From 8d487ceeac1b14dc3d64e3c605ac0564af1a8a6a Mon Sep 17 00:00:00 2001
From: cad-safe-bot <cad-safe-bot@protonmail.com>
Date: Sat, 16 Dec 2023 15:00:27 +0000
Subject: [PATCH] Auto-Update: 2023-12-16T15:00:24.233674+00:00

---
 CVE-2023/CVE-2023-65xx/CVE-2023-6559.json | 47 +++++++++++++++++++++++
 README.md                                 | 12 +++---
 2 files changed, 52 insertions(+), 7 deletions(-)
 create mode 100644 CVE-2023/CVE-2023-65xx/CVE-2023-6559.json

diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6559.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6559.json
new file mode 100644
index 00000000000..f24d5d8bb9c
--- /dev/null
+++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6559.json
@@ -0,0 +1,47 @@
+{
+  "id": "CVE-2023-6559",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2023-12-16T13:15:07.683",
+  "lastModified": "2023-12-16T13:15:07.683",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The MW WP Form plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 5.0.3. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/3007879/mw-wp-form",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/412d555c-9bbd-42f5-8020-ccfc18755a79?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 872643d7354..0c9615d98cc 100644
--- a/README.md
+++ b/README.md
@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-16T13:00:24.532014+00:00
+2023-12-16T15:00:24.233674+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-16T12:15:07.467000+00:00
+2023-12-16T13:15:07.683000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,16 +29,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-233542
+233543
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `1`
 
-* [CVE-2023-6851](CVE-2023/CVE-2023-68xx/CVE-2023-6851.json) (`2023-12-16T11:15:07.163`)
-* [CVE-2023-6852](CVE-2023/CVE-2023-68xx/CVE-2023-6852.json) (`2023-12-16T12:15:07.220`)
-* [CVE-2023-6853](CVE-2023/CVE-2023-68xx/CVE-2023-6853.json) (`2023-12-16T12:15:07.467`)
+* [CVE-2023-6559](CVE-2023/CVE-2023-65xx/CVE-2023-6559.json) (`2023-12-16T13:15:07.683`)
 
 
 ### CVEs modified in the last Commit