admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-06-27 14:00:45 +00:00
parent 98d46bbbe3
commit 7c295a312a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
30 changed files with 2466 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2021/30xxx/CVE-2021-30203.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30203",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-30203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A reflected cross-site scripting (XSS) vulnerability in the zero parameter of dzzoffice 2.02.1_SC_UTF8 allows attackers to execute arbitrary web scripts or HTML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zyx0814/dzzoffice/issues/183",
"refsource": "MISC",
"name": "https://github.com/zyx0814/dzzoffice/issues/183"
}
]
}

56
2021/30xxx/CVE-2021-30205.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-30205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02.1_SC_UTF8 allows unauthenticated attackers to browse departments and usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/zyx0814/dzzoffice/issues/184",
"refsource": "MISC",
"name": "https://github.com/zyx0814/dzzoffice/issues/184"
}
]
}

167
2021/45xxx/CVE-2021-45046.json
View File

@ -1,14 +1,38 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-45046",
"STATE": "PUBLIC",
"TITLE": "Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')",
"cweId": "CWE-917"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
@ -24,129 +48,97 @@
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate (CVSS: 3.7 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"refsource": "CONFIRM",
"name": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html",
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032",
"refsource": "MISC",
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228",
"refsource": "MISC",
"name": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"refsource": "CONFIRM",
"url": "https://logging.apache.org/log4j/2.x/security.html",
"refsource": "MISC",
"name": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"refsource": "CERT-VN",
"name": "VU#930724",
"url": "https://www.kb.cert.org/vuls/id/930724"
"url": "https://www.kb.cert.org/vuls/id/930724",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/930724"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html",
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"refsource": "CISCO",
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd",
"refsource": "MISC",
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"refsource": "DEBIAN",
"name": "DSA-5022",
"url": "https://www.debian.org/security/2021/dsa-5022"
"url": "https://www.debian.org/security/2021/dsa-5022",
"refsource": "MISC",
"name": "https://www.debian.org/security/2021/dsa-5022"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20211218 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"url": "http://www.openwall.com/lists/oss-security/2021/12/18/1"
"url": "http://www.openwall.com/lists/oss-security/2021/12/18/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/12/18/1"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-5c9d12a93e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKPQGV24RRBBI4TBZUDQMM4MEH7MXCY/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-abbe24e41c",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/"
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SIG7FZULMNK2XF6FZRU4VWYDQXNMUGAJ/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html",
@ -165,6 +157,9 @@
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"source": {
"discovery": "UNKNOWN"
}

81
2022/4xxx/CVE-2022-4115.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Editorial Calendar WordPress plugin through 3.7.12 does not sanitise and escape its settings, allowing users with roles as low as contributor to inject arbitrary web scripts in the plugin admin panel, enabling a Stored Cross-Site Scripting vulnerability targeting higher privileged users."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Editorial Calendar",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "3.7.12"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/2b5071e1-9532-4a6c-9da4-d07932474ca4",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/2b5071e1-9532-4a6c-9da4-d07932474ca4"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "iohex"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/0xxx/CVE-2023-0588.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0588",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Catalyst Connect Zoho CRM Client Portal WordPress plugin before 2.1.0 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Catalyst Connect Zoho CRM Client Portal",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/84be272e-0891-461c-91ad-496b64f92f8f",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/84be272e-0891-461c-91ad-496b64f92f8f"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Shreya Pohekar"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/0xxx/CVE-2023-0873.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0873",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Kanban Boards for WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.5.21"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/8816d4c1-9e8e-4b6f-a36a-10a98a7ccfcd",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/8816d4c1-9e8e-4b6f-a36a-10a98a7ccfcd"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Shreya Pohekar"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/1xxx/CVE-2023-1166.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-1166",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The USM-Premium WordPress plugin before 16.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup)."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Ultimate-Premium-Plugin",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "16.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/825eccf9-f351-4a5b-b238-9969141b94fa",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/825eccf9-f351-4a5b-b238-9969141b94fa"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Mohamed Selim"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/1xxx/CVE-2023-1891.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-1891",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Accordion & FAQ WordPress plugin before 1.9.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Accordion & FAQ",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.9.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/4e5d993f-cc20-4b5f-b4c8-c13004151828",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/4e5d993f-cc20-4b5f-b4c8-c13004151828"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Erwan LR (WPScan)"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2032.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2032",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Custom 404 Pro",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.8.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/17acde5d-44ea-4e77-8670-260d22e28ffe",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/17acde5d-44ea-4e77-8670-260d22e28ffe"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Alex Sanford"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2023/2xxx/CVE-2023-2068.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2068",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "file-manager-advanced-shortcode",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "2.3.2"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/58f72953-56d2-4d86-a49b-311b5fc58056",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/58f72953-56d2-4d86-a49b-311b5fc58056"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Mateus Machado Tesser"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2178.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2178",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Aajoda Testimonials WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Aajoda Testimonials",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.2.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/e84b71f9-4208-4efb-90e8-1c778e7d2ebb",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/e84b71f9-4208-4efb-90e8-1c778e7d2ebb"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Juampa Rodr\u00edguez"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

93
2023/2xxx/CVE-2023-2326.json
View File

@ -1,18 +1,101 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2326",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Gravity Forms Google Sheet Connector",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.3.5"
}
]
}
},
{
"product_name": "gsheetconnector-gravityforms-pro",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.3.5"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/f922695a-b803-4edf-aadc-80c79d99bebb",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/f922695a-b803-4edf-aadc-80c79d99bebb"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Erwan LR (WPScan)"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

81
2023/2xxx/CVE-2023-2482.json
View File

@ -1,18 +1,89 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2482",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Responsive CSS EDITOR",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "1.0"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/c0f73781-be7e-482e-91de-ad7991ad4bd5",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/c0f73781-be7e-482e-91de-ad7991ad4bd5"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Chien Vuong"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2580.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2580",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup)."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.6.83"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/7ee1efb1-9969-40b2-8ab2-ea427091bbd8",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/7ee1efb1-9969-40b2-8ab2-ea427091bbd8"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Felipe Restrepo Rodriguez"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2592.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2592",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "FormCraft",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.8.2",
"version_value": "3.9.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/d4298960-eaba-4185-a730-3e621d9680e1",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/d4298960-eaba-4185-a730-3e621d9680e1"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Chien Vuong"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

80
2023/2xxx/CVE-2023-2601.json
View File

@ -1,18 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2601",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The wpbrutalai WordPress plugin before 2.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin via CSRF."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "wpbrutalai",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Taurus Omar"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2605.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2605",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The wpbrutalai WordPress plugin before 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "wpbrutalai",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.0.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/372cb940-71ba-4d19-b35a-ab15f8c2fdeb",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/372cb940-71ba-4d19-b35a-ab15f8c2fdeb"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Taurus Omar"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2623.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege users such as subscriber to retrieve sensitive information such as the user email and hashed password of other users"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "KiviCare",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/85cc39b1-416f-4d23-84c1-fdcbffb0dda0",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/85cc39b1-416f-4d23-84c1-fdcbffb0dda0"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Erwan LR (WPScan)"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2624.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2624",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrator"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "KiviCare",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/dc3a841d-a95b-462e-be4b-acaa44e77264",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/dc3a841d-a95b-462e-be4b-acaa44e77264"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Arvandy"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

80
2023/2xxx/CVE-2023-2627.json
View File

@ -1,18 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KiviCare WordPress plugin before 3.2.1 does not have proper CSRF and authorisation checks in various AJAX actions, allowing any authenticated users, such as subscriber to call them. Attacks include but are not limited to: Add arbitrary Clinic Admin/Doctors/etc and update plugin's settings"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "KiviCare",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/162d0029-2adc-4925-9985-1d5d672dbe75",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/162d0029-2adc-4925-9985-1d5d672dbe75"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Erwan LR (WPScan)"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2628.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2628",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The KiviCare WordPress plugin before 3.2.1 does not have CSRF checks (either flawed or missing completely) in various AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. This includes, but is not limited to: Delete arbitrary appointments/medical records/etc, create/update various users (patients, doctors etc)"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "KiviCare",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "3.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/e0741e2c-c529-4815-8744-16e01cdb0aed",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/e0741e2c-c529-4815-8744-16e01cdb0aed"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Erwan LR (WPScan)"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2711.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2711",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Ultimate Product Catalog WordPress plugin before 5.2.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Ultimate Product Catalog",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "5.2.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/71c5b5b5-8694-4738-8e4b-8670a8d21c86",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/71c5b5b5-8694-4738-8e4b-8670a8d21c86"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Ilyase Dehy and Aymane Mazguiti"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2743.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2743",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employee_name parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.12.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/517c6aa4-a56d-4f13-b370-7c864dd9c7db",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/517c6aa4-a56d-4f13-b370-7c864dd9c7db"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Alex Sanford"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2744.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2744",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "1.12.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/435da8a1-9955-46d7-a508-b5738259e731",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/435da8a1-9955-46d7-a508-b5738259e731"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Arvandy"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2795.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2795",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The CodeColorer WordPress plugin before 0.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-Site Scripting (XSS)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "CodeColorer",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "0.10.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/2d6ecd21-3dd4-423d-80e7-277c45080a9f",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/2d6ecd21-3dd4-423d-80e7-277c45080a9f"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Ilyase Dehy and Aymane Mazguiti"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2842.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2842",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "WP Inventory Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.0.14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "NGO VAN TU"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

72
2023/2xxx/CVE-2023-2877.json
View File

@ -1,18 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2877",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the WordPress.org plugin repository onto the site, leading to Remote Code Execution."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Formidable Forms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "6.3.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/33765da5-c56e-42c1-83dd-fcaad976b402",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/33765da5-c56e-42c1-83dd-fcaad976b402"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Alex Sanford"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

582
2023/2xxx/CVE-2023-2996.json
View File

@ -1,18 +1,590 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Jetpack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.9",
"version_value": "2.0.9"
},
{
"version_affected": "<",
"version_name": "2.1",
"version_value": "2.1.7"
},
{
"version_affected": "<",
"version_name": "2.2",
"version_value": "2.2.10"
},
{
"version_affected": "<",
"version_name": "2.3",
"version_value": "2.3.10"
},
{
"version_affected": "<",
"version_name": "2.4",
"version_value": "2.4.7"
},
{
"version_affected": "<",
"version_name": "2.5",
"version_value": "2.5.5"
},
{
"version_affected": "<",
"version_name": "2.6",
"version_value": "2.6.6"
},
{
"version_affected": "<",
"version_name": "2.7",
"version_value": "2.7.5"
},
{
"version_affected": "<",
"version_name": "2.8",
"version_value": "2.8.5"
},
{
"version_affected": "<",
"version_name": "2.9",
"version_value": "2.9.6"
},
{
"version_affected": "<",
"version_name": "3.0",
"version_value": "3.0.6"
},
{
"version_affected": "<",
"version_name": "3.1",
"version_value": "3.1.5"
},
{
"version_affected": "<",
"version_name": "3.2",
"version_value": "3.2.5"
},
{
"version_affected": "<",
"version_name": "3.3",
"version_value": "3.3.6"
},
{
"version_affected": "<",
"version_name": "3.4",
"version_value": "3.4.6"
},
{
"version_affected": "<",
"version_name": "3.5",
"version_value": "3.5.6"
},
{
"version_affected": "<",
"version_name": "3.6",
"version_value": "3.6.4"
},
{
"version_affected": "<",
"version_name": "3.7",
"version_value": "3.7.5"
},
{
"version_affected": "<",
"version_name": "3.8",
"version_value": "3.8.5"
},
{
"version_affected": "<",
"version_name": "3.9",
"version_value": "3.9.9"
},
{
"version_affected": "<",
"version_name": "4.0",
"version_value": "4.0.6"
},
{
"version_affected": "<",
"version_name": "4.1",
"version_value": "4.1.3"
},
{
"version_affected": "<",
"version_name": "4.2",
"version_value": "4.2.4"
},
{
"version_affected": "<",
"version_name": "4.3",
"version_value": "4.3.4"
},
{
"version_affected": "<",
"version_name": "4.4",
"version_value": "4.4.4"
},
{
"version_affected": "<",
"version_name": "4.5",
"version_value": "4.5.2"
},
{
"version_affected": "<",
"version_name": "4.6",
"version_value": "4.6.2"
},
{
"version_affected": "<",
"version_name": "4.7",
"version_value": "4.7.3"
},
{
"version_affected": "<",
"version_name": "4.8",
"version_value": "4.8.4"
},
{
"version_affected": "<",
"version_name": "4.9",
"version_value": "4.9.2"
},
{
"version_affected": "<",
"version_name": "5.0",
"version_value": "5.0.2"
},
{
"version_affected": "<",
"version_name": "5.1",
"version_value": "5.1.3"
},
{
"version_affected": "<",
"version_name": "5.2",
"version_value": "5.2.4"
},
{
"version_affected": "<",
"version_name": "5.3",
"version_value": "5.3.3"
},
{
"version_affected": "<",
"version_name": "5.4",
"version_value": "5.4.3"
},
{
"version_affected": "<",
"version_name": "5.5",
"version_value": "5.5.4"
},
{
"version_affected": "<",
"version_name": "5.6",
"version_value": "5.6.4"
},
{
"version_affected": "<",
"version_name": "5.7",
"version_value": "5.7.4"
},
{
"version_affected": "<",
"version_name": "5.8",
"version_value": "5.8.3"
},
{
"version_affected": "<",
"version_name": "5.9",
"version_value": "5.9.3"
},
{
"version_affected": "<",
"version_name": "6.0",
"version_value": "6.0.3"
},
{
"version_affected": "<",
"version_name": "6.1",
"version_value": "6.1.4"
},
{
"version_affected": "<",
"version_name": "6.2",
"version_value": "6.2.4"
},
{
"version_affected": "<",
"version_name": "6.3",
"version_value": "6.3.6"
},
{
"version_affected": "<",
"version_name": "6.4",
"version_value": "6.4.5"
},
{
"version_affected": "<",
"version_name": "6.5",
"version_value": "6.5.3"
},
{
"version_affected": "<",
"version_name": "6.6",
"version_value": "6.6.4"
},
{
"version_affected": "<",
"version_name": "6.7",
"version_value": "6.7.3"
},
{
"version_affected": "<",
"version_name": "6.8",
"version_value": "6.8.4"
},
{
"version_affected": "<",
"version_name": "6.9",
"version_value": "6.9.3"
},
{
"version_affected": "<",
"version_name": "7.0",
"version_value": "7.0.4"
},
{
"version_affected": "<",
"version_name": "7.1",
"version_value": "7.1.4"
},
{
"version_affected": "<",
"version_name": "7.2",
"version_value": "7.2.4"
},
{
"version_affected": "<",
"version_name": "7.3",
"version_value": "7.3.4"
},
{
"version_affected": "<",
"version_name": "7.4",
"version_value": "7.4.4"
},
{
"version_affected": "<",
"version_name": "7.5",
"version_value": "7.5.6"
},
{
"version_affected": "<",
"version_name": "7.6",
"version_value": "7.6.3"
},
{
"version_affected": "<",
"version_name": "7.7",
"version_value": "7.7.5"
},
{
"version_affected": "<",
"version_name": "7.8",
"version_value": "7.8.3"
},
{
"version_affected": "<",
"version_name": "7.9",
"version_value": "7.9.3"
},
{
"version_affected": "<",
"version_name": "8.0",
"version_value": "8.0.2"
},
{
"version_affected": "<",
"version_name": "8.1",
"version_value": "8.1.3"
},
{
"version_affected": "<",
"version_name": "8.2",
"version_value": "8.2.5"
},
{
"version_affected": "<",
"version_name": "8.3",
"version_value": "8.3.2"
},
{
"version_affected": "<",
"version_name": "8.4",
"version_value": "8.4.4"
},
{
"version_affected": "<",
"version_name": "8.5",
"version_value": "8.5.2"
},
{
"version_affected": "<",
"version_name": "8.6",
"version_value": "8.6.3"
},
{
"version_affected": "<",
"version_name": "8.7",
"version_value": "8.7.3"
},
{
"version_affected": "<",
"version_name": "8.8",
"version_value": "8.8.4"
},
{
"version_affected": "<",
"version_name": "8.9",
"version_value": "8.9.3"
},
{
"version_affected": "<",
"version_name": "9.0",
"version_value": "9.0.4"
},
{
"version_affected": "<",
"version_name": "9.1",
"version_value": "9.1.2"
},
{
"version_affected": "<",
"version_name": "9.2",
"version_value": "9.2.3"
},
{
"version_affected": "<",
"version_name": "9.3",
"version_value": "9.3.4"
},
{
"version_affected": "<",
"version_name": "9.4",
"version_value": "9.4.3"
},
{
"version_affected": "<",
"version_name": "9.5",
"version_value": "9.5.4"
},
{
"version_affected": "<",
"version_name": "9.6",
"version_value": "9.6.3"
},
{
"version_affected": "<",
"version_name": "9.7",
"version_value": "9.7.2"
},
{
"version_affected": "<",
"version_name": "9.8",
"version_value": "9.8.2"
},
{
"version_affected": "<",
"version_name": "9.9",
"version_value": "9.9.2"
},
{
"version_affected": "<",
"version_name": "10.0",
"version_value": "10.0.1"
},
{
"version_affected": "<",
"version_name": "10.1",
"version_value": "10.1.1"
},
{
"version_affected": "<",
"version_name": "10.2",
"version_value": "10.2.2"
},
{
"version_affected": "<",
"version_name": "10.3",
"version_value": "10.3.1"
},
{
"version_affected": "<",
"version_name": "10.4",
"version_value": "10.4.1"
},
{
"version_affected": "<",
"version_name": "10.5",
"version_value": "10.5.2"
},
{
"version_affected": "<",
"version_name": "10.6",
"version_value": "10.6.2"
},
{
"version_affected": "<",
"version_name": "10.7",
"version_value": "10.7.1"
},
{
"version_affected": "<",
"version_name": "10.8",
"version_value": "10.8.1"
},
{
"version_affected": "<",
"version_name": "10.9",
"version_value": "10.9.2"
},
{
"version_affected": "<",
"version_name": "11.0",
"version_value": "11.0.1"
},
{
"version_affected": "<",
"version_name": "11.1",
"version_value": "11.1.3"
},
{
"version_affected": "<",
"version_name": "11.2",
"version_value": "11.2.1"
},
{
"version_affected": "<",
"version_name": "11.3",
"version_value": "11.3.3"
},
{
"version_affected": "<",
"version_name": "11.4",
"version_value": "11.4.1"
},
{
"version_affected": "<",
"version_name": "11.5",
"version_value": "11.5.2"
},
{
"version_affected": "<",
"version_name": "11.6",
"version_value": "11.6.1"
},
{
"version_affected": "<",
"version_name": "11.7",
"version_value": "11.7.2"
},
{
"version_affected": "<",
"version_name": "11.8",
"version_value": "11.8.5"
},
{
"version_affected": "<",
"version_name": "11.9",
"version_value": "11.9.2"
},
{
"version_affected": "<",
"version_name": "12.0",
"version_value": "12.0.1"
},
{
"version_affected": "<",
"version_name": "12.1",
"version_value": "12.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663",
"refsource": "MISC",
"name": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663"
},
{
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/",
"refsource": "MISC",
"name": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/"
}
]
},
"generator": {
"engine": "WPScan CVE Generator"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Miguel Neto"
},
{
"lang": "en",
"value": "WPScan"
}
]
}

18
2023/3xxx/CVE-2023-3429.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3429",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/3xxx/CVE-2023-3430.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3430",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}