Auto-Update: 2023-11-24T23:00:27.702420+00:00

2025-05-08 19:47:09 +00:00 · 2023-11-24 23:00:31 +00:00 · 2023-11-24 23:00:31 +00:00 · 8c1a631eb7
commit 8c1a631eb7
parent cd809802dc
4 changed files with 151 additions and 29 deletions
--- a/CVE-2023/CVE-2023-476xx/CVE-2023-47664.json
+++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47664.json
@ -2,16 +2,40 @@
  "id": "CVE-2023-47664",
  "sourceIdentifier": "audit@patchstack.com",
  "published": "2023-11-18T21:15:08.810",
-  "lastModified": "2023-11-20T00:02:59.753",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-11-24T22:48:31.267",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview Plainview Protect Passwords.This issue affects Plainview Protect Passwords: from n/a through 1.4.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en edward_plainview Plainview Protect Passwords. Este problema afecta a Plainview Protect Passwords: desde n/a hasta 1.4."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      },
      {
        "source": "audit@patchstack.com",
        "type": "Secondary",
@ -46,10 +70,31 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:plainviewplugins:plainview_protect_passwords:*:*:*:*:*:wordpress:*:*",
+              "versionEndIncluding": "1.4",
+              "matchCriteriaId": "4506109A-78DD-4FC3-83DF-408BD43B18D6"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://patchstack.com/database/vulnerability/plainview-protect-passwords/wordpress-plainview-protect-passwords-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
-      "source": "audit@patchstack.com"
+      "source": "audit@patchstack.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-476xx/CVE-2023-47666.json
+++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47666.json
@ -2,16 +2,40 @@
  "id": "CVE-2023-47666",
  "sourceIdentifier": "audit@patchstack.com",
  "published": "2023-11-18T21:15:09.017",
-  "lastModified": "2023-11-20T00:02:59.753",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-11-24T22:48:09.573",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-Site Request Forgery (CSRF) vulnerability in Code Snippets Pro Code Snippets.This issue affects Code Snippets: from n/a through 3.5.0.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Code Snippets Pro Code Snippets. Este problema afecta a Code Snippets: desde n/a hasta 3.5.0."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      },
      {
        "source": "audit@patchstack.com",
        "type": "Secondary",
@ -46,10 +70,31 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:code_snippets:code_snippets:*:*:*:*:*:wordpress:*:*",
+              "versionEndIncluding": "3.5.0",
+              "matchCriteriaId": "1CB17DD4-9F38-473C-8FFD-80194DF24581"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://patchstack.com/database/vulnerability/code-snippets/wordpress-code-snippets-plugin-3-5-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
-      "source": "audit@patchstack.com"
+      "source": "audit@patchstack.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2023/CVE-2023-476xx/CVE-2023-47667.json
+++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47667.json
@ -2,16 +2,40 @@
  "id": "CVE-2023-47667",
  "sourceIdentifier": "audit@patchstack.com",
  "published": "2023-11-18T21:15:09.240",
-  "lastModified": "2023-11-20T00:02:59.753",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2023-11-24T22:48:19.563",
+  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-Site Request Forgery (CSRF) vulnerability in Mammothology WP Full Stripe Free.This issue affects WP Full Stripe Free: from n/a through 1.6.1.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Mammothology WP Full Stripe Free. Este problema afecta a WP Full Stripe Free: desde n/a hasta 1.6.1."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      },
      {
        "source": "audit@patchstack.com",
        "type": "Secondary",
@ -46,10 +70,31 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:paymentsplugin:wp_full_stripe_free:*:*:*:*:*:wordpress:*:*",
+              "versionEndIncluding": "1.6.1",
+              "matchCriteriaId": "EBD58113-B5AF-4EE1-AA84-D8A4507A7C92"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://patchstack.com/database/vulnerability/wp-full-stripe-free/wordpress-wp-full-stripe-free-plugin-1-6-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
-      "source": "audit@patchstack.com"
+      "source": "audit@patchstack.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-11-24T21:02:04.877275+00:00
+2023-11-24T23:00:27.702420+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-11-24T20:15:07.293000+00:00
+2023-11-24T22:48:31.267000+00:00
 ```

 ### Last Data Feed Release
@ -34,30 +34,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `0`

-* [CVE-2023-49298](CVE-2023/CVE-2023-492xx/CVE-2023-49298.json) (`2023-11-24T19:15:07.587`)
-* [CVE-2023-6277](CVE-2023/CVE-2023-62xx/CVE-2023-6277.json) (`2023-11-24T19:15:07.643`)
-* [CVE-2023-6293](CVE-2023/CVE-2023-62xx/CVE-2023-6293.json) (`2023-11-24T20:15:07.293`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `13`
+Recently modified CVEs: `3`

-* [CVE-2023-47551](CVE-2023/CVE-2023-475xx/CVE-2023-47551.json) (`2023-11-24T19:08:13.707`)
-* [CVE-2023-4824](CVE-2023/CVE-2023-48xx/CVE-2023-4824.json) (`2023-11-24T19:20:38.407`)
-* [CVE-2023-4799](CVE-2023/CVE-2023-47xx/CVE-2023-4799.json) (`2023-11-24T19:20:55.237`)
-* [CVE-2023-47556](CVE-2023/CVE-2023-475xx/CVE-2023-47556.json) (`2023-11-24T19:23:37.167`)
-* [CVE-2023-47531](CVE-2023/CVE-2023-475xx/CVE-2023-47531.json) (`2023-11-24T19:28:13.333`)
-* [CVE-2023-47519](CVE-2023/CVE-2023-475xx/CVE-2023-47519.json) (`2023-11-24T19:28:40.537`)
-* [CVE-2023-47243](CVE-2023/CVE-2023-472xx/CVE-2023-47243.json) (`2023-11-24T19:28:52.237`)
-* [CVE-2023-26364](CVE-2023/CVE-2023-263xx/CVE-2023-26364.json) (`2023-11-24T19:28:52.777`)
-* [CVE-2023-47685](CVE-2023/CVE-2023-476xx/CVE-2023-47685.json) (`2023-11-24T19:31:48.237`)
-* [CVE-2023-47672](CVE-2023/CVE-2023-476xx/CVE-2023-47672.json) (`2023-11-24T19:31:58.587`)
-* [CVE-2023-47671](CVE-2023/CVE-2023-476xx/CVE-2023-47671.json) (`2023-11-24T19:32:26.483`)
-* [CVE-2023-47670](CVE-2023/CVE-2023-476xx/CVE-2023-47670.json) (`2023-11-24T19:32:36.557`)
-* [CVE-2023-46734](CVE-2023/CVE-2023-467xx/CVE-2023-46734.json) (`2023-11-24T20:15:07.190`)
+* [CVE-2023-47666](CVE-2023/CVE-2023-476xx/CVE-2023-47666.json) (`2023-11-24T22:48:09.573`)
+* [CVE-2023-47667](CVE-2023/CVE-2023-476xx/CVE-2023-47667.json) (`2023-11-24T22:48:19.563`)
+* [CVE-2023-47664](CVE-2023/CVE-2023-476xx/CVE-2023-47664.json) (`2023-11-24T22:48:31.267`)


 ## Download and Usage