admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#6217

Browse Source 
Auto-merge PR#6217
This commit is contained in:
CVE Team 2022-06-24 02:45:40 -04:00 committed by GitHub
commit e03b261700
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 352 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2017/20xxx/CVE-2017-20092.json
View File

@ -4,14 +4,70 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20092",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "Google Analytics Dashboard Plugin cross site scriting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Google Analytics Dashboard Plugin",
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic was found in Google Analytics Dashboard Plugin 2.1.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely."
}
]
},
"credit": "Yorick Koster",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Feb\/93"
},
{
"url": "https:\/\/vuldb.com\/?id.97381"
}
]
}

62
2017/20xxx/CVE-2017-20093.json
View File

@ -4,14 +4,70 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20093",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "Download Manager Plugin cross-site request forgery",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Download Manager Plugin",
"version": {
"version_data": [
{
"version_value": "2.8.99"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely."
}
]
},
"credit": "Burak Kelebek",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "4.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Feb\/82"
},
{
"url": "https:\/\/vuldb.com\/?id.97374"
}
]
}

61
2017/20xxx/CVE-2017-20094.json
View File

@ -4,14 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20094",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "NewStatPress Plugin Persistent cross site scriting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "NewStatPress Plugin",
"version": {
"version_data": [
{
"version_value": "1.2.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, has been found in NewStatPress Plugin 1.2.4. This issue affects some unknown processing. The manipulation leads to basic cross site scripting (Persistent). The attack may be initiated remotely. Upgrading to version 1.2.5 is able to address this issue. It is recommended to upgrade the affected component."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Feb\/81"
},
{
"url": "https:\/\/vuldb.com\/?id.97373"
}
]
}

62
2017/20xxx/CVE-2017-20095.json
View File

@ -4,14 +4,70 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20095",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "Simple Ads Manager Plugin code injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "Simple Ads Manager Plugin",
"version": {
"version_data": [
{
"version_value": "n\/a"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Code Injection"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical was found in Simple Ads Manager Plugin. This vulnerability affects unknown code. The manipulation leads to code injection. The attack can be initiated remotely."
}
]
},
"credit": "Yorick Koster",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
}
},
"references": {
"reference_data": [
{
"url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Feb\/80"
},
{
"url": "https:\/\/vuldb.com\/?id.97372"
}
]
}

61
2017/20xxx/CVE-2017-20096.json
View File

@ -4,14 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20096",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "WP-SpamFree Anti-Spam Plugin cross site scriting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "WP-SpamFree Anti-Spam Plugin",
"version": {
"version_data": [
{
"version_value": "2.1.1.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic has been found in WP-SpamFree Anti-Spam Plugin 2.1.1.4. This affects an unknown part. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely."
}
]
},
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Feb\/79"
},
{
"url": "https:\/\/vuldb.com\/?id.97371"
}
]
}

62
2017/20xxx/CVE-2017-20097.json
View File

@ -4,14 +4,70 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-20097",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"TITLE": "WP-Filebase Download Manager Plugin cross site scriting",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"product": {
"product_data": [
{
"product_name": "WP-Filebase Download Manager Plugin",
"version": {
"version_data": [
{
"version_value": "3.4.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-80 Basic Cross Site Scripting"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in WP-Filebase Download Manager Plugin 3.4.4. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely."
}
]
},
"credit": "Yorick Koster",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
}
},
"references": {
"reference_data": [
{
"url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Feb\/78"
},
{
"url": "https:\/\/vuldb.com\/?id.97370"
}
]
}