From 9148dd9e97285283694d0380aa0a593a0e4f0da0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 8 May 2023 14:00:38 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/18xxx/CVE-2020-18131.json | 61 ++++++++++++++++++++--- 2020/18xxx/CVE-2020-18132.json | 61 ++++++++++++++++++++--- 2020/18xxx/CVE-2020-18282.json | 61 ++++++++++++++++++++--- 2020/19xxx/CVE-2020-19660.json | 61 ++++++++++++++++++++--- 2020/21xxx/CVE-2020-21038.json | 61 ++++++++++++++++++++--- 2020/22xxx/CVE-2020-22334.json | 61 ++++++++++++++++++++--- 2020/22xxx/CVE-2020-22755.json | 61 ++++++++++++++++++++--- 2020/23xxx/CVE-2020-23966.json | 61 ++++++++++++++++++++--- 2020/36xxx/CVE-2020-36065.json | 61 ++++++++++++++++++++--- 2021/27xxx/CVE-2021-27280.json | 61 ++++++++++++++++++++--- 2021/28xxx/CVE-2021-28998.json | 61 ++++++++++++++++++++--- 2021/28xxx/CVE-2021-28999.json | 61 ++++++++++++++++++++--- 2022/4xxx/CVE-2022-4118.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0267.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0268.json | 72 +++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0280.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0421.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0514.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0522.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0526.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0536.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0537.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0542.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0544.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0603.json | 89 ++++++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0768.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0894.json | 81 +++++++++++++++++++++++++++++-- 2023/0xxx/CVE-2023-0948.json | 72 +++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1011.json | 80 ++++++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1347.json | 72 +++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1408.json | 81 +++++++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1649.json | 72 +++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1650.json | 72 +++++++++++++++++++++++++-- 2023/2xxx/CVE-2023-2579.json | 18 +++++++ 2023/2xxx/CVE-2023-2580.json | 18 +++++++ 2023/2xxx/CVE-2023-2581.json | 18 +++++++ 2023/32xxx/CVE-2023-32301.json | 18 +++++++ 2023/32xxx/CVE-2023-32302.json | 18 +++++++ 2023/32xxx/CVE-2023-32303.json | 18 +++++++ 2023/32xxx/CVE-2023-32304.json | 18 +++++++ 2023/32xxx/CVE-2023-32305.json | 18 +++++++ 2023/32xxx/CVE-2023-32306.json | 18 +++++++ 2023/32xxx/CVE-2023-32307.json | 18 +++++++ 2023/32xxx/CVE-2023-32308.json | 18 +++++++ 2023/32xxx/CVE-2023-32309.json | 18 +++++++ 2023/32xxx/CVE-2023-32310.json | 18 +++++++ 2023/32xxx/CVE-2023-32311.json | 18 +++++++ 2023/32xxx/CVE-2023-32312.json | 18 +++++++ 2023/32xxx/CVE-2023-32313.json | 18 +++++++ 2023/32xxx/CVE-2023-32314.json | 18 +++++++ 2023/32xxx/CVE-2023-32315.json | 18 +++++++ 2023/32xxx/CVE-2023-32316.json | 18 +++++++ 2023/32xxx/CVE-2023-32317.json | 18 +++++++ 2023/32xxx/CVE-2023-32318.json | 18 +++++++ 2023/32xxx/CVE-2023-32319.json | 18 +++++++ 2023/32xxx/CVE-2023-32320.json | 18 +++++++ 2023/32xxx/CVE-2023-32321.json | 18 +++++++ 2023/32xxx/CVE-2023-32322.json | 18 +++++++ 2023/32xxx/CVE-2023-32323.json | 18 +++++++ 2023/32xxx/CVE-2023-32324.json | 18 +++++++ 2023/32xxx/CVE-2023-32325.json | 18 +++++++ 61 files changed, 2722 insertions(+), 177 deletions(-) create mode 100644 2023/2xxx/CVE-2023-2579.json create mode 100644 2023/2xxx/CVE-2023-2580.json create mode 100644 2023/2xxx/CVE-2023-2581.json create mode 100644 2023/32xxx/CVE-2023-32301.json create mode 100644 2023/32xxx/CVE-2023-32302.json create mode 100644 2023/32xxx/CVE-2023-32303.json create mode 100644 2023/32xxx/CVE-2023-32304.json create mode 100644 2023/32xxx/CVE-2023-32305.json create mode 100644 2023/32xxx/CVE-2023-32306.json create mode 100644 2023/32xxx/CVE-2023-32307.json create mode 100644 2023/32xxx/CVE-2023-32308.json create mode 100644 2023/32xxx/CVE-2023-32309.json create mode 100644 2023/32xxx/CVE-2023-32310.json create mode 100644 2023/32xxx/CVE-2023-32311.json create mode 100644 2023/32xxx/CVE-2023-32312.json create mode 100644 2023/32xxx/CVE-2023-32313.json create mode 100644 2023/32xxx/CVE-2023-32314.json create mode 100644 2023/32xxx/CVE-2023-32315.json create mode 100644 2023/32xxx/CVE-2023-32316.json create mode 100644 2023/32xxx/CVE-2023-32317.json create mode 100644 2023/32xxx/CVE-2023-32318.json create mode 100644 2023/32xxx/CVE-2023-32319.json create mode 100644 2023/32xxx/CVE-2023-32320.json create mode 100644 2023/32xxx/CVE-2023-32321.json create mode 100644 2023/32xxx/CVE-2023-32322.json create mode 100644 2023/32xxx/CVE-2023-32323.json create mode 100644 2023/32xxx/CVE-2023-32324.json create mode 100644 2023/32xxx/CVE-2023-32325.json diff --git a/2020/18xxx/CVE-2020-18131.json b/2020/18xxx/CVE-2020-18131.json index 1676be93d99..fcb28d59eb4 100644 --- a/2020/18xxx/CVE-2020-18131.json +++ b/2020/18xxx/CVE-2020-18131.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18131", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18131", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to escilate privledges to an arbitrary account via a crafted request to /members/console.php?cID=5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/bluethrust/clanscripts/issues/27", + "refsource": "MISC", + "name": "https://github.com/bluethrust/clanscripts/issues/27" + }, + { + "refsource": "MISC", + "name": "https://github.com/bluethrust/clanscripts", + "url": "https://github.com/bluethrust/clanscripts" } ] } diff --git a/2020/18xxx/CVE-2020-18132.json b/2020/18xxx/CVE-2020-18132.json index 0e880ec4958..bbb5643f06d 100644 --- a/2020/18xxx/CVE-2020-18132.json +++ b/2020/18xxx/CVE-2020-18132.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18132", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18132", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/sansanyun/mipcms/issues/4", + "refsource": "MISC", + "name": "https://github.com/sansanyun/mipcms/issues/4" + }, + { + "refsource": "MISC", + "name": "https://github.com/sansanyun/mipcms", + "url": "https://github.com/sansanyun/mipcms" } ] } diff --git a/2020/18xxx/CVE-2020-18282.json b/2020/18xxx/CVE-2020-18282.json index f1d0d232560..8b4d99d3604 100644 --- a/2020/18xxx/CVE-2020-18282.json +++ b/2020/18xxx/CVE-2020-18282.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-18282", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-18282", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nangge/noneCms/issues/23", + "refsource": "MISC", + "name": "https://github.com/nangge/noneCms/issues/23" + }, + { + "refsource": "MISC", + "name": "https://github.com/nangge/noneCms", + "url": "https://github.com/nangge/noneCms" } ] } diff --git a/2020/19xxx/CVE-2020-19660.json b/2020/19xxx/CVE-2020-19660.json index deaef2d5def..bffe5b7f8a4 100644 --- a/2020/19xxx/CVE-2020-19660.json +++ b/2020/19xxx/CVE-2020-19660.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19660", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19660", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) pandao editor.md 1.5.0 allows attackers to execute arbitrary code via crafted linked url values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pandao/editor.md/issues/697", + "refsource": "MISC", + "name": "https://github.com/pandao/editor.md/issues/697" + }, + { + "refsource": "MISC", + "name": "https://github.com/pandao/editor.md", + "url": "https://github.com/pandao/editor.md" } ] } diff --git a/2020/21xxx/CVE-2020-21038.json b/2020/21xxx/CVE-2020-21038.json index a59132a8a40..c5b78acb615 100644 --- a/2020/21xxx/CVE-2020-21038.json +++ b/2020/21xxx/CVE-2020-21038.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21038", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21038", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/typecho/typecho/issues/952", + "refsource": "MISC", + "name": "https://github.com/typecho/typecho/issues/952" + }, + { + "refsource": "MISC", + "name": "https://github.com/typecho/typecho", + "url": "https://github.com/typecho/typecho" } ] } diff --git a/2020/22xxx/CVE-2020-22334.json b/2020/22xxx/CVE-2020-22334.json index 5d2c1649837..aa540ae7bc4 100644 --- a/2020/22xxx/CVE-2020-22334.json +++ b/2020/22xxx/CVE-2020-22334.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-22334", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-22334", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/admin_admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/source-trace/beescms/issues/5", + "refsource": "MISC", + "name": "https://github.com/source-trace/beescms/issues/5" + }, + { + "refsource": "MISC", + "name": "https://github.com/source-trace/beescms", + "url": "https://github.com/source-trace/beescms" } ] } diff --git a/2020/22xxx/CVE-2020-22755.json b/2020/22xxx/CVE-2020-22755.json index e6435628fbf..ff56dafd505 100644 --- a/2020/22xxx/CVE-2020-22755.json +++ b/2020/22xxx/CVE-2020-22755.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-22755", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-22755", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/ming-soft/MCMS", + "url": "https://github.com/ming-soft/MCMS" + }, + { + "url": "https://github.com/ming-soft/MCMS/issues/42", + "refsource": "MISC", + "name": "https://github.com/ming-soft/MCMS/issues/42" } ] } diff --git a/2020/23xxx/CVE-2020-23966.json b/2020/23xxx/CVE-2020-23966.json index 893b41e38be..06d161966de 100644 --- a/2020/23xxx/CVE-2020-23966.json +++ b/2020/23xxx/CVE-2020-23966.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23966", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23966", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/VictorAlagwu/CMSsite/issues/15", + "refsource": "MISC", + "name": "https://github.com/VictorAlagwu/CMSsite/issues/15" + }, + { + "refsource": "MISC", + "name": "https://github.com/VictorAlagwu/CMSsite/", + "url": "https://github.com/VictorAlagwu/CMSsite/" } ] } diff --git a/2020/36xxx/CVE-2020-36065.json b/2020/36xxx/CVE-2020-36065.json index 006b3e28f2e..2784a4990ad 100644 --- a/2020/36xxx/CVE-2020-36065.json +++ b/2020/36xxx/CVE-2020-36065.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-36065", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-36065", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/sunkaifei/FlyCms/issues/8", + "refsource": "MISC", + "name": "https://github.com/sunkaifei/FlyCms/issues/8" + }, + { + "refsource": "MISC", + "name": "https://github.com/sunkaifei/FlyCms", + "url": "https://github.com/sunkaifei/FlyCms" } ] } diff --git a/2021/27xxx/CVE-2021-27280.json b/2021/27xxx/CVE-2021-27280.json index a9c3dc21730..fc28303b117 100644 --- a/2021/27xxx/CVE-2021-27280.json +++ b/2021/27xxx/CVE-2021-27280.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-27280", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-27280", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/langhsu/mblog/issues/44", + "refsource": "MISC", + "name": "https://github.com/langhsu/mblog/issues/44" + }, + { + "refsource": "MISC", + "name": "https://github.com/langhsu/mblog/", + "url": "https://github.com/langhsu/mblog/" } ] } diff --git a/2021/28xxx/CVE-2021-28998.json b/2021/28xxx/CVE-2021-28998.json index cdcd2061a4c..9a31fa2df01 100644 --- a/2021/28xxx/CVE-2021-28998.json +++ b/2021/28xxx/CVE-2021-28998.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28998", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28998", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://seclists.org/fulldisclosure/2021/Mar/50", + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2021/Mar/50" + }, + { + "url": "https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/file_upload_RCE/File_upload_to_RCE.md", + "refsource": "MISC", + "name": "https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/file_upload_RCE/File_upload_to_RCE.md" } ] } diff --git a/2021/28xxx/CVE-2021-28999.json b/2021/28xxx/CVE-2021-28999.json index 26c7bb954d7..89ec9e91254 100644 --- a/2021/28xxx/CVE-2021-28999.json +++ b/2021/28xxx/CVE-2021-28999.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28999", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28999", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://seclists.org/fulldisclosure/2021/Mar/49", + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2021/Mar/49" + }, + { + "url": "https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/sqli_order_by/CMS-MS-SQLi-report.md", + "refsource": "MISC", + "name": "https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/sqli_order_by/CMS-MS-SQLi-report.md" } ] } diff --git a/2022/4xxx/CVE-2022-4118.json b/2022/4xxx/CVE-2022-4118.json index 9ff6569c4f7..aace3c0cd52 100644 --- a/2022/4xxx/CVE-2022-4118.json +++ b/2022/4xxx/CVE-2022-4118.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-4118", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop WordPress plugin through 1.7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by authenticated users" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.7.1" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/2839ff82-7d37-4392-8fa3-d490680d42c4", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/2839ff82-7d37-4392-8fa3-d490680d42c4" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "cydave" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0267.json b/2023/0xxx/CVE-2023-0267.json index b9914638745..86ded2ea9e0 100644 --- a/2023/0xxx/CVE-2023-0267.json +++ b/2023/0xxx/CVE-2023-0267.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0267", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Ultimate Carousel For WPBakery Page Builder WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Ultimate Carousel For WPBakery Page Builder", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "2.6" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/7ba7849d-e07b-465a-bfb7-10c8186be140", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/7ba7849d-e07b-465a-bfb7-10c8186be140" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0268.json b/2023/0xxx/CVE-2023-0268.json index 5d5889140f1..42a78e4a82d 100644 --- a/2023/0xxx/CVE-2023-0268.json +++ b/2023/0xxx/CVE-2023-0268.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0268", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Mega Addons For WPBakery Page Builder WordPress plugin before 4.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Mega Addons For WPBakery Page Builder", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "4.3.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/99389641-ad1e-45c1-a42f-2a010ee22d76", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/99389641-ad1e-45c1-a42f-2a010ee22d76" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0280.json b/2023/0xxx/CVE-2023-0280.json index e5186fdcb07..47b620fdfe9 100644 --- a/2023/0xxx/CVE-2023-0280.json +++ b/2023/0xxx/CVE-2023-0280.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0280", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Ultimate Carousel For Elementor WordPress plugin through 2.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Ultimate Carousel For Elementor", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "2.1.7" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/cb7ed9e6-0fa0-4ebb-9109-8f33defc8b32", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/cb7ed9e6-0fa0-4ebb-9109-8f33defc8b32" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0421.json b/2023/0xxx/CVE-2023-0421.json index 536dbcc641f..803ce0c4022 100644 --- a/2023/0xxx/CVE-2023-0421.json +++ b/2023/0xxx/CVE-2023-0421.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0421", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Cloud Manager WordPress plugin through 1.0 does not sanitise and escape the query param ricerca before outputting it in an admin panel, allowing unauthenticated attackers to trick a logged in admin to trigger a XSS payload by clicking a link." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Cloud Manager", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/a356fea0-f143-4736-b2b2-c545c525335c", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/a356fea0-f143-4736-b2b2-c545c525335c" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Shreya Pohekar" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0514.json b/2023/0xxx/CVE-2023-0514.json index 8ae1a517f6e..e39398d2e18 100644 --- a/2023/0xxx/CVE-2023-0514.json +++ b/2023/0xxx/CVE-2023-0514.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0514", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Membership Database WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Membership Database", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/c6cc400a-9bfb-417d-9206-5582a49d0f05", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/c6cc400a-9bfb-417d-9206-5582a49d0f05" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Shreya Pohekar" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0522.json b/2023/0xxx/CVE-2023-0522.json index f176e7ee59f..bc316f822ae 100644 --- a/2023/0xxx/CVE-2023-0522.json +++ b/2023/0xxx/CVE-2023-0522.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0522", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Enable/Disable Auto Login when Register WordPress plugin through 1.1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Enable/Disable Auto Login when Register", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.1.0" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/c7984bfb-86a3-4530-90ae-17ab39af1c54", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/c7984bfb-86a3-4530-90ae-17ab39af1c54" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0526.json b/2023/0xxx/CVE-2023-0526.json index 3ecaccfba20..4948e229f42 100644 --- a/2023/0xxx/CVE-2023-0526.json +++ b/2023/0xxx/CVE-2023-0526.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0526", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Post Shortcode WordPress plugin through 2.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Post Shortcode", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "2.0.9" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/0ec58310-243d-40c8-9fa6-8753947bfa89", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/0ec58310-243d-40c8-9fa6-8753947bfa89" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0536.json b/2023/0xxx/CVE-2023-0536.json index c3f58b75e1f..e9a5536fad8 100644 --- a/2023/0xxx/CVE-2023-0536.json +++ b/2023/0xxx/CVE-2023-0536.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0536", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Wp-D3", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "2.4.1" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/7b19d792-8083-4c0c-a45e-a99c1f5f0df0", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/7b19d792-8083-4c0c-a45e-a99c1f5f0df0" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0537.json b/2023/0xxx/CVE-2023-0537.json index 2d000d04ebf..10d1867c515 100644 --- a/2023/0xxx/CVE-2023-0537.json +++ b/2023/0xxx/CVE-2023-0537.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0537", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Product Slider For WooCommerce Lite", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.1.7" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/d7369f1d-d1a0-4576-a676-c70525a6c743", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/d7369f1d-d1a0-4576-a676-c70525a6c743" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0542.json b/2023/0xxx/CVE-2023-0542.json index e21788c4357..d9bd1b37ac7 100644 --- a/2023/0xxx/CVE-2023-0542.json +++ b/2023/0xxx/CVE-2023-0542.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0542", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Custom Post Type List Shortcode WordPress plugin through 1.4.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Custom Post Type List Shortcode", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.4.4" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/17de2f77-3e6c-4c22-9196-6e5577ee7fcf", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/17de2f77-3e6c-4c22-9196-6e5577ee7fcf" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0544.json b/2023/0xxx/CVE-2023-0544.json index eb4588dc33b..62d76faa005 100644 --- a/2023/0xxx/CVE-2023-0544.json +++ b/2023/0xxx/CVE-2023-0544.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0544", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP Login Box WordPress plugin through 2.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP Login Box", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "2.0.2" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/8ef9585f-67d7-4651-977a-fcad113882bd", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/8ef9585f-67d7-4651-977a-fcad113882bd" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0603.json b/2023/0xxx/CVE-2023-0603.json index 539f4f5202a..29953eda42e 100644 --- a/2023/0xxx/CVE-2023-0603.json +++ b/2023/0xxx/CVE-2023-0603.json @@ -1,18 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0603", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Sloth Logo Customizer WordPress plugin through 2.0.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Sloth Logo Customizer", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "2.0.2" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/1c93ea8f-4e68-4da1-994e-35a5873278ba", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/1c93ea8f-4e68-4da1-994e-35a5873278ba" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Nithissh Sathish" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0768.json b/2023/0xxx/CVE-2023-0768.json index 8de697f0afc..75f02870c5d 100644 --- a/2023/0xxx/CVE-2023-0768.json +++ b/2023/0xxx/CVE-2023-0768.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0768", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Avirato hotels online booking engine WordPress plugin through 5.0.5 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Avirato hotels online booking engine", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "5.0.5" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/03d061b4-1b71-44f5-b3dc-f82a5fcd92eb", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/03d061b4-1b71-44f5-b3dc-f82a5fcd92eb" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0894.json b/2023/0xxx/CVE-2023-0894.json index bfff0931d55..d351a2b03fa 100644 --- a/2023/0xxx/CVE-2023-0894.json +++ b/2023/0xxx/CVE-2023-0894.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0894", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Pickup | Delivery | Dine-in date time", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.0.9" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/d42eff41-096f-401d-bbfb-dcd6e08faca5", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/d42eff41-096f-401d-bbfb-dcd6e08faca5" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Sajjad Shariati" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0948.json b/2023/0xxx/CVE-2023-0948.json index b885147d0bf..fa1e1b95d21 100644 --- a/2023/0xxx/CVE-2023-0948.json +++ b/2023/0xxx/CVE-2023-0948.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0948", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Japanized For WooCommerce", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.5.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/a78d75b2-85a0-41eb-9720-c726ca2e8718", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/a78d75b2-85a0-41eb-9720-c726ca2e8718" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Erwan LR (WPScan)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1011.json b/2023/1xxx/CVE-2023-1011.json index d018c06e986..45ba69f9acf 100644 --- a/2023/1xxx/CVE-2023-1011.json +++ b/2023/1xxx/CVE-2023-1011.json @@ -1,18 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1011", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The AI ChatBot WordPress plugin before 4.4.5 does not escape most of its settings before outputting them back in the dashboard, and does not have a proper CSRF check, allowing attackers to make a logged in admin set XSS payloads in them." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "AI ChatBot", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "4.4.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/d1784446-b3da-4175-9dac-20b030f19984", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/d1784446-b3da-4175-9dac-20b030f19984" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Erwan LR (WPScan)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1347.json b/2023/1xxx/CVE-2023-1347.json index 30565114eb2..c6a68507317 100644 --- a/2023/1xxx/CVE-2023-1347.json +++ b/2023/1xxx/CVE-2023-1347.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1347", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Customizer Export/Import", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "0.9.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/356a5977-c90c-4fc6-98ed-032d5b27f272", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/356a5977-c90c-4fc6-98ed-032d5b27f272" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Nguyen Huu Do" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1408.json b/2023/1xxx/CVE-2023-1408.json index a49f2d123f7..fdef8ebfe4e 100644 --- a/2023/1xxx/CVE-2023-1408.json +++ b/2023/1xxx/CVE-2023-1408.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1408", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Video List Manager", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "custom", + "version": "0", + "lessThanOrEqual": "1.7" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/baf7ef4d-b2ba-48e0-9c17-74fa27e0c15b", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/baf7ef4d-b2ba-48e0-9c17-74fa27e0c15b" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "zhangyunpei and Yeting Li VARAS@IIE" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1649.json b/2023/1xxx/CVE-2023-1649.json index f294df3f95c..a3a77933fcc 100644 --- a/2023/1xxx/CVE-2023-1649.json +++ b/2023/1xxx/CVE-2023-1649.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1649", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The AI ChatBot WordPress plugin before 4.5.1 does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "AI ChatBot", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "4.5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/ea806115-14ab-4bc4-a272-2141cb14454a", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/ea806115-14ab-4bc4-a272-2141cb14454a" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Erwan LR (WPScan)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1650.json b/2023/1xxx/CVE-2023-1650.json index 4161d4065b8..3eece53a995 100644 --- a/2023/1xxx/CVE-2023-1650.json +++ b/2023/1xxx/CVE-2023-1650.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1650", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "AI ChatBot", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "4.4.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/7d7fe498-0aa3-4fa7-b560-610b42b2abed", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/7d7fe498-0aa3-4fa7-b560-610b42b2abed" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Erwan LR (WPScan)" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2023/2xxx/CVE-2023-2579.json b/2023/2xxx/CVE-2023-2579.json new file mode 100644 index 00000000000..606710e1126 --- /dev/null +++ b/2023/2xxx/CVE-2023-2579.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-2579", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/2xxx/CVE-2023-2580.json b/2023/2xxx/CVE-2023-2580.json new file mode 100644 index 00000000000..306c4f207ba --- /dev/null +++ b/2023/2xxx/CVE-2023-2580.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-2580", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/2xxx/CVE-2023-2581.json b/2023/2xxx/CVE-2023-2581.json new file mode 100644 index 00000000000..12e6faf50d9 --- /dev/null +++ b/2023/2xxx/CVE-2023-2581.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-2581", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32301.json b/2023/32xxx/CVE-2023-32301.json new file mode 100644 index 00000000000..59274047064 --- /dev/null +++ b/2023/32xxx/CVE-2023-32301.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32301", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32302.json b/2023/32xxx/CVE-2023-32302.json new file mode 100644 index 00000000000..991bf2bd6fe --- /dev/null +++ b/2023/32xxx/CVE-2023-32302.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32302", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32303.json b/2023/32xxx/CVE-2023-32303.json new file mode 100644 index 00000000000..2a3baeefb38 --- /dev/null +++ b/2023/32xxx/CVE-2023-32303.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32303", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32304.json b/2023/32xxx/CVE-2023-32304.json new file mode 100644 index 00000000000..c9863be8869 --- /dev/null +++ b/2023/32xxx/CVE-2023-32304.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32304", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32305.json b/2023/32xxx/CVE-2023-32305.json new file mode 100644 index 00000000000..140bb5f0451 --- /dev/null +++ b/2023/32xxx/CVE-2023-32305.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32305", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32306.json b/2023/32xxx/CVE-2023-32306.json new file mode 100644 index 00000000000..6183255864b --- /dev/null +++ b/2023/32xxx/CVE-2023-32306.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32306", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32307.json b/2023/32xxx/CVE-2023-32307.json new file mode 100644 index 00000000000..bc4948570f8 --- /dev/null +++ b/2023/32xxx/CVE-2023-32307.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32307", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32308.json b/2023/32xxx/CVE-2023-32308.json new file mode 100644 index 00000000000..350a31e532e --- /dev/null +++ b/2023/32xxx/CVE-2023-32308.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32308", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32309.json b/2023/32xxx/CVE-2023-32309.json new file mode 100644 index 00000000000..4022c898f5f --- /dev/null +++ b/2023/32xxx/CVE-2023-32309.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32309", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32310.json b/2023/32xxx/CVE-2023-32310.json new file mode 100644 index 00000000000..3d866e86e33 --- /dev/null +++ b/2023/32xxx/CVE-2023-32310.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32310", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32311.json b/2023/32xxx/CVE-2023-32311.json new file mode 100644 index 00000000000..2b5ee8da756 --- /dev/null +++ b/2023/32xxx/CVE-2023-32311.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32311", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32312.json b/2023/32xxx/CVE-2023-32312.json new file mode 100644 index 00000000000..6e942ca6b4b --- /dev/null +++ b/2023/32xxx/CVE-2023-32312.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32312", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32313.json b/2023/32xxx/CVE-2023-32313.json new file mode 100644 index 00000000000..25100c1bfad --- /dev/null +++ b/2023/32xxx/CVE-2023-32313.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32313", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32314.json b/2023/32xxx/CVE-2023-32314.json new file mode 100644 index 00000000000..53e7c70e08a --- /dev/null +++ b/2023/32xxx/CVE-2023-32314.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32314", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32315.json b/2023/32xxx/CVE-2023-32315.json new file mode 100644 index 00000000000..90edfcf81c8 --- /dev/null +++ b/2023/32xxx/CVE-2023-32315.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32315", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32316.json b/2023/32xxx/CVE-2023-32316.json new file mode 100644 index 00000000000..b49c25f0919 --- /dev/null +++ b/2023/32xxx/CVE-2023-32316.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32316", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32317.json b/2023/32xxx/CVE-2023-32317.json new file mode 100644 index 00000000000..2eb305cfa9b --- /dev/null +++ b/2023/32xxx/CVE-2023-32317.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32317", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32318.json b/2023/32xxx/CVE-2023-32318.json new file mode 100644 index 00000000000..babc2d12548 --- /dev/null +++ b/2023/32xxx/CVE-2023-32318.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32318", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32319.json b/2023/32xxx/CVE-2023-32319.json new file mode 100644 index 00000000000..85524757b6d --- /dev/null +++ b/2023/32xxx/CVE-2023-32319.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32319", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32320.json b/2023/32xxx/CVE-2023-32320.json new file mode 100644 index 00000000000..9f76bd49367 --- /dev/null +++ b/2023/32xxx/CVE-2023-32320.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32320", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32321.json b/2023/32xxx/CVE-2023-32321.json new file mode 100644 index 00000000000..493e30565aa --- /dev/null +++ b/2023/32xxx/CVE-2023-32321.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32321", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32322.json b/2023/32xxx/CVE-2023-32322.json new file mode 100644 index 00000000000..695317ad77d --- /dev/null +++ b/2023/32xxx/CVE-2023-32322.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32322", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32323.json b/2023/32xxx/CVE-2023-32323.json new file mode 100644 index 00000000000..09c408ba1eb --- /dev/null +++ b/2023/32xxx/CVE-2023-32323.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32323", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32324.json b/2023/32xxx/CVE-2023-32324.json new file mode 100644 index 00000000000..70ce7cd90de --- /dev/null +++ b/2023/32xxx/CVE-2023-32324.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32324", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/32xxx/CVE-2023-32325.json b/2023/32xxx/CVE-2023-32325.json new file mode 100644 index 00000000000..e9fdd2d272d --- /dev/null +++ b/2023/32xxx/CVE-2023-32325.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-32325", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file