.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231151." + }, + { + "lang": "deu", + "value": "In SourceCodester Lost and Found Information System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei admin\\inquiries\\view_inquiry.php. Durch Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Lost and Found Information System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.231151", + "refsource": "MISC", + "name": "https://vuldb.com/?id.231151" + }, + { + "url": "https://vuldb.com/?ctiid.231151", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.231151" + }, + { + "url": "https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-admininquiriesview_inquiryphp", + "refsource": "MISC", + "name": "https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-admininquiriesview_inquiryphp" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "hu faxiang (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseSeverity": "MEDIUM" + } + ] + } +} \ No newline at end of file