mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-08 19:47:09 +00:00
Auto-Update: 2023-05-02T12:00:24.363206+00:00
This commit is contained in:
René Helmke
parent
51e6320942
commit
0533eea5b7
@ -2,12 +2,12 @@
|
||||
"id": "CVE-2022-1113",
|
||||
"sourceIdentifier": "contact@wpscan.com",
|
||||
"published": "2022-06-27T09:15:08.877",
|
||||
"lastModified": "2022-07-07T15:13:49.417",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-05-02T10:15:08.983",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Flower Delivery by Florist One WordPress plugin through 3.5.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setups)"
|
||||
"value": "The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setups)"
|
||||
},
|
||||
{
|
||||
"lang": "es",
|
||||
|
||||
@ -2,12 +2,12 @@
|
||||
"id": "CVE-2022-4471",
|
||||
"sourceIdentifier": "contact@wpscan.com",
|
||||
"published": "2023-02-13T15:15:16.997",
|
||||
"lastModified": "2023-02-23T04:52:28.953",
|
||||
"vulnStatus": "Analyzed",
|
||||
"lastModified": "2023-05-02T10:15:09.250",
|
||||
"vulnStatus": "Modified",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The YARPP WordPress plugin through 5.30.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins."
|
||||
"value": "The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
|
||||
59
CVE-2023/CVE-2023-308xx/CVE-2023-30869.json
Normal file
59
CVE-2023/CVE-2023-308xx/CVE-2023-30869.json
Normal file
@ -0,0 +1,59 @@
|
||||
{
|
||||
"id": "CVE-2023-30869",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-05-02T10:15:09.357",
|
||||
"lastModified": "2023-05-02T10:15:09.357",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation.\u00a0This issue affects Easy Digital Downloads: from 3.1 through 3.1.1.4.1."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 9.8,
|
||||
"baseSeverity": "CRITICAL"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-287"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/articles/critical-easy-digital-downloads-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
},
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-1-1-4-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
||||
35
README.md
35
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-05-02T10:00:24.586602+00:00
|
||||
2023-05-02T12:00:24.363206+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-05-02T09:15:10.207000+00:00
|
||||
2023-05-02T10:15:09.357000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -29,41 +29,22 @@ Download and Changelog: [Click](releases/latest)
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
213914
|
||||
213915
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `22`
|
||||
Recently added CVEs: `1`
|
||||
|
||||
* [CVE-2022-33273](CVE-2022/CVE-2022-332xx/CVE-2022-33273.json) (`2023-05-02T08:15:08.763`)
|
||||
* [CVE-2022-40504](CVE-2022/CVE-2022-405xx/CVE-2022-40504.json) (`2023-05-02T08:15:09.437`)
|
||||
* [CVE-2023-0891](CVE-2023/CVE-2023-08xx/CVE-2023-0891.json) (`2023-05-02T08:15:09.513`)
|
||||
* [CVE-2023-0924](CVE-2023/CVE-2023-09xx/CVE-2023-0924.json) (`2023-05-02T08:15:09.620`)
|
||||
* [CVE-2023-1021](CVE-2023/CVE-2023-10xx/CVE-2023-1021.json) (`2023-05-02T08:15:09.693`)
|
||||
* [CVE-2023-1090](CVE-2023/CVE-2023-10xx/CVE-2023-1090.json) (`2023-05-02T08:15:09.753`)
|
||||
* [CVE-2023-1125](CVE-2023/CVE-2023-11xx/CVE-2023-1125.json) (`2023-05-02T08:15:09.823`)
|
||||
* [CVE-2023-1196](CVE-2023/CVE-2023-11xx/CVE-2023-1196.json) (`2023-05-02T09:15:09.280`)
|
||||
* [CVE-2023-1525](CVE-2023/CVE-2023-15xx/CVE-2023-1525.json) (`2023-05-02T08:15:09.893`)
|
||||
* [CVE-2023-1546](CVE-2023/CVE-2023-15xx/CVE-2023-1546.json) (`2023-05-02T08:15:09.957`)
|
||||
* [CVE-2023-1554](CVE-2023/CVE-2023-15xx/CVE-2023-1554.json) (`2023-05-02T08:15:10.023`)
|
||||
* [CVE-2023-1614](CVE-2023/CVE-2023-16xx/CVE-2023-1614.json) (`2023-05-02T08:15:10.097`)
|
||||
* [CVE-2023-1669](CVE-2023/CVE-2023-16xx/CVE-2023-1669.json) (`2023-05-02T08:15:10.180`)
|
||||
* [CVE-2023-1730](CVE-2023/CVE-2023-17xx/CVE-2023-1730.json) (`2023-05-02T08:15:10.267`)
|
||||
* [CVE-2023-1804](CVE-2023/CVE-2023-18xx/CVE-2023-1804.json) (`2023-05-02T08:15:10.337`)
|
||||
* [CVE-2023-1805](CVE-2023/CVE-2023-18xx/CVE-2023-1805.json) (`2023-05-02T08:15:10.393`)
|
||||
* [CVE-2023-1809](CVE-2023/CVE-2023-18xx/CVE-2023-1809.json) (`2023-05-02T08:15:10.453`)
|
||||
* [CVE-2023-1861](CVE-2023/CVE-2023-18xx/CVE-2023-1861.json) (`2023-05-02T08:15:10.517`)
|
||||
* [CVE-2023-1911](CVE-2023/CVE-2023-19xx/CVE-2023-1911.json) (`2023-05-02T08:15:10.570`)
|
||||
* [CVE-2023-2000](CVE-2023/CVE-2023-20xx/CVE-2023-2000.json) (`2023-05-02T09:15:10.013`)
|
||||
* [CVE-2023-31207](CVE-2023/CVE-2023-312xx/CVE-2023-31207.json) (`2023-05-02T09:15:10.120`)
|
||||
* [CVE-2023-32007](CVE-2023/CVE-2023-320xx/CVE-2023-32007.json) (`2023-05-02T09:15:10.207`)
|
||||
* [CVE-2023-30869](CVE-2023/CVE-2023-308xx/CVE-2023-30869.json) (`2023-05-02T10:15:09.357`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `0`
|
||||
Recently modified CVEs: `2`
|
||||
|
||||
* [CVE-2022-1113](CVE-2022/CVE-2022-11xx/CVE-2022-1113.json) (`2023-05-02T10:15:08.983`)
|
||||
* [CVE-2022-4471](CVE-2022/CVE-2022-44xx/CVE-2022-4471.json) (`2023-05-02T10:15:09.250`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user