diff --git a/CVE-2022/CVE-2022-08xx/CVE-2022-0834.json b/CVE-2022/CVE-2022-08xx/CVE-2022-0834.json index 4c566ae8784..b19e03f4148 100644 --- a/CVE-2022/CVE-2022-08xx/CVE-2022-0834.json +++ b/CVE-2022/CVE-2022-08xx/CVE-2022-0834.json @@ -2,8 +2,8 @@ "id": "CVE-2022-0834", "sourceIdentifier": "security@wordfence.com", "published": "2022-03-23T20:15:10.367", - "lastModified": "2022-03-29T00:42:50.990", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:42.597", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "LOW", + "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 6.4, - "baseSeverity": "MEDIUM" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 3.1, + "exploitabilityScore": 3.9, "impactScore": 2.7 } ], @@ -93,16 +93,6 @@ "value": "CWE-79" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] } ], "configurations": [ @@ -124,6 +114,10 @@ } ], "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/73f12f22-c0a4-4010-9634-ce7308254028?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0834", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-08xx/CVE-2022-0888.json b/CVE-2022/CVE-2022-08xx/CVE-2022-0888.json index 646f8dfa9a6..411843e2242 100644 --- a/CVE-2022/CVE-2022-08xx/CVE-2022-0888.json +++ b/CVE-2022/CVE-2022-08xx/CVE-2022-0888.json @@ -2,8 +2,8 @@ "id": "CVE-2022-0888", "sourceIdentifier": "security@wordfence.com", "published": "2022-03-23T20:15:10.470", - "lastModified": "2022-05-02T19:34:44.647", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:42.923", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -93,16 +93,6 @@ "value": "CWE-434" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-434" - } - ] } ], "configurations": [ @@ -133,6 +123,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00eeaef-f277-481f-9e18-bf1ced0015a0?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0888", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-08xx/CVE-2022-0889.json b/CVE-2022/CVE-2022-08xx/CVE-2022-0889.json index 78c884097d2..cf88b65c166 100644 --- a/CVE-2022/CVE-2022-08xx/CVE-2022-0889.json +++ b/CVE-2022/CVE-2022-08xx/CVE-2022-0889.json @@ -2,7 +2,7 @@ "id": "CVE-2022-0889", "sourceIdentifier": "security@wordfence.com", "published": "2022-03-23T20:15:10.523", - "lastModified": "2023-11-07T03:41:38.557", + "lastModified": "2024-01-11T09:15:43.023", "vulnStatus": "Modified", "descriptions": [ { @@ -37,23 +37,23 @@ "impactScore": 2.7 }, { - "source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "source": "security@wordfence.com", "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", + "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 6.1, - "baseSeverity": "MEDIUM" + "baseScore": 7.2, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 2.8, + "exploitabilityScore": 3.9, "impactScore": 2.7 } ], @@ -93,16 +93,6 @@ "value": "CWE-79" } ] - }, - { - "source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] } ], "configurations": [ @@ -125,15 +115,12 @@ ], "references": [ { - "url": "https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20%2830%20November%202021%29", + "url": "https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021)", "source": "security@wordfence.com" }, { - "url": "https://wordfence.com/vulnerability-advisories/#CVE-2022-0889", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve", + "source": "security@wordfence.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-09xx/CVE-2022-0993.json b/CVE-2022/CVE-2022-09xx/CVE-2022-0993.json index fbd9c27d13b..3b5e78383e1 100644 --- a/CVE-2022/CVE-2022-09xx/CVE-2022-0993.json +++ b/CVE-2022/CVE-2022-09xx/CVE-2022-0993.json @@ -2,8 +2,8 @@ "id": "CVE-2022-0993", "sourceIdentifier": "security@wordfence.com", "published": "2022-04-19T21:15:13.683", - "lastModified": "2023-07-21T17:12:37.767", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:43.237", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -93,20 +93,6 @@ "value": "CWE-306" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-285" - }, - { - "lang": "en", - "value": "CWE-288" - } - ] } ], "configurations": [ @@ -137,12 +123,12 @@ ] }, { - "url": "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/", - "source": "security@wordfence.com", - "tags": [ - "Exploit", - "Third Party Advisory" - ] + "url": "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e3a5566-eee5-4f71-9c93-e59abf913d04?source=cve", + "source": "security@wordfence.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-11xx/CVE-2022-1119.json b/CVE-2022/CVE-2022-11xx/CVE-2022-1119.json index ee2127cc725..e4d3aa2ff94 100644 --- a/CVE-2022/CVE-2022-11xx/CVE-2022-1119.json +++ b/CVE-2022/CVE-2022-11xx/CVE-2022-1119.json @@ -2,12 +2,12 @@ "id": "CVE-2022-1119", "sourceIdentifier": "security@wordfence.com", "published": "2022-04-19T21:15:13.810", - "lastModified": "2022-04-27T16:32:45.753", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:43.380", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7." + "value": "The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the\u00a0eeFile parameter found\u00a0in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7." }, { "lang": "es", @@ -93,16 +93,6 @@ "value": "CWE-22" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] } ], "configurations": [ @@ -149,11 +139,8 @@ ] }, { - "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1119", - "source": "security@wordfence.com", - "tags": [ - "Third Party Advisory" - ] + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff21241d-e488-4460-b8c2-d5a070c8c107?source=cve", + "source": "security@wordfence.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-12xx/CVE-2022-1208.json b/CVE-2022/CVE-2022-12xx/CVE-2022-1208.json index b080b459aac..ea0978afa5b 100644 --- a/CVE-2022/CVE-2022-12xx/CVE-2022-1208.json +++ b/CVE-2022/CVE-2022-12xx/CVE-2022-1208.json @@ -2,12 +2,12 @@ "id": "CVE-2022-1208", "sourceIdentifier": "security@wordfence.com", "published": "2022-06-13T13:15:10.697", - "lastModified": "2022-06-17T23:18:17.307", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:43.483", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was partially fixed in version 2.3.2 then subsequently fully patched in version 2.3.3." + "value": "The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding that is reflected back on the page. This affects versions up to, and including, 2.3.2. Please note this issue was only partially fixed in version 2.3.2." }, { "lang": "es", @@ -83,18 +83,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -130,6 +118,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93cf6dce-892e-4106-bb37-b7952e5ea5a1?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1208", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-12xx/CVE-2022-1209.json b/CVE-2022/CVE-2022-12xx/CVE-2022-1209.json index d148831f5bc..b63743b5aa4 100644 --- a/CVE-2022/CVE-2022-12xx/CVE-2022-1209.json +++ b/CVE-2022/CVE-2022-12xx/CVE-2022-1209.json @@ -2,12 +2,12 @@ "id": "CVE-2022-1209", "sourceIdentifier": "security@wordfence.com", "published": "2022-05-10T20:15:08.407", - "lastModified": "2022-05-16T17:12:22.417", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:43.603", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The Ultimate Member plugin for WordPress is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1 granted the victim clicks on a social icon on a user's profile page." + "value": "The Ultimate Member plugin for WordPress is vulnerable to arbitrary redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims in versions up to, and including, 2.3.1." }, { "lang": "es", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "LOW", + "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 3.5, - "baseSeverity": "LOW" + "baseScore": 4.3, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 2.1, + "exploitabilityScore": 2.8, "impactScore": 1.4 } ], @@ -83,18 +83,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-601" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -138,6 +126,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d638120b-5396-408b-8273-d003ff9dd01d?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1209", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-14xx/CVE-2022-1476.json b/CVE-2022/CVE-2022-14xx/CVE-2022-1476.json index eac19558308..4807d237a46 100644 --- a/CVE-2022/CVE-2022-14xx/CVE-2022-1476.json +++ b/CVE-2022/CVE-2022-14xx/CVE-2022-1476.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1476", "sourceIdentifier": "security@wordfence.com", "published": "2022-05-10T20:15:08.657", - "lastModified": "2022-05-18T15:14:59.773", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:43.827", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -83,18 +83,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -122,6 +110,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e58634c3-7fcd-4885-b897-4e6a97fb06ac?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1476", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-17xx/CVE-2022-1768.json b/CVE-2022/CVE-2022-17xx/CVE-2022-1768.json index 61a48f565c6..f2179d9aa6e 100644 --- a/CVE-2022/CVE-2022-17xx/CVE-2022-1768.json +++ b/CVE-2022/CVE-2022-17xx/CVE-2022-1768.json @@ -2,12 +2,12 @@ "id": "CVE-2022-1768", "sourceIdentifier": "security@wordfence.com", "published": "2022-06-13T14:15:08.703", - "lastModified": "2023-09-30T03:05:11.980", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:43.940", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2. Please note that this is separate from CVE-2022-1453 & CVE-2022-1505." + "value": "The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to insufficient escaping and parameterization on user supplied data passed to multiple SQL queries in the ~/rsvpmaker-email.php file. This makes it possible for unauthenticated attackers to steal sensitive information from the database in versions up to, and including, 9.3.2. \r\n\r\nPlease note that this is separate from CVE-2022-1453 & CVE-2022-1505." }, { "lang": "es", @@ -83,18 +83,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -130,6 +118,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1d02646-271a-4079-8a47-00b4029e9c1f?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1768", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-18xx/CVE-2022-1820.json b/CVE-2022/CVE-2022-18xx/CVE-2022-1820.json index 5a873676508..88d04b32422 100644 --- a/CVE-2022/CVE-2022-18xx/CVE-2022-1820.json +++ b/CVE-2022/CVE-2022-18xx/CVE-2022-1820.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1820", "sourceIdentifier": "security@wordfence.com", "published": "2022-06-13T14:15:08.777", - "lastModified": "2022-06-21T18:36:37.397", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.060", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -83,18 +83,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -122,6 +110,14 @@ "Third Party Advisory" ] }, + { + "url": "https://wordpress.org/plugins/keep-backup-daily/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8693a8b1-15e1-4c9c-90fb-51fcaf5ff451?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1820", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1918.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1918.json index 837dfff765d..57e0d48fba1 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1918.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1918.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1918", "sourceIdentifier": "security@wordfence.com", "published": "2022-06-13T13:15:13.347", - "lastModified": "2022-06-21T18:36:53.560", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.170", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -93,16 +93,6 @@ "value": "CWE-352" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] } ], "configurations": [ @@ -132,6 +122,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fbda7670-179a-41ed-8ec9-ae7f5102e645?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1918", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-19xx/CVE-2022-1985.json b/CVE-2022/CVE-2022-19xx/CVE-2022-1985.json index 1c49bd24d09..b5b1e42637f 100644 --- a/CVE-2022/CVE-2022-19xx/CVE-2022-1985.json +++ b/CVE-2022/CVE-2022-19xx/CVE-2022-1985.json @@ -2,8 +2,8 @@ "id": "CVE-2022-1985", "sourceIdentifier": "security@wordfence.com", "published": "2022-06-13T13:15:13.407", - "lastModified": "2022-06-22T13:13:22.663", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.277", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -83,18 +83,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -122,6 +110,10 @@ "Third Party Advisory" ] }, + { + "url": "https://wordpress.org/plugins/download-manager/#developers", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/blog/2022/06/security-vulnerability-download-manager-plugin/", "source": "security@wordfence.com", @@ -130,6 +122,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79fcf18e-39f7-42f2-90e4-3a5bac3382e0?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-1985", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-20xx/CVE-2022-2039.json b/CVE-2022/CVE-2022-20xx/CVE-2022-2039.json index ccae0700625..11df7ce90c2 100644 --- a/CVE-2022/CVE-2022-20xx/CVE-2022-2039.json +++ b/CVE-2022/CVE-2022-20xx/CVE-2022-2039.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2039", "sourceIdentifier": "security@wordfence.com", "published": "2022-07-18T17:15:08.827", - "lastModified": "2022-07-25T17:02:58.300", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.400", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -58,18 +58,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -97,6 +85,18 @@ "Third Party Advisory" ] }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2762052%40livesupporti&new=2762052%40livesupporti&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/livesupporti/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfa3efa2-c542-44b9-8039-13e6eac75101?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2039", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-21xx/CVE-2022-2101.json b/CVE-2022/CVE-2022-21xx/CVE-2022-2101.json index 2266789b1d4..ac0151a5f46 100644 --- a/CVE-2022/CVE-2022-21xx/CVE-2022-2101.json +++ b/CVE-2022/CVE-2022-21xx/CVE-2022-2101.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2101", "sourceIdentifier": "security@wordfence.com", "published": "2022-07-18T17:15:08.887", - "lastModified": "2022-07-25T16:48:03.543", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.523", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -58,18 +58,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -115,6 +103,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b399929a-db33-419f-9218-b86ee88a9f1a?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2101", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-21xx/CVE-2022-2117.json b/CVE-2022/CVE-2022-21xx/CVE-2022-2117.json index 203b675e0d9..887073ba69a 100644 --- a/CVE-2022/CVE-2022-21xx/CVE-2022-2117.json +++ b/CVE-2022/CVE-2022-21xx/CVE-2022-2117.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2117", "sourceIdentifier": "security@wordfence.com", "published": "2022-07-18T17:15:09.007", - "lastModified": "2022-07-25T16:52:16.787", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.613", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -58,18 +58,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-200" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -96,6 +84,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/addae413-1fc5-427f-a5ef-3da705cbeb5b?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2117", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-22xx/CVE-2022-2224.json b/CVE-2022/CVE-2022-22xx/CVE-2022-2224.json index 3411a66972f..1ca4b940b88 100644 --- a/CVE-2022/CVE-2022-22xx/CVE-2022-2224.json +++ b/CVE-2022/CVE-2022-22xx/CVE-2022-2224.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2224", "sourceIdentifier": "security@wordfence.com", "published": "2022-07-18T17:15:09.127", - "lastModified": "2022-07-25T15:45:21.390", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.707", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -41,35 +41,23 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, - "impactScore": 5.9 + "impactScore": 2.5 } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -97,6 +85,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c6683edc-8c77-446c-bd7e-e97b8c5d0c57?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2224", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-24xx/CVE-2022-2442.json b/CVE-2022/CVE-2022-24xx/CVE-2022-2442.json index 8807da31788..497f91b5578 100644 --- a/CVE-2022/CVE-2022-24xx/CVE-2022-2442.json +++ b/CVE-2022/CVE-2022-24xx/CVE-2022-2442.json @@ -2,12 +2,12 @@ "id": "CVE-2022-2442", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:13.830", - "lastModified": "2022-09-10T02:05:06.093", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:44.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The Migration, Backup, Staging \u2013 WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload." + "value": "The Migration, Backup, Staging \u2013 WPvivid plugin for WordPress is vulnerable to deserialization of untrusted input via the 'path' parameter in versions up to, and including 0.9.74. This makes it possible for authenticated attackers with administrative privileges to call files using a PHAR wrapper that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload." }, { "lang": "es", @@ -68,16 +68,6 @@ "value": "CWE-502" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-502" - } - ] } ], "configurations": [ @@ -123,6 +113,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7e2ca2e-c495-47f8-9c18-da5ba73d9e70?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2442", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-24xx/CVE-2022-2443.json b/CVE-2022/CVE-2022-24xx/CVE-2022-2443.json index f6d92b47ae8..26af19ebd37 100644 --- a/CVE-2022/CVE-2022-24xx/CVE-2022-2443.json +++ b/CVE-2022/CVE-2022-24xx/CVE-2022-2443.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2443", "sourceIdentifier": "security@wordfence.com", "published": "2022-07-18T17:15:09.307", - "lastModified": "2022-07-25T15:40:12.383", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.040", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -58,18 +58,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -96,6 +84,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c5f3e34d-07fb-4e49-a4e2-f8e92301b35e?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2443", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-24xx/CVE-2022-2462.json b/CVE-2022/CVE-2022-24xx/CVE-2022-2462.json index 3a6cb12c5b3..25aed03141a 100644 --- a/CVE-2022/CVE-2022-24xx/CVE-2022-2462.json +++ b/CVE-2022/CVE-2022-24xx/CVE-2022-2462.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2462", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:13.950", - "lastModified": "2022-09-09T17:10:57.537", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.140", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -68,16 +68,6 @@ "value": "CWE-200" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-200" - } - ] } ], "configurations": [ @@ -124,6 +114,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bd1f12ac-86ac-4be9-9575-98381c3b4291?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2462", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-25xx/CVE-2022-2540.json b/CVE-2022/CVE-2022-25xx/CVE-2022-2540.json index b1842b6e1ac..fdd601efe60 100644 --- a/CVE-2022/CVE-2022-25xx/CVE-2022-2540.json +++ b/CVE-2022/CVE-2022-25xx/CVE-2022-2540.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2540", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:14.317", - "lastModified": "2022-09-13T14:17:41.420", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.237", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -68,16 +68,6 @@ "value": "CWE-352" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-352" - } - ] } ], "configurations": [ @@ -107,6 +97,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca64692b-b194-4ceb-975e-72e4041252f2?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2540", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-26xx/CVE-2022-2633.json b/CVE-2022/CVE-2022-26xx/CVE-2022-2633.json index 45fe297dbea..080b02fd46f 100644 --- a/CVE-2022/CVE-2022-26xx/CVE-2022-2633.json +++ b/CVE-2022/CVE-2022-26xx/CVE-2022-2633.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2633", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:14.503", - "lastModified": "2022-09-12T13:22:51.207", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.340", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -41,20 +41,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", + "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 8.2, + "baseScore": 7.5, "baseSeverity": "HIGH" }, "exploitabilityScore": 3.9, - "impactScore": 4.2 + "impactScore": 3.6 } ] }, @@ -68,20 +68,6 @@ "value": "CWE-610" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-73" - }, - { - "lang": "en", - "value": "CWE-918" - } - ] } ], "configurations": [ @@ -128,6 +114,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/83b0534e-1b8d-46a8-9698-e7ca73e5ab57?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2633", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-27xx/CVE-2022-2717.json b/CVE-2022/CVE-2022-27xx/CVE-2022-2717.json index ae219f1aaec..c8f9af4ab0c 100644 --- a/CVE-2022/CVE-2022-27xx/CVE-2022-2717.json +++ b/CVE-2022/CVE-2022-27xx/CVE-2022-2717.json @@ -2,12 +2,12 @@ "id": "CVE-2022-2717", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:14.687", - "lastModified": "2022-09-13T15:28:44.207", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.543", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The JoomSport \u2013 for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrative privileges, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + "value": "The JoomSport \u2013 for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrative privileges, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." }, { "lang": "es", @@ -68,16 +68,6 @@ "value": "CWE-89" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] } ], "configurations": [ @@ -115,6 +105,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9b6cf4ab-9e4d-4fd7-9e9e-c678ccc4d810?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2717", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-27xx/CVE-2022-2718.json b/CVE-2022/CVE-2022-27xx/CVE-2022-2718.json index b2de6e1dced..00c912e9e73 100644 --- a/CVE-2022/CVE-2022-27xx/CVE-2022-2718.json +++ b/CVE-2022/CVE-2022-27xx/CVE-2022-2718.json @@ -2,12 +2,12 @@ "id": "CVE-2022-2718", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:14.747", - "lastModified": "2022-09-13T15:30:20.007", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.650", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The JoomSport \u2013 for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-page-extrafields page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrative privileges, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + "value": "The JoomSport \u2013 for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-page-extrafields page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrative privileges, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." }, { "lang": "es", @@ -68,16 +68,6 @@ "value": "CWE-89" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-89" - } - ] } ], "configurations": [ @@ -115,6 +105,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9eee9bec-609a-468b-8b44-ac4af409df93?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2718", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-29xx/CVE-2022-2945.json b/CVE-2022/CVE-2022-29xx/CVE-2022-2945.json index b8a52382502..f027a49bb9e 100644 --- a/CVE-2022/CVE-2022-29xx/CVE-2022-2945.json +++ b/CVE-2022/CVE-2022-29xx/CVE-2022-2945.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2945", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:15.330", - "lastModified": "2022-09-13T22:58:09.670", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.743", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -68,16 +68,6 @@ "value": "CWE-22" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-22" - } - ] } ], "configurations": [ @@ -115,6 +105,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8957413c-95e0-49c8-ba8a-02b9b5141e08?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2945", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-30xx/CVE-2022-3026.json b/CVE-2022/CVE-2022-30xx/CVE-2022-3026.json index 33660da7f8a..080ca5a12b8 100644 --- a/CVE-2022/CVE-2022-30xx/CVE-2022-3026.json +++ b/CVE-2022/CVE-2022-30xx/CVE-2022-3026.json @@ -2,8 +2,8 @@ "id": "CVE-2022-3026", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-06T18:15:16.010", - "lastModified": "2022-09-09T02:32:58.380", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:45.850", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "NONE", + "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", - "baseScore": 7.1, - "baseSeverity": "HIGH" + "baseScore": 6.5, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 2.8, + "exploitabilityScore": 2.3, "impactScore": 3.7 } ] @@ -68,16 +68,6 @@ "value": "CWE-1236" } ] - }, - { - "source": "security@wordfence.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-138" - } - ] } ], "configurations": [ @@ -107,6 +97,10 @@ "Third Party Advisory" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7da1d7cf-e8b5-4b7c-bdc1-13ef8c11b663?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-3026", "source": "security@wordfence.com", diff --git a/CVE-2022/CVE-2022-31xx/CVE-2022-3144.json b/CVE-2022/CVE-2022-31xx/CVE-2022-3144.json index 900fbfd0bd2..3e79222de65 100644 --- a/CVE-2022/CVE-2022-31xx/CVE-2022-3144.json +++ b/CVE-2022/CVE-2022-31xx/CVE-2022-3144.json @@ -2,8 +2,8 @@ "id": "CVE-2022-3144", "sourceIdentifier": "security@wordfence.com", "published": "2022-09-23T14:15:12.900", - "lastModified": "2022-09-23T19:45:58.703", - "vulnStatus": "Analyzed", + "lastModified": "2024-01-11T09:15:46.063", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -58,18 +58,6 @@ } ] }, - "weaknesses": [ - { - "source": "security@wordfence.com", - "type": "Primary", - "description": [ - { - "lang": "en", - "value": "CWE-79" - } - ] - } - ], "configurations": [ { "nodes": [ @@ -104,6 +92,10 @@ "Release Notes" ] }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/833eb481-4fb4-432e-8e93-3f497ccbf1eb?source=cve", + "source": "security@wordfence.com" + }, { "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-3144", "source": "security@wordfence.com", diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4246.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4246.json new file mode 100644 index 00000000000..fdafb46a2bd --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4246.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-4246", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:46.190", + "lastModified": "2024-01-11T09:15:46.190", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_sendwp_remote_install_handler function. This makes it possible for unauthenticated attackers to install and activate the SendWP plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/give/trunk/includes/admin/misc-functions.php?rev=2772225#L258", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2974851%40give%2Ftrunk&old=2973080%40give%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc5c511f-dc79-468b-a107-cdf50999faf8?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4247.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4247.json new file mode 100644 index 00000000000..21e30b53022 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4247.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-4247", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:46.390", + "lastModified": "2024-01-11T09:15:46.390", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_sendwp_disconnect function. This makes it possible for unauthenticated attackers to deactivate the SendWP plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/give/trunk/includes/admin/misc-functions.php?rev=2772225#L333", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2974851%40give%2Ftrunk&old=2973080%40give%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e32d9104-5a39-4455-b76a-e24ae787bdfd?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4248.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4248.json new file mode 100644 index 00000000000..d4fce4253a9 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4248.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-4248", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:46.613", + "lastModified": "2024-01-11T09:15:46.613", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the give_stripe_disconnect_connect_stripe_account function. This makes it possible for unauthenticated attackers to deactivate the plugin's stripe integration settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/give/trunk/includes/gateways/stripe/includes/admin/admin-actions.php?rev=2585755#L361", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2974851%40give%2Ftrunk&old=2973080%40give%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2bff8dea-6971-47d4-bd2c-0821687033e5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-43xx/CVE-2023-4372.json b/CVE-2023/CVE-2023-43xx/CVE-2023-4372.json new file mode 100644 index 00000000000..98b86df7488 --- /dev/null +++ b/CVE-2023/CVE-2023-43xx/CVE-2023-4372.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4372", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:46.773", + "lastModified": "2024-01-11T09:15:46.773", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'esi' shortcode in versions up to, and including, 5.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://github.com/litespeedtech/lscache_wp/commit/95a407d9f192b37ac6cf96d2aa50f240e3e6b2d7#diff-7b2c514b58d1b8a71655607bdfab87cedb013bc1b8927ce0b49a89ddf4a7e01cR495", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/litespeed-cache/tags/5.5.1/src/esi.cls.php#L480", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2977143/litespeed-cache#file348", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/27026f0f-c85e-4409-9973-4b9cb8a90da5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-49xx/CVE-2023-4960.json b/CVE-2023/CVE-2023-49xx/CVE-2023-4960.json new file mode 100644 index 00000000000..24d3576234d --- /dev/null +++ b/CVE-2023/CVE-2023-49xx/CVE-2023-4960.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4960", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:46.930", + "lastModified": "2024-01-11T09:15:46.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WCFM Marketplace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wcfm_stores' shortcode in versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/wc-multivendor-marketplace/tags/3.6.1/core/class-wcfmmp-shortcode.php#L241", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/wc-multivendor-marketplace/tags/3.6.1/views/store-lists/wcfmmp-view-store-lists.php#L207", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3000763/wc-multivendor-marketplace#file999", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f99e9f01-cc98-4af5-bb95-f56f6a550e96?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-49xx/CVE-2023-4962.json b/CVE-2023/CVE-2023-49xx/CVE-2023-4962.json new file mode 100644 index 00000000000..11acfb03e30 --- /dev/null +++ b/CVE-2023/CVE-2023-49xx/CVE-2023-4962.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-4962", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:47.093", + "lastModified": "2024-01-11T09:15:47.093", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'video_popup' shortcode in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/video-popup/trunk/features/shortcode.php?rev=2928708#L144", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3004434/video-popup", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/670ea03e-2f76-48a4-9f40-bc4cfd987a89?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52027.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52027.json new file mode 100644 index 00000000000..6d8808a644e --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52027.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-52027", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-11T09:15:47.250", + "lastModified": "2024-01-11T09:15:47.250", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://815yang.github.io/2023/12/23/a3700r/TOTOLINKA3700R_NTPSyncWithHost/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json new file mode 100644 index 00000000000..b69de5de870 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52028.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-52028", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-11T09:15:47.300", + "lastModified": "2024-01-11T09:15:47.300", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_setTracerouteCfg/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json new file mode 100644 index 00000000000..6f2f458b302 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52029.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-52029", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-11T09:15:47.350", + "lastModified": "2024-01-11T09:15:47.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setDiagnosisCfg%29/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json new file mode 100644 index 00000000000..0e4ae9b1e75 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52030.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-52030", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-11T09:15:47.393", + "lastModified": "2024-01-11T09:15:47.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setOpModeCfg function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R%28setOpModeCfg%29/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json new file mode 100644 index 00000000000..b740a7f2574 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52031.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-52031", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-11T09:15:47.437", + "lastModified": "2024-01-11T09:15:47.437", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://815yang.github.io/2023/12/04/a3700r/TOTOlink%20A3700R_UploadFirmwareFile/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json b/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json new file mode 100644 index 00000000000..c55d7cc31e0 --- /dev/null +++ b/CVE-2023/CVE-2023-520xx/CVE-2023-52032.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-52032", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-11T09:15:47.483", + "lastModified": "2024-01-11T09:15:47.483", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the \"main\" function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://815yang.github.io/2023/12/24/cve6/EX1200T_V4.1.2cu.5232_B20210713_downloadFlile/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-55xx/CVE-2023-5504.json b/CVE-2023/CVE-2023-55xx/CVE-2023-5504.json new file mode 100644 index 00000000000..aaa3e41cc02 --- /dev/null +++ b/CVE-2023/CVE-2023-55xx/CVE-2023-5504.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-5504", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:47.553", + "lastModified": "2024-01-11T09:15:47.553", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default settings will place an index.php and a .htaccess file into the chosen directory (unless already present) when the first backup job is run that are intended to prevent directory listing and file access. This means that an attacker could set the backup directory to the root of another site in a shared environment and thus disable that site." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.3, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/backwpup/trunk/inc/class-page-settings.php?rev=2818974#L457", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3000176%40backwpup%2Ftrunk&old=2980789%40backwpup%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e830fe1e-1171-46da-8ee7-0a6654153f18?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-56xx/CVE-2023-5691.json b/CVE-2023/CVE-2023-56xx/CVE-2023-5691.json new file mode 100644 index 00000000000..f14fac9c437 --- /dev/null +++ b/CVE-2023/CVE-2023-56xx/CVE-2023-5691.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-5691", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:47.727", + "lastModified": "2024-01-11T09:15:47.727", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 2.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3000724%40collectchat%2Ftrunk&old=2983408%40collectchat%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfd67329-11b1-4f00-a422-bb4833a3181d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6220.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6220.json new file mode 100644 index 00000000000..ad2ea97e7e2 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6220.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6220", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:47.883", + "lastModified": "2024-01-11T09:15:47.883", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'piotnetforms_ajax_form_builder' function in versions up to, and including, 1.0.26. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/piotnetforms/tags/1.0.26/inc/forms/ajax-form-builder.php#L430", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af2b7eac-a3f5-408f-b139-643e70b3f27a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-62xx/CVE-2023-6266.json b/CVE-2023/CVE-2023-62xx/CVE-2023-6266.json new file mode 100644 index 00000000000..9634866b350 --- /dev/null +++ b/CVE-2023/CVE-2023-62xx/CVE-2023-6266.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6266", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:48.047", + "lastModified": "2024-01-11T09:15:48.047", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download back-up files which can contain sensitive information such as user passwords, PII, database credentials, and much more." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.5/includes/initializer.php#L1048", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.5/includes/initializer.php#L972", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/initializer.php#L1065", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/08801f53-3c57-41a3-a637-4b52637cc612?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6316.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6316.json new file mode 100644 index 00000000000..422435f91e6 --- /dev/null +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6316.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6316", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:48.210", + "lastModified": "2024-01-11T09:15:48.210", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the '_single_file_upload' function in versions up to, and including, 5.0.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/mw-wp-form/tags/5.0.1/classes/models/class.file.php#L60", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3003065/mw-wp-form#file15", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2c03142-be30-4173-a140-14d73a16dd2b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6369.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6369.json new file mode 100644 index 00000000000..1510360eb80 --- /dev/null +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6369.json @@ -0,0 +1,75 @@ +{ + "id": "CVE-2023-6369", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:48.380", + "lastModified": "2024-01-11T09:15:48.380", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to disclose sensitive information or perform unauthorized actions, such as saving advanced plugin settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/cancelRcExportProcess.php#L23", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/deleteExportedZipFile.php#L24", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/exportLogPercentage.php#L23", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/requestForWpPageToStaticHtml.php#L24", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/saveAdvancedSettings.php#L22", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/searchPosts.php#L24", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/export-wp-page-to-static-html/trunk/admin/includes/AjaxRequests/seeLogsInDetails.php#L22", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3002740/export-wp-page-to-static-html", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/47cb48aa-b556-4f25-ac68-ff0a812972c1?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-64xx/CVE-2023-6496.json b/CVE-2023/CVE-2023-64xx/CVE-2023-6496.json new file mode 100644 index 00000000000..c9ad935a0d7 --- /dev/null +++ b/CVE-2023/CVE-2023-64xx/CVE-2023-6496.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6496", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:48.543", + "lastModified": "2024-01-11T09:15:48.543", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Manage Notification E-mails plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.8.5 via the card_famne_export_settings function. This makes it possible for unauthenticated attackers to obtain plugin settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3007199%40manage-notification-emails%2Ftrunk&old=2920034%40manage-notification-emails%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/048bc117-88df-44b3-a30c-692bad23050f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6504.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6504.json new file mode 100644 index 00000000000..fc750e802a9 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6504.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6504", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:48.710", + "lastModified": "2024-01-11T09:15:48.710", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The User Profile Builder \u2013 Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wppb_toolbox_usermeta_handler function in all versions up to, and including, 3.10.7. This makes it possible for authenticated attackers, with contributor-level access and above, to expose sensitive information within user metadata." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3012472/profile-builder", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f515ccf8-7231-4728-b155-c47049087d42?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6556.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6556.json new file mode 100644 index 00000000000..db491742f4e --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6556.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6556", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:48.877", + "lastModified": "2024-01-11T09:15:48.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The FOX \u2013 Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/woocommerce-currency-switcher/trunk/classes/smart-designer.php#L120", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/woocommerce-currency-switcher/trunk/classes/smart-designer.php#L21", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3012135%40woocommerce-currency-switcher&new=3012135%40woocommerce-currency-switcher&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8cb37019-33f6-4f72-adfc-befbfbf69e47?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6558.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6558.json new file mode 100644 index 00000000000..fd291608c12 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6558.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6558", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:49.037", + "lastModified": "2024-01-11T09:15:49.037", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'upload_import_file' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attackers with shop manager-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/users-customers-import-export-for-wp-woocommerce/tags/2.4.7/admin/modules/import/classes/class-import-ajax.php#L124", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3008454/users-customers-import-export-for-wp-woocommerce#file197", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/55b3e2dc-dc4f-408b-bbc6-da72ed5ad245?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6561.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6561.json new file mode 100644 index 00000000000..4a78898bf23 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6561.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6561", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:49.193", + "lastModified": "2024-01-11T09:15:49.193", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the featured image alt text in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/featured-image-from-url/trunk/admin/category.php#L62", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/featured-image-from-url/trunk/admin/meta-box.php#L213", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3009699%40featured-image-from-url%2Ftrunk&old=3003342%40featured-image-from-url%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4d5ae93-000e-4001-adfa-c11058032469?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json new file mode 100644 index 00000000000..3242a001913 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6567.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6567", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:49.407", + "lastModified": "2024-01-11T09:15:49.407", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018order_by\u2019 parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3013957/learnpress", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ab578cd-3a0b-43d3-aaa7-0a01f431a4e2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json new file mode 100644 index 00000000000..8d11878f93e --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6582.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6582", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:49.617", + "lastModified": "2024-01-11T09:15:49.617", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekit_widgetarea_content function. This makes it possible for unauthenticated attackers to obtain contents of posts in draft, private or pending review status that should not be visible to the general public. This applies to posts created with Elementor only." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/modules/controls/widget-area-utils.php#L15", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/elementskit-lite/tags/3.0.3/widgets/init/enqueue-scripts.php#L44", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3011323/elementskit-lite/trunk/modules/controls/widget-area-utils.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff4ae5c8-d164-4c2f-9bf3-83934c22cf4c?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json new file mode 100644 index 00000000000..6384d339c17 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6583.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6583", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:49.777", + "lastModified": "2024-01-11T09:15:49.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. This makes it possible for authenticated attackers, with administrator access and above, to read and delete the contents of arbitrary files on the server including wp-config.php, which can contain sensitive information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3007057/", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac709779-36f1-4f66-8db3-95a514a5ea59?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6598.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6598.json new file mode 100644 index 00000000000..fb282516f42 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6598.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6598", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:49.933", + "lastModified": "2024-01-11T09:15:49.933", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SpeedyCache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the speedycache_save_varniship, speedycache_img_update_settings, speedycache_preloading_add_settings, and speedycache_preloading_delete_resource functions in all versions up to, and including, 1.1.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to update plugin options." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3010577/speedycache", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db8cfdba-f3b2-45dc-9be7-6f6374fd5f39?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6624.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6624.json new file mode 100644 index 00000000000..c430d31e7e5 --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6624.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6624", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:50.100", + "lastModified": "2024-01-11T09:15:50.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.24.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3007926%40import-users-from-csv-with-meta%2Ftrunk&old=3007057%40import-users-from-csv-with-meta%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4731eb39-8c01-4a2b-80f7-15d8c13a19b5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6632.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6632.json new file mode 100644 index 00000000000..8b9d5ea2738 --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6632.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6632", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:50.257", + "lastModified": "2024-01-11T09:15:50.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via DOM in all versions up to and including 3.9.1.1 (versions up to 2.9.1.1 in Happy Addons for Elementor Pro) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/happy-elementor-addons/trunk/extensions/scroll-to-top.php#L142", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3011757%40happy-elementor-addons%2Ftrunk&old=2987938%40happy-elementor-addons%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/06ef69f0-34d3-4389-8a81-a4d9922f1468?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6634.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6634.json new file mode 100644 index 00000000000..3e9ff4a29b5 --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6634.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6634", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:50.437", + "lastModified": "2024-01-11T09:15:50.437", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3013957/learnpress", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21291ed7-cdc0-4698-9ec4-8417160845ed?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6636.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6636.json new file mode 100644 index 00000000000..c68ec548e5d --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6636.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6636", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:50.593", + "lastModified": "2024-01-11T09:15:50.593", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Greenshift \u2013 animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'gspb_save_files' function in versions up to, and including, 7.6.2. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/greenshift-animation-and-page-builder-blocks/trunk/settings.php?rev=3006373#L867", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3009030/greenshift-animation-and-page-builder-blocks/trunk/settings.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/821462d6-970e-4e3e-b91d-e7153296ba9f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6637.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6637.json new file mode 100644 index 00000000000..422b075fcaa --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6637.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6637", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:50.753", + "lastModified": "2024-01-11T09:15:50.753", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The CAOS | Host Google Analytics Locally plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_settings' function in versions up to, and including, 4.7.14. This makes it possible for unauthenticated attackers to update plugin settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/host-analyticsjs-local/tags/4.7.12/includes/class-caos.php#L414", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3008878/host-analyticsjs-local#file8", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3009011/host-analyticsjs-local#file5", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ec1fd03-f865-4f58-b63b-e70c0c7e701d?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6638.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6638.json new file mode 100644 index 00000000000..a3be11c61ed --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6638.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6638", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:50.920", + "lastModified": "2024-01-11T09:15:50.920", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The GTG Product Feed for Shopping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_settings' function in versions up to, and including, 1.2.4. This makes it possible for unauthenticated attackers to update plugin settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/gg-woo-feed/trunk/inc/Admin/Admin.php?rev=2933599#L199", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce6b9b0a-e82e-459a-bddf-1c9354bcec00?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6645.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6645.json new file mode 100644 index 00000000000..83a1958b768 --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6645.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6645", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:51.097", + "lastModified": "2024-01-11T09:15:51.097", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Post Grid Combo \u2013 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS parameter in all versions up to, and including, 2.2.64 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010342%40post-grid%2Ftrunk&old=2999466%40post-grid%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab777672-6eef-4078-932d-24bb784107fa?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-66xx/CVE-2023-6684.json b/CVE-2023/CVE-2023-66xx/CVE-2023-6684.json new file mode 100644 index 00000000000..a0c6f1c49c2 --- /dev/null +++ b/CVE-2023/CVE-2023-66xx/CVE-2023-6684.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6684", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:51.263", + "lastModified": "2024-01-11T09:15:51.263", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ive' shortcode in versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on 'width' and 'height' user supplied attribute. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/trunk/ive-countdown.php?rev=2965648#L633", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3006647/ibtana-visual-editor/trunk/ive-countdown.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0b09d496-0e03-48a4-acf7-57febe18ed0a?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6737.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6737.json new file mode 100644 index 00000000000..4d33945616f --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6737.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6737", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:51.457", + "lastModified": "2024-01-11T09:15:51.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Enable Media Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the SHORTPIXEL_DEBUG parameter in all versions up to, and including, 4.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. Exploiting this vulnerability requires the attacker to know the ID of an attachment uploaded by the user they are attacking." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010103%40enable-media-replace%2Ftrunk&old=2990561%40enable-media-replace%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c37d8218-6059-46f2-a5d9-d7c22486211e?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6742.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6742.json new file mode 100644 index 00000000000..6bffb9b1a89 --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6742.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6742", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:51.640", + "lastModified": "2024-01-11T09:15:51.640", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Gallery Plugin for WordPress \u2013 Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'envira_gallery_insert_images' function in all versions up to, and including, 1.8.7.1. This makes it possible for authenticated attackers, with contributor access and above, to modify galleries on other users' posts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/envira-gallery-lite/trunk/includes/admin/ajax.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3017115/envira-gallery-lite/tags/1.8.7.3/includes/admin/ajax.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/40655278-6915-4a76-ac2d-bb161d3cee92?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6751.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6751.json new file mode 100644 index 00000000000..074fc24e500 --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6751.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6751", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:51.817", + "lastModified": "2024-01-11T09:15:51.817", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publish_website in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010008%40hostinger%2Ftrunk&old=3010004%40hostinger%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d89cf759-5e5f-43e2-90a9-a8e554653ee1?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6776.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6776.json new file mode 100644 index 00000000000..450b5d4720f --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6776.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6776", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:51.977", + "lastModified": "2024-01-11T09:15:51.977", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The 3D FlipBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018Ready Function\u2019 field in all versions up to, and including, 1.15.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3014013/interactive-3d-flipbook-powered-physics-engine", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/500fd8aa-9ad1-41ee-bbeb-cda9c80c4fcb?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6781.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6781.json new file mode 100644 index 00000000000..fe4d2d60156 --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6781.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6781", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:52.133", + "lastModified": "2024-01-11T09:15:52.133", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 2.10.26 due to insufficient input sanitization and output escaping on user supplied values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/header-footer-scripts/init.php#L315", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/themeisle-companion/trunk/obfx_modules/header-footer-scripts/init.php#L34", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3011567%40themeisle-companion%2Ftrunk&old=2991564%40themeisle-companion%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23e39019-c322-4027-84f2-faabd9ca4983?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-67xx/CVE-2023-6782.json b/CVE-2023/CVE-2023-67xx/CVE-2023-6782.json new file mode 100644 index 00000000000..8942be9c76d --- /dev/null +++ b/CVE-2023/CVE-2023-67xx/CVE-2023-6782.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6782", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:52.297", + "lastModified": "2024-01-11T09:15:52.297", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.92 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.svn.wordpress.org/accelerated-mobile-pages/trunk/templates/features.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010797%40accelerated-mobile-pages%2Ftrunk&old=2998126%40accelerated-mobile-pages%2Ftrunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1cae64e-caed-43c0-9a75-9aa4234946a0?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6828.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6828.json new file mode 100644 index 00000000000..511f7672d4e --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6828.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6828", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:52.457", + "lastModified": "2024-01-11T09:15:52.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Contact Form, Survey & Popup Form Plugin for WordPress \u2013 ARForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018 arf_http_referrer_url\u2019 parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3013347@arforms-form-builder/trunk&old=2998602@arforms-form-builder/trunk&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e349cae-a996-4a32-807a-a98ebcb01edd?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6855.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6855.json new file mode 100644 index 00000000000..829cd4c9309 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6855.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6855", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:52.613", + "lastModified": "2024-01-11T09:15:52.613", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Paid Memberships Pro \u2013 Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to unauthorized modification of membership levels created by the plugin due to an incorrectly implemented capability check in the pmpro_rest_api_get_permissions_check function in all versions up to 2.12.5 (inclusive). This makes it possible for unauthenticated attackers to change membership levels including prices." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/paid-memberships-pro/trunk/includes/rest-api.php#L528", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/paid-memberships-pro/trunk/includes/rest-api.php#L997", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3011575/paid-memberships-pro/trunk/includes/rest-api.php?contextall=1&old=2947813&old_path=%2Fpaid-memberships-pro%2Ftrunk%2Fincludes%2Frest-api.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/383c7837-e7b7-4608-9cdc-91b7dbc7f4e2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6875.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6875.json new file mode 100644 index 00000000000..bfa264eba53 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6875.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6875", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:52.773", + "lastModified": "2024-01-11T09:15:52.773", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The POST SMTP Mailer \u2013 Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L60", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3016051/post-smtp/trunk?contextall=1&old=3012318&old_path=%2Fpost-smtp%2Ftrunk", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e675d64c-cbb8-4f24-9b6f-2597a97b49af?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6878.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6878.json new file mode 100644 index 00000000000..96e553af2b5 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6878.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6878", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:52.940", + "lastModified": "2024-01-11T09:15:52.940", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Slick Social Share Buttons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dcssb_ajax_update' function in versions up to, and including, 2.4.11. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update the site options arbitrarily." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/slick-social-share-buttons/tags/2.4.11/inc/dcwp_admin.php#L49", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79a5c01d-3867-4b1e-b0ba-9a802f0bed92?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-68xx/CVE-2023-6882.json b/CVE-2023/CVE-2023-68xx/CVE-2023-6882.json new file mode 100644 index 00000000000..052849cdf80 --- /dev/null +++ b/CVE-2023/CVE-2023-68xx/CVE-2023-6882.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6882", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:53.103", + "lastModified": "2024-01-11T09:15:53.103", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018environment_mode\u2019 parameter in all versions up to, and including, 4.3.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3010737/simple-membership", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/366165fe-93e5-49ab-b2e5-1de624f22286?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6924.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6924.json new file mode 100644 index 00000000000..3e68551b0bc --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6924.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-6924", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:53.253", + "lastModified": "2024-01-11T09:15:53.253", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widgets in versions up to, and including, 1.8.18 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It can also be exploited with a contributor-level permission with a page builder plugin." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/Widget.php#L94", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetSlideshow.php#L64", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/photo-gallery/tags/1.8.18/admin/views/WidgetTags.php#L58", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3013021/photo-gallery", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/21b4d1a1-55fe-4241-820c-203991d724c4?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6934.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6934.json new file mode 100644 index 00000000000..3ff09534217 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6934.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6934", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:53.417", + "lastModified": "2024-01-11T09:15:53.417", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Limit Login Attempts Reloaded plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 2.25.26 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.svn.wordpress.org/limit-login-attempts-reloaded/trunk/core/Shortcodes.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012447%40limit-login-attempts-reloaded%2Ftrunk&old=2995934%40limit-login-attempts-reloaded%2Ftrunk&sfp_email=&sfph_mail=#file2", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/906049c0-4710-47aa-bf44-cdf29032dc1f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6979.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6979.json new file mode 100644 index 00000000000..ed19a7a90d7 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6979.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-6979", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:53.670", + "lastModified": "2024-01-11T09:15:53.670", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ivole_import_upload_csv AJAX action in all versions up to, and including, 5.38.9. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://drive.proton.me/urls/K4R2HDQBS0#iuTPm3NqZEdz", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/customer-reviews-woocommerce/trunk/includes/import-export/class-cr-reviews-importer.php#L35", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3016708%40customer-reviews-woocommerce&new=3016708%40customer-reviews-woocommerce&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3018507%40customer-reviews-woocommerce&new=3018507%40customer-reviews-woocommerce&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4af801db-44a6-4cd3-bd1a-3125490c8c48?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6988.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6988.json new file mode 100644 index 00000000000..25efa688a1e --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6988.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-6988", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:53.910", + "lastModified": "2024-01-11T09:15:53.910", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's extend_builder_render_js shortcode in all versions up to, and including, 1.0.239 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013337%40colibri-page-builder&new=3013337%40colibri-page-builder&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6990.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6990.json new file mode 100644 index 00000000000..15b530fa459 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6990.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-6990", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:54.173", + "lastModified": "2024-01-11T09:15:54.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Weaver Xtreme theme for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta in all versions up to, and including, 6.3.0 due to insufficient input sanitization and output escaping on user supplied meta (page-head-code). This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=212828%40weaver-xtreme&new=212828%40weaver-xtreme&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc7384d7-c2fd-4d63-9b80-bb5bde9a23d5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-69xx/CVE-2023-6994.json b/CVE-2023/CVE-2023-69xx/CVE-2023-6994.json new file mode 100644 index 00000000000..2d60991aba7 --- /dev/null +++ b/CVE-2023/CVE-2023-69xx/CVE-2023-6994.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6994", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:54.497", + "lastModified": "2024-01-11T09:15:54.497", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catlist' shortcode in all versions up to, and including, 0.89.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.svn.wordpress.org/list-category-posts/trunk/include/lcp-wrapper.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.svn.wordpress.org/list-category-posts/trunk/list-category-posts.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3018689%40list-category-posts&new=3018689%40list-category-posts&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/611871cc-737f-44e3-baf5-dbaa8bd8eb81?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7019.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7019.json new file mode 100644 index 00000000000..048139b828c --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7019.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-7019", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:54.780", + "lastModified": "2024-01-11T09:15:54.780", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The LightStart \u2013 Maintenance Mode, Coming Soon and Landing Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the insert_template function in all versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to change page designs." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3013229/wp-maintenance-mode/trunk/includes/classes/wp-maintenance-mode-admin.php?contextall=1&old=2922691&old_path=%2Fwp-maintenance-mode%2Ftrunk%2Fincludes%2Fclasses%2Fwp-maintenance-mode-admin.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b57d3d1d-dcdb-4f11-82d8-183778baa075?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7048.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7048.json new file mode 100644 index 00000000000..4b1f129371b --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7048.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-7048", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:55.030", + "lastModified": "2024-01-11T09:15:55.030", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a CSV file containing contact leads via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Because the CSV file is exported to a public location, it can be downloaded during a very short window of time before it is automatically deleted by the export function." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset/3016780/mystickymenu", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be0ab40f-cff7-48bd-8dae-cc50af047151?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7070.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7070.json new file mode 100644 index 00000000000..50e20a90eac --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7070.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-7070", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:55.287", + "lastModified": "2024-01-11T09:15:55.287", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Email Encoder \u2013 Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's eeb_mailto shortcode in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/email-encoder-bundle/trunk/core/includes/classes/class-email-encoder-bundle-run.php#L518", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/email-encoder-bundle/trunk/core/includes/classes/class-email-encoder-bundle-run.php#L529", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3019206%40email-encoder-bundle&new=3019206%40email-encoder-bundle&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f5afe6ea-93b8-4782-8593-76468e370a45?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7071.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7071.json new file mode 100644 index 00000000000..606387044e3 --- /dev/null +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7071.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-7071", + "sourceIdentifier": "security@wordfence.com", + "published": "2024-01-11T09:15:55.540", + "lastModified": "2024-01-11T09:15:55.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Table of Contents block in all versions up to, and including, 4.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.1, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/trunk/blocks/TableOfContents.php#L138", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3018547/essential-blocks/tags/4.4.7/blocks/TableOfContents.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f969cb24-734f-46e5-a74d-fddf8e61e096?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index dba55cad3cc..44ce2b34df4 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-11T09:00:25.054623+00:00 +2024-01-11T11:00:25.036353+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-11T08:15:35.933000+00:00 +2024-01-11T09:15:55.540000+00:00 ``` ### Last Data Feed Release @@ -29,28 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -235569 +235625 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `56` -* [CVE-2023-6223](CVE-2023/CVE-2023-62xx/CVE-2023-6223.json) (`2024-01-11T07:15:08.220`) -* [CVE-2023-6446](CVE-2023/CVE-2023-64xx/CVE-2023-6446.json) (`2024-01-11T07:15:08.540`) -* [CVE-2023-6506](CVE-2023/CVE-2023-65xx/CVE-2023-6506.json) (`2024-01-11T07:15:08.810`) -* [CVE-2023-6520](CVE-2023/CVE-2023-65xx/CVE-2023-6520.json) (`2024-01-11T07:15:09.070`) -* [CVE-2023-6699](CVE-2023/CVE-2023-66xx/CVE-2023-6699.json) (`2024-01-11T07:15:09.357`) -* [CVE-2023-6883](CVE-2023/CVE-2023-68xx/CVE-2023-6883.json) (`2024-01-11T07:15:09.620`) -* [CVE-2023-37644](CVE-2023/CVE-2023-376xx/CVE-2023-37644.json) (`2024-01-11T08:15:35.737`) -* [CVE-2024-0252](CVE-2024/CVE-2024-02xx/CVE-2024-0252.json) (`2024-01-11T08:15:35.933`) +* [CVE-2023-6637](CVE-2023/CVE-2023-66xx/CVE-2023-6637.json) (`2024-01-11T09:15:50.753`) +* [CVE-2023-6638](CVE-2023/CVE-2023-66xx/CVE-2023-6638.json) (`2024-01-11T09:15:50.920`) +* [CVE-2023-6645](CVE-2023/CVE-2023-66xx/CVE-2023-6645.json) (`2024-01-11T09:15:51.097`) +* [CVE-2023-6684](CVE-2023/CVE-2023-66xx/CVE-2023-6684.json) (`2024-01-11T09:15:51.263`) +* [CVE-2023-6737](CVE-2023/CVE-2023-67xx/CVE-2023-6737.json) (`2024-01-11T09:15:51.457`) +* [CVE-2023-6742](CVE-2023/CVE-2023-67xx/CVE-2023-6742.json) (`2024-01-11T09:15:51.640`) +* [CVE-2023-6751](CVE-2023/CVE-2023-67xx/CVE-2023-6751.json) (`2024-01-11T09:15:51.817`) +* [CVE-2023-6776](CVE-2023/CVE-2023-67xx/CVE-2023-6776.json) (`2024-01-11T09:15:51.977`) +* [CVE-2023-6781](CVE-2023/CVE-2023-67xx/CVE-2023-6781.json) (`2024-01-11T09:15:52.133`) +* [CVE-2023-6782](CVE-2023/CVE-2023-67xx/CVE-2023-6782.json) (`2024-01-11T09:15:52.297`) +* [CVE-2023-6828](CVE-2023/CVE-2023-68xx/CVE-2023-6828.json) (`2024-01-11T09:15:52.457`) +* [CVE-2023-6855](CVE-2023/CVE-2023-68xx/CVE-2023-6855.json) (`2024-01-11T09:15:52.613`) +* [CVE-2023-6875](CVE-2023/CVE-2023-68xx/CVE-2023-6875.json) (`2024-01-11T09:15:52.773`) +* [CVE-2023-6878](CVE-2023/CVE-2023-68xx/CVE-2023-6878.json) (`2024-01-11T09:15:52.940`) +* [CVE-2023-6882](CVE-2023/CVE-2023-68xx/CVE-2023-6882.json) (`2024-01-11T09:15:53.103`) +* [CVE-2023-6924](CVE-2023/CVE-2023-69xx/CVE-2023-6924.json) (`2024-01-11T09:15:53.253`) +* [CVE-2023-6934](CVE-2023/CVE-2023-69xx/CVE-2023-6934.json) (`2024-01-11T09:15:53.417`) +* [CVE-2023-6979](CVE-2023/CVE-2023-69xx/CVE-2023-6979.json) (`2024-01-11T09:15:53.670`) +* [CVE-2023-6988](CVE-2023/CVE-2023-69xx/CVE-2023-6988.json) (`2024-01-11T09:15:53.910`) +* [CVE-2023-6990](CVE-2023/CVE-2023-69xx/CVE-2023-6990.json) (`2024-01-11T09:15:54.173`) +* [CVE-2023-6994](CVE-2023/CVE-2023-69xx/CVE-2023-6994.json) (`2024-01-11T09:15:54.497`) +* [CVE-2023-7019](CVE-2023/CVE-2023-70xx/CVE-2023-7019.json) (`2024-01-11T09:15:54.780`) +* [CVE-2023-7048](CVE-2023/CVE-2023-70xx/CVE-2023-7048.json) (`2024-01-11T09:15:55.030`) +* [CVE-2023-7070](CVE-2023/CVE-2023-70xx/CVE-2023-7070.json) (`2024-01-11T09:15:55.287`) +* [CVE-2023-7071](CVE-2023/CVE-2023-70xx/CVE-2023-7071.json) (`2024-01-11T09:15:55.540`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `26` -* [CVE-2023-42941](CVE-2023/CVE-2023-429xx/CVE-2023-42941.json) (`2024-01-11T07:15:07.880`) +* [CVE-2022-0888](CVE-2022/CVE-2022-08xx/CVE-2022-0888.json) (`2024-01-11T09:15:42.923`) +* [CVE-2022-0889](CVE-2022/CVE-2022-08xx/CVE-2022-0889.json) (`2024-01-11T09:15:43.023`) +* [CVE-2022-0993](CVE-2022/CVE-2022-09xx/CVE-2022-0993.json) (`2024-01-11T09:15:43.237`) +* [CVE-2022-1119](CVE-2022/CVE-2022-11xx/CVE-2022-1119.json) (`2024-01-11T09:15:43.380`) +* [CVE-2022-1208](CVE-2022/CVE-2022-12xx/CVE-2022-1208.json) (`2024-01-11T09:15:43.483`) +* [CVE-2022-1209](CVE-2022/CVE-2022-12xx/CVE-2022-1209.json) (`2024-01-11T09:15:43.603`) +* [CVE-2022-1476](CVE-2022/CVE-2022-14xx/CVE-2022-1476.json) (`2024-01-11T09:15:43.827`) +* [CVE-2022-1768](CVE-2022/CVE-2022-17xx/CVE-2022-1768.json) (`2024-01-11T09:15:43.940`) +* [CVE-2022-1820](CVE-2022/CVE-2022-18xx/CVE-2022-1820.json) (`2024-01-11T09:15:44.060`) +* [CVE-2022-1918](CVE-2022/CVE-2022-19xx/CVE-2022-1918.json) (`2024-01-11T09:15:44.170`) +* [CVE-2022-1985](CVE-2022/CVE-2022-19xx/CVE-2022-1985.json) (`2024-01-11T09:15:44.277`) +* [CVE-2022-2039](CVE-2022/CVE-2022-20xx/CVE-2022-2039.json) (`2024-01-11T09:15:44.400`) +* [CVE-2022-2101](CVE-2022/CVE-2022-21xx/CVE-2022-2101.json) (`2024-01-11T09:15:44.523`) +* [CVE-2022-2117](CVE-2022/CVE-2022-21xx/CVE-2022-2117.json) (`2024-01-11T09:15:44.613`) +* [CVE-2022-2224](CVE-2022/CVE-2022-22xx/CVE-2022-2224.json) (`2024-01-11T09:15:44.707`) +* [CVE-2022-2442](CVE-2022/CVE-2022-24xx/CVE-2022-2442.json) (`2024-01-11T09:15:44.910`) +* [CVE-2022-2443](CVE-2022/CVE-2022-24xx/CVE-2022-2443.json) (`2024-01-11T09:15:45.040`) +* [CVE-2022-2462](CVE-2022/CVE-2022-24xx/CVE-2022-2462.json) (`2024-01-11T09:15:45.140`) +* [CVE-2022-2540](CVE-2022/CVE-2022-25xx/CVE-2022-2540.json) (`2024-01-11T09:15:45.237`) +* [CVE-2022-2633](CVE-2022/CVE-2022-26xx/CVE-2022-2633.json) (`2024-01-11T09:15:45.340`) +* [CVE-2022-2717](CVE-2022/CVE-2022-27xx/CVE-2022-2717.json) (`2024-01-11T09:15:45.543`) +* [CVE-2022-2718](CVE-2022/CVE-2022-27xx/CVE-2022-2718.json) (`2024-01-11T09:15:45.650`) +* [CVE-2022-2945](CVE-2022/CVE-2022-29xx/CVE-2022-2945.json) (`2024-01-11T09:15:45.743`) +* [CVE-2022-3026](CVE-2022/CVE-2022-30xx/CVE-2022-3026.json) (`2024-01-11T09:15:45.850`) +* [CVE-2022-3144](CVE-2022/CVE-2022-31xx/CVE-2022-3144.json) (`2024-01-11T09:15:46.063`) ## Download and Usage