admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-05T11:00:26.148067+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-05 11:00:29 +00:00
parent b3eee6aece
commit b3187cde86
28 changed files with 1118 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
CVE-2020/CVE-2020-138xx/CVE-2020-13880.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-13880",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T09:15:08.587",
"lastModified": "2024-01-05T09:15:08.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/oicu0619/2de8f91ddc6b06b516475d5d67d7efba",
"source": "cve@mitre.org"
}
]
}

8
CVE-2021/CVE-2021-229xx/CVE-2021-22930.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22930", "id": "CVE-2021-22930",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2021-10-07T14:15:08.053", "published": "2021-10-07T14:15:08.053",
"lastModified": "2022-11-03T20:41:26.027", "lastModified": "2024-01-05T10:15:07.943",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -197,6 +197,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://security.gentoo.org/glsa/202401-02",
"source": "support@hackerone.com"
},
{ {
"url": "https://security.netapp.com/advisory/ntap-20211112-0002/", "url": "https://security.netapp.com/advisory/ntap-20211112-0002/",
"source": "support@hackerone.com", "source": "support@hackerone.com",

8
CVE-2021/CVE-2021-229xx/CVE-2021-22931.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22931", "id": "CVE-2021-22931",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2021-08-16T19:15:13.127", "published": "2021-08-16T19:15:13.127",
"lastModified": "2022-08-12T18:27:10.267", "lastModified": "2024-01-05T10:15:09.183",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -255,6 +255,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://security.gentoo.org/glsa/202401-02",
"source": "support@hackerone.com"
},
{ {
"url": "https://security.netapp.com/advisory/ntap-20210923-0001/", "url": "https://security.netapp.com/advisory/ntap-20210923-0001/",
"source": "support@hackerone.com", "source": "support@hackerone.com",

8
CVE-2021/CVE-2021-229xx/CVE-2021-22939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22939", "id": "CVE-2021-22939",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2021-08-16T19:15:13.897", "published": "2021-08-16T19:15:13.897",
"lastModified": "2022-11-07T18:32:37.877", "lastModified": "2024-01-05T10:15:09.860",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -245,6 +245,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://security.gentoo.org/glsa/202401-02",
"source": "support@hackerone.com"
},
{ {
"url": "https://security.netapp.com/advisory/ntap-20210917-0003/", "url": "https://security.netapp.com/advisory/ntap-20210917-0003/",
"source": "support@hackerone.com", "source": "support@hackerone.com",

8
CVE-2021/CVE-2021-229xx/CVE-2021-22940.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-22940", "id": "CVE-2021-22940",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2021-08-16T19:15:13.987", "published": "2021-08-16T19:15:13.987",
"lastModified": "2022-11-03T20:41:32.637", "lastModified": "2024-01-05T10:15:10.103",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -238,6 +238,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://security.gentoo.org/glsa/202401-02",
"source": "support@hackerone.com"
},
{ {
"url": "https://security.netapp.com/advisory/ntap-20210923-0001/", "url": "https://security.netapp.com/advisory/ntap-20210923-0001/",
"source": "support@hackerone.com", "source": "support@hackerone.com",

8
CVE-2021/CVE-2021-36xx/CVE-2021-3672.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3672", "id": "CVE-2021-3672",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2021-11-23T19:15:07.877", "published": "2021-11-23T19:15:07.877",
"lastModified": "2022-10-18T14:57:14.040", "lastModified": "2024-01-05T10:15:10.213",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -362,6 +362,10 @@
"Third Party Advisory" "Third Party Advisory"
] ]
}, },
{
"url": "https://security.gentoo.org/glsa/202401-02",
"source": "secalert@redhat.com"
},
{ {
"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "url": "https://www.oracle.com/security-alerts/cpujul2022.html",
"source": "secalert@redhat.com", "source": "secalert@redhat.com",

8
CVE-2022/CVE-2022-49xx/CVE-2022-4904.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4904", "id": "CVE-2022-4904",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-06T23:15:11.390", "published": "2023-03-06T23:15:11.390",
"lastModified": "2023-11-07T03:59:17.603", "lastModified": "2024-01-05T10:15:10.403",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
@ -46,7 +46,7 @@
] ]
}, },
{ {
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {
@ -134,6 +134,10 @@
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2/", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-02",
"source": "secalert@redhat.com"
} }
] ]
} }

20
CVE-2023/CVE-2023-500xx/CVE-2023-50027.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-50027",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T09:15:08.743",
"lastModified": "2024-01-05T09:15:08.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run() method."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/12/19/baproductzoommagnifier.html",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-509xx/CVE-2023-50991.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-50991",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-05T10:15:10.683",
"lastModified": "2024-01-05T10:15:10.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ef4tless/vuln/blob/master/iot/i29/pingSet.md",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-515xx/CVE-2023-51535.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51535",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:10.740",
"lastModified": "2024-01-05T10:15:10.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in \u0421leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cleantalk-spam-protect/wordpress-spam-protection-anti-spam-firewall-by-cleantalk-plugin-6-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-515xx/CVE-2023-51538.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51538",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:11.090",
"lastModified": "2024-01-05T10:15:11.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Awesome Support Team Awesome Support \u2013 WordPress HelpDesk & Support Plugin.This issue affects Awesome Support \u2013 WordPress HelpDesk & Support Plugin: from n/a through 6.1.5.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/awesome-support/wordpress-awesome-support-plugin-6-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-515xx/CVE-2023-51539.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51539",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:11.370",
"lastModified": "2024-01-05T10:15:11.370",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Apollo13Themes Apollo13 Framework Extensions.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/apollo13-framework-extensions/wordpress-apollo13-framework-extensions-plugin-1-9-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-516xx/CVE-2023-51668.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51668",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:11.727",
"lastModified": "2024-01-05T10:15:11.727",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/image-upload-for-bbpress/wordpress-inline-image-upload-for-bbpress-plugin-1-1-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-516xx/CVE-2023-51673.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51673",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:12.053",
"lastModified": "2024-01-05T10:15:12.053",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Designful Stylish Price List \u2013 Price Table Builder & QR Code Restaurant Menu.This issue affects Stylish Price List \u2013 Price Table Builder & QR Code Restaurant Menu: from n/a through 7.0.17.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stylish-price-list/wordpress-stylish-price-list-plugin-7-0-17-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-516xx/CVE-2023-51678.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-51678",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:12.347",
"lastModified": "2024-01-05T10:15:12.347",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/doofinder-for-woocommerce/wordpress-doofinder-wp-woocommerce-search-plugin-2-0-33-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52119.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52119",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:12.743",
"lastModified": "2024-01-05T10:15:12.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Icegram Icegram Engage \u2013 WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building.This issue affects Icegram Engage \u2013 WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building: from n/a through 3.1.18.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/icegram/wordpress-icegram-engage-plugin-3-1-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52120.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52120",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:13.110",
"lastModified": "2024-01-05T10:15:13.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms \u2013 Ultimate Form Builder \u2013 Contact forms and much more.This issue affects NEX-Forms \u2013 Ultimate Form Builder \u2013 Contact forms and much more: from n/a through 8.5.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/nex-forms-express-wp-form-builder/wordpress-nex-forms-plugin-8-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52121.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52121",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:13.337",
"lastModified": "2024-01-05T10:15:13.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in NitroPack Inc. NitroPack \u2013 Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images.This issue affects NitroPack \u2013 Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images: from n/a through 1.10.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/nitropack/wordpress-nitropack-plugin-1-10-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52122.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52122",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T10:15:13.683",
"lastModified": "2024-01-05T10:15:13.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board.This issue affects Simple Job Board: from n/a through 2.10.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-job-board/wordpress-simple-job-board-plugin-2-10-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52123.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52123",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:08.800",
"lastModified": "2024-01-05T09:15:08.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WPChill Strong Testimonials.This issue affects Strong Testimonials: from n/a through 3.1.10.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/strong-testimonials/wordpress-strong-testimonials-plugin-3-1-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52127.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52127",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:09.057",
"lastModified": "2024-01-05T09:15:09.057",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Product Bundles for WooCommerce.This issue affects WPC Product Bundles for WooCommerce: from n/a through 7.3.1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-product-bundle/wordpress-wpc-product-bundles-for-woocommerce-plugin-7-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52128.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52128",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:09.253",
"lastModified": "2024-01-05T09:15:09.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP White Label \u2013 WordPress Custom Admin, Custom Login Page, and Custom Dashboard.This issue affects White Label \u2013 WordPress Custom Admin, Custom Login Page, and Custom Dashboard: from n/a through 2.9.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/white-label/wordpress-white-label-plugin-2-9-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52129.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52129",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:09.443",
"lastModified": "2024-01-05T09:15:09.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler teachPress.This issue affects teachPress: from n/a through 9.0.4.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/teachpress/wordpress-teachpress-plugin-9-0-4-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52130.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52130",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:09.657",
"lastModified": "2024-01-05T09:15:09.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager.This issue affects Affiliates Manager: from n/a through 2.9.31.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/affiliates-manager/wordpress-affiliates-manager-plugin-2-9-31-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52136.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52136",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:09.883",
"lastModified": "2024-01-05T09:15:09.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds \u2013 A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds \u2013 A Tweets Widget or X Feed Widget: from n/a through 2.1.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-twitter-feeds/wordpress-custom-twitter-feeds-tweets-widget-plugin-2-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52145.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52145",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:10.117",
"lastModified": "2024-01-05T09:15:10.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/republish-old-posts/wordpress-republish-old-posts-plugin-1-21-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-521xx/CVE-2023-52149.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-52149",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-05T09:15:10.310",
"lastModified": "2024-01-05T09:15:10.310",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/floating-button/wordpress-floating-button-plugin-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

43
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-01-05T09:00:25.886436+00:00 2024-01-05T11:00:26.148067+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-01-05T08:15:43.573000+00:00 2024-01-05T10:15:13.683000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,25 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
234903 234924
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `6` Recently added CVEs: `21`
* [CVE-2020-13878](CVE-2020/CVE-2020-138xx/CVE-2020-13878.json) (`2024-01-05T08:15:41.840`) * [CVE-2020-13880](CVE-2020/CVE-2020-138xx/CVE-2020-13880.json) (`2024-01-05T09:15:08.587`)
* [CVE-2020-13879](CVE-2020/CVE-2020-138xx/CVE-2020-13879.json) (`2024-01-05T08:15:42.663`) * [CVE-2023-50027](CVE-2023/CVE-2023-500xx/CVE-2023-50027.json) (`2024-01-05T09:15:08.743`)
* [CVE-2023-51502](CVE-2023/CVE-2023-515xx/CVE-2023-51502.json) (`2024-01-05T08:15:42.770`) * [CVE-2023-52123](CVE-2023/CVE-2023-521xx/CVE-2023-52123.json) (`2024-01-05T09:15:08.800`)
* [CVE-2023-52150](CVE-2023/CVE-2023-521xx/CVE-2023-52150.json) (`2024-01-05T08:15:43.077`) * [CVE-2023-52127](CVE-2023/CVE-2023-521xx/CVE-2023-52127.json) (`2024-01-05T09:15:09.057`)
* [CVE-2023-52178](CVE-2023/CVE-2023-521xx/CVE-2023-52178.json) (`2024-01-05T08:15:43.327`) * [CVE-2023-52128](CVE-2023/CVE-2023-521xx/CVE-2023-52128.json) (`2024-01-05T09:15:09.253`)
* [CVE-2023-52184](CVE-2023/CVE-2023-521xx/CVE-2023-52184.json) (`2024-01-05T08:15:43.573`) * [CVE-2023-52129](CVE-2023/CVE-2023-521xx/CVE-2023-52129.json) (`2024-01-05T09:15:09.443`)
* [CVE-2023-52130](CVE-2023/CVE-2023-521xx/CVE-2023-52130.json) (`2024-01-05T09:15:09.657`)
* [CVE-2023-52136](CVE-2023/CVE-2023-521xx/CVE-2023-52136.json) (`2024-01-05T09:15:09.883`)
* [CVE-2023-52145](CVE-2023/CVE-2023-521xx/CVE-2023-52145.json) (`2024-01-05T09:15:10.117`)
* [CVE-2023-52149](CVE-2023/CVE-2023-521xx/CVE-2023-52149.json) (`2024-01-05T09:15:10.310`)
* [CVE-2023-50991](CVE-2023/CVE-2023-509xx/CVE-2023-50991.json) (`2024-01-05T10:15:10.683`)
* [CVE-2023-51535](CVE-2023/CVE-2023-515xx/CVE-2023-51535.json) (`2024-01-05T10:15:10.740`)
* [CVE-2023-51538](CVE-2023/CVE-2023-515xx/CVE-2023-51538.json) (`2024-01-05T10:15:11.090`)
* [CVE-2023-51539](CVE-2023/CVE-2023-515xx/CVE-2023-51539.json) (`2024-01-05T10:15:11.370`)
* [CVE-2023-51668](CVE-2023/CVE-2023-516xx/CVE-2023-51668.json) (`2024-01-05T10:15:11.727`)
* [CVE-2023-51673](CVE-2023/CVE-2023-516xx/CVE-2023-51673.json) (`2024-01-05T10:15:12.053`)
* [CVE-2023-51678](CVE-2023/CVE-2023-516xx/CVE-2023-51678.json) (`2024-01-05T10:15:12.347`)
* [CVE-2023-52119](CVE-2023/CVE-2023-521xx/CVE-2023-52119.json) (`2024-01-05T10:15:12.743`)
* [CVE-2023-52120](CVE-2023/CVE-2023-521xx/CVE-2023-52120.json) (`2024-01-05T10:15:13.110`)
* [CVE-2023-52121](CVE-2023/CVE-2023-521xx/CVE-2023-52121.json) (`2024-01-05T10:15:13.337`)
* [CVE-2023-52122](CVE-2023/CVE-2023-521xx/CVE-2023-52122.json) (`2024-01-05T10:15:13.683`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `0` Recently modified CVEs: `6`
* [CVE-2021-22930](CVE-2021/CVE-2021-229xx/CVE-2021-22930.json) (`2024-01-05T10:15:07.943`)
* [CVE-2021-22931](CVE-2021/CVE-2021-229xx/CVE-2021-22931.json) (`2024-01-05T10:15:09.183`)
* [CVE-2021-22939](CVE-2021/CVE-2021-229xx/CVE-2021-22939.json) (`2024-01-05T10:15:09.860`)
* [CVE-2021-22940](CVE-2021/CVE-2021-229xx/CVE-2021-22940.json) (`2024-01-05T10:15:10.103`)
* [CVE-2021-3672](CVE-2021/CVE-2021-36xx/CVE-2021-3672.json) (`2024-01-05T10:15:10.213`)
* [CVE-2022-4904](CVE-2022/CVE-2022-49xx/CVE-2022-4904.json) (`2024-01-05T10:15:10.403`)
## Download and Usage ## Download and Usage