admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-13T16:00:54.390350+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-13 16:00:57 +00:00
parent 6c01d6bb32
commit df2237f437
40 changed files with 2396 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
CVE-2016/CVE-2016-150xx/CVE-2016-15033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-15033",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:09.717",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:29:45.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:delete_all_comments_project:delete_all_comments:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "F691D779-2134-493D-B501-5F6886985DC3"
}
]
}
]
}
],
"references": [
{
"url": "http://blog.nintechnet.com/arbitrary-file-upload-vulnerability-in-wordpress-delete-all-comments-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wordpress.org/plugins/delete-all-comments/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b1e98d2d-20b1-4fff-96d4-0fb8e0d2615a?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2019/CVE-2019-251xx/CVE-2019-25138.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-25138",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:09.963",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:31:03.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plugin-planet:user_submitted_posts:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "20190312",
"matchCriteriaId": "1C47A838-ACA6-4C2F-A2B4-EBB78BC8AC0E"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/arbitrary-file-upload-vulnerability-in-wordpress-user-submitted-posts-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wordpress.org/plugins/user-submitted-posts/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a97877b-fb4d-4e87-bcff-56be65fee6ce?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

73
CVE-2019/CVE-2019-251xx/CVE-2019-25139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-25139",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:10.033",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:32:48.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpshopmart:coming_soon_page_\\&_maintenance_mode:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.1",
"matchCriteriaId": "46F5A8D7-F93A-415D-8128-DFBE7EF27ED4"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/unauthenticated-stored-xss-in-wordpress-coming-soon-page-and-maintenance-mode-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2121321",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2123149",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/61fdc6e9-75ea-4226-9527-a5fd02efde70?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

73
CVE-2019/CVE-2019-251xx/CVE-2019-25140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-25140",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:10.107",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:34:15.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpshopmart:coming_soon_page_\\&_maintenance_mode:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.1",
"matchCriteriaId": "46F5A8D7-F93A-415D-8128-DFBE7EF27ED4"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/unauthenticated-stored-xss-in-wordpress-coming-soon-page-and-maintenance-mode-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2121321/responsive-coming-soon",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2123149/responsive-coming-soon",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/738c6c77-97ef-4e47-9f14-9b73ea425bc2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

75
CVE-2019/CVE-2019-251xx/CVE-2019-25141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-25141",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:10.180",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:41:52.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-ecommerce:easy_wp_smtp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.9",
"matchCriteriaId": "0E14E7D0-7A98-4B40-9310-5998AF46E499"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/critical-0day-vulnerability-fixed-in-wordpress-easy-wp-smtp-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Feasy-wp-smtp&old=2052057&new_path=%2Feasy-wp-smtp&new=2052058&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/support/topic/vulnerability-26/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/84b75f7d-7258-46f6-aee6-b96d70bee264?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

73
CVE-2019/CVE-2019-251xx/CVE-2019-25143.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-25143",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:10.320",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:46:56.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mooveagency:gdpr_cookie_compliance:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.3",
"matchCriteriaId": "3AE7F934-7DFE-4126-B2F7-A2958B56F5A4"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-gdpr-cookie-compliance-plugin-fixed-authenticated-settings-deletion-vulnerability/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wpscan.com/vulnerability/5ac51325-a7f5-4d38-9b41-61855206083d",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-gdpr-cookie-compliance-security-bypass-4-0-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9116d719-f536-4b8a-9e73-9a8a922f8a35?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

68
CVE-2020/CVE-2020-367xx/CVE-2020-36720.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36720",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:12.233",
"lastModified": "2023-06-07T02:45:04.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:24:02.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaliforms:kali_forms:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.1",
"matchCriteriaId": "439FD37F-B352-4A09-B798-2EABC348AF96"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-kali-forms-plugin-fixed-multiple-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wordpress.org/plugins/kali-forms/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9ed8e24d-6bd0-4638-9031-997ce2228fad?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

72
CVE-2020/CVE-2020-367xx/CVE-2020-36729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36729",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:12.733",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:46:08.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:2joomla:2j_slideshow:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.31",
"matchCriteriaId": "6C448731-8882-4445-AF25-B5187943A875"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-2j-slideshow-plugin-fixed-authenticated-arbitrary-plugin-deactivation-vulnerability/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2226528%402j-slideshow&new=2226528%402j-slideshow&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-images-slideshow-by-2j-image-slider-security-bypass-1-3-31/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f06d1b9e-e27d-4c43-a69b-7641518e4615?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2020/CVE-2020-367xx/CVE-2020-36730.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36730",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:12.800",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:49:40.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +76,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:niteothemes:cmp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.8.1",
"matchCriteriaId": "DC0F3DAC-AE3F-4BB7-8C74-270917B2735A"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-fixed-in-cmp-coming-soon-and-maintenance-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wpscan.com/vulnerability/10341",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-cmp-coming-soon-maintenance-by-niteothemes-security-bypass-3-8-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1ef067b-e4b4-4174-b6ff-ec94a7afd55d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2021/CVE-2021-43xx/CVE-2021-4338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4338",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:12.937",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:56:23.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,26 +76,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:duckdev:404_to_301:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.7",
"matchCriteriaId": "A77E5B46-51D1-48B7-9DC7-E3A566D3AB7A"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/broken-access-control-vulnerability-fixed-in-wordpress-404-to-301-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2546695/404-to-301",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wpscan.com/vulnerability/9f147107-bc5a-4a01-9979-cd9e16061f12",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-404-to-301-redirect-log-and-notify-404-errors-security-bypass-3-0-7/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05d6b27f-b1e5-4bb8-b7db-f8295a5e0d5b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4339.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4339",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:13.000",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:56:25.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.6",
"matchCriteriaId": "EE000334-7DBA-4256-8E71-EAF5235F251C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0a6615fd-7c37-45d9-a657-0ba00df840e5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2021/CVE-2021-43xx/CVE-2021-4340.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4340",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:13.060",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:45:59.050",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.6",
"matchCriteriaId": "EE000334-7DBA-4256-8E71-EAF5235F251C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/10b7a88f-ce46-42aa-ab5a-81f38288a659?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2021/CVE-2021-43xx/CVE-2021-4341.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4341",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:13.127",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:44:07.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.6",
"matchCriteriaId": "EE000334-7DBA-4256-8E71-EAF5235F251C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1814537d-8307-4d1f-86c8-801519172be5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4343.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4343",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:13.257",
"lastModified": "2023-06-07T02:44:59.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:56:42.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.6",
"matchCriteriaId": "EE000334-7DBA-4256-8E71-EAF5235F251C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c6bf45b-b02d-43bb-b682-7f1ae994e1d3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2021/CVE-2021-43xx/CVE-2021-4362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4362",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.420",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:04:16.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpkube:kiwi_social_share:2.1.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "34E851F8-17AD-428C-8B9A-607F184C850E"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-kiwi-social-sharing-plugin-fixed-critical-vulnerability/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wordpress.org/plugins/kiwi-social-share/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8148b6d0-190a-4b97-8af7-edd6943116d1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4363.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4363",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.483",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:05:14.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webdevocean:wp_quick_frontend_editor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.5",
"matchCriteriaId": "E76D1951-AE12-4213-973A-F50E270DB47D"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-wp-quick-frontend-editor-plugin-unpatched/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wordpress.org/plugins/wp-quick-front-end-editor/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7ce8ae7d-c2a5-4da3-8bdd-20dfdb5ce700?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4364.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4364",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.543",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:09:05.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eyecix:jobsearch_wp_job_board:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.1",
"matchCriteriaId": "19D7A456-5B97-4178-8D27-C6B4365EBDD0"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-jobsearch-wp-job-board-plugin-fixed-vulnerability/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wpscan.com/vulnerability/7e2dd5df-f758-419c-bfb8-b8e53235fede",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9114018f-0678-4973-bb1e-932f0d93f963?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4365.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4365",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.603",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:09:35.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:najeebmedia:frontend_file_manager_plugin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "18.2",
"matchCriteriaId": "8616FA9B-9A91-4A32-B99B-0A89375EAC5C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-frontend-file-manager-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2554359%40nmedia-user-file-uploader&new=2554359%40nmedia-user-file-uploader&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9c82154-d390-44ba-a54a-89f4bb69cdce?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4367.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4367",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.723",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:09:21.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flothemes:flo_forms:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.35",
"matchCriteriaId": "A79D986A-B90D-40C2-ADE6-E3A3FC4887A6"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/zero-day-vulnerability-fixed-in-wordpress-flo-forms-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wpscan.com/vulnerability/b4a83501-c727-4c9b-a9a1-46b399ab0caa",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a175e103-ab89-404b-8736-94d0d93d6cf3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4368.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4368",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.783",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:03:50.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:najeebmedia:frontend_file_manager_plugin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "18.2",
"matchCriteriaId": "8616FA9B-9A91-4A32-B99B-0A89375EAC5C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-frontend-file-manager-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2554359%40nmedia-user-file-uploader&new=2554359%40nmedia-user-file-uploader&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/adb1d8b0-b1d6-40df-b591-f1062ee744fb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4369",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.843",
"lastModified": "2023-06-07T02:44:53.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:52:28.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:najeebmedia:frontend_file_manager_plugin:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "18.2",
"matchCriteriaId": "8616FA9B-9A91-4A32-B99B-0A89375EAC5C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-frontend-file-manager-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2554359%40nmedia-user-file-uploader&new=2554359%40nmedia-user-file-uploader&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c434e6b8-0dd5-4ffe-93b1-1af614c08f85?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4370.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4370",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.903",
"lastModified": "2023-06-07T02:44:48.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:52:03.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:ulisting:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.6",
"matchCriteriaId": "EE000334-7DBA-4256-8E71-EAF5235F251C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c5ada976-03b8-4219-9ae3-9060fb7b9de5?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-43xx/CVE-2021-4371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4371",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-07T02:15:14.967",
"lastModified": "2023-06-07T02:44:48.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:42:13.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginmirror:wp_quick_frontend_editor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.5",
"matchCriteriaId": "C7EE74D6-2F3B-4FDB-B629-F5458EE367D2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-wp-quick-frontend-editor-plugin-unpatched/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit"
]
},
{
"url": "https://wordpress.org/plugins/wp-quick-front-end-editor/#developers",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c392750b-ae4a-48b5-9ccb-43852fb13e27?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2022/CVE-2022-428xx/CVE-2022-42880.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-42880",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T15:15:11.607",
"lastModified": "2023-06-13T15:15:11.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <=\u00a03.3 versions\u00a0allows Stored Cross-Site Scripting (XSS)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/auto-upload-images/wordpress-auto-upload-images-plugin-3-3-cross-site-request-forgery-csrf-vulnerability-leading-to-stored-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

53
CVE-2023/CVE-2023-01xx/CVE-2023-0152.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0152",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.660",
"lastModified": "2023-06-05T14:22:20.397",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T14:56:26.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP Multi Store Locator WordPress plugin through 2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexperts:wp_multi_store_locator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.4",
"matchCriteriaId": "E6E33E73-E07B-42E2-85D5-963AEF9D53D4"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/8281fce2-6f24-4d3f-895f-4d8694806609",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-05xx/CVE-2023-0545.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0545",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.727",
"lastModified": "2023-06-05T14:22:20.397",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:11:32.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Hostel WordPress plugin before 1.1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kibokolabs:hostel:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.5",
"matchCriteriaId": "2790B890-25C2-4093-AE02-F3D14E668554"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/b604afc8-61d0-4e98-8950-f3d29f9e9ee1",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-238xx/CVE-2023-23831.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23831",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T15:15:12.523",
"lastModified": "2023-06-13T15:15:12.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rating-Widget Rating-Widget: Star Review System plugin <=\u00a03.1.9 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/rating-widget/wordpress-rating-widget-star-review-system-plugin-3-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-259xx/CVE-2023-25964.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25964",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T15:15:12.960",
"lastModified": "2023-06-13T15:15:12.960",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We\u2019re Open! plugin <=\u00a01.46 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/opening-hours/wordpress-we-re-open-plugin-1-46-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

5
CVE-2023/CVE-2023-25xx/CVE-2023-2598.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2598",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-01T01:15:17.867",
"lastModified": "2023-06-07T19:10:18.870",
"lastModified": "2023-06-13T15:11:05.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -66,8 +66,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndIncluding": "6.3.6",
"matchCriteriaId": "814AA173-DDB0-493E-BE24-195CE4D2B8E9"
"matchCriteriaId": "4A731D23-D6F9-49F4-AFA3-BAAB3F0CBB48"
}
]
}

55
CVE-2023/CVE-2023-265xx/CVE-2023-26528.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-26528",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T15:15:13.663",
"lastModified": "2023-06-13T15:15:13.663",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jinit9906 Shipyaari Shipping Management plugin <=\u00a01.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/manage-shipyaari-shipping/wordpress-shipyaari-shipping-management-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-265xx/CVE-2023-26538.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-26538",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T15:15:13.907",
"lastModified": "2023-06-13T15:15:13.907",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kamyabsoft Chat Bee plugin <=\u00a01.1.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chat-bee/wordpress-chat-bee-plugin-1-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

80
CVE-2023/CVE-2023-283xx/CVE-2023-28350.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-28350",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T00:15:09.980",
"lastModified": "2023-05-31T13:02:26.480",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:32:19.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to execute JavaScript in these applications. Due to the rich and highly privileged functionality offered by the Teacher Console, the ability to silently exploit Cross Site Scripting (XSS) on the Teacher Machine enables remote code execution on any connected student machine (and the teacher's machine)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:faronics:insight:10.0.19045:*:*:*:*:*:*:*",
"matchCriteriaId": "492CED5D-9EF5-4D18-BD58-60EE07CB06C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://research.nccgroup.com/2023/05/30/technical-advisory-multiple-vulnerabilities-in-faronics-insight/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://research.nccgroup.com/?research=Technical%20advisories",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-283xx/CVE-2023-28351.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-28351",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T00:15:10.023",
"lastModified": "2023-05-31T13:02:26.480",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:51:13.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain PII and/or to compromise personal accounts owned by the victim."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:faronics:insight:10.0.19045:*:*:*:*:*:*:*",
"matchCriteriaId": "492CED5D-9EF5-4D18-BD58-60EE07CB06C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://research.nccgroup.com/2023/05/30/technical-advisory-multiple-vulnerabilities-in-faronics-insight/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://research.nccgroup.com/?research=Technical%20advisories",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-286xx/CVE-2023-28620.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28620",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T15:15:14.043",
"lastModified": "2023-06-13T15:15:14.043",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cyberus Labs Cyberus Key plugin <=\u00a01.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cyberus-key/wordpress-cyberus-key-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

36
CVE-2023/CVE-2023-335xx/CVE-2023-33568.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-33568",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T15:15:14.147",
"lastModified": "2023-06-13T15:15:14.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in Dolibarr v16.0.0 to v16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Dolibarr/dolibarr/commit/bb7b69ef43673ed403436eac05e0bc31d5033ff7",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Dolibarr/dolibarr/commit/be82f51f68d738cce205f4ce5b469ef42ed82d9e",
"source": "cve@mitre.org"
},
{
"url": "https://www.dolibarr.org/forum/t/dolibarr-16-0-security-breach/23471",
"source": "cve@mitre.org"
},
{
"url": "https://www.dolibarr.org/forum/t/dolibarr-16-0-security-breach/23471/1",
"source": "cve@mitre.org"
},
{
"url": "https://www.dsecbypass.com/en/dolibarr-pre-auth-contact-database-dump/",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-335xx/CVE-2023-33569.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-33569",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T20:15:14.050",
"lastModified": "2023-06-07T02:45:15.873",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:17:31.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2433CE4C-87DF-4B90-A449-C844403740C8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Cr4at0r/bug_report/blob/main/vendors/oretnom23/faculty-evaluation-system/RCE-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

91
CVE-2023/CVE-2023-337xx/CVE-2023-33781.json
View File

@ -2,31 +2,108 @@
"id": "CVE-2023-33781",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-07T01:15:39.247",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:20:48.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-842v2_firmware:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46C133C2-AD0B-4D47-9463-694A187A6292"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-842v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F047A1E-5C7F-41EC-9047-4A4F205C29FE"
}
]
}
]
}
],
"references": [
{
"url": "http://d-link.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://dir-842v2.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/s0tr/CVE-2023-33781",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-337xx/CVE-2023-33782.json
View File

@ -2,31 +2,108 @@
"id": "CVE-2023-33782",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-07T01:15:39.293",
"lastModified": "2023-06-07T02:45:10.733",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-13T15:23:21.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-842v2_firmware:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46C133C2-AD0B-4D47-9463-694A187A6292"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-842v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F047A1E-5C7F-41EC-9047-4A4F205C29FE"
}
]
}
]
}
],
"references": [
{
"url": "http://d-link.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://dir-842v2.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/s0tr/CVE-2023-33782",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-350xx/CVE-2023-35064.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35064",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-06-13T15:15:14.257",
"lastModified": "2023-06-13T15:15:14.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering.This issue affects Satos Mobile: before 20230607.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://https://www.usom.gov.tr/bildirim/tr-23-0346",
"source": "cve@usom.gov.tr"
}
]
}

73
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-13T14:00:27.147110+00:00
2023-06-13T16:00:54.390350+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-13T13:58:36.460000+00:00
2023-06-13T15:56:42.397000+00:00
```
### Last Data Feed Release
@ -29,49 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
217552
217560
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `8`
* [CVE-2023-2807](CVE-2023/CVE-2023-28xx/CVE-2023-2807.json) (`2023-06-13T12:15:09.380`)
* [CVE-2023-3047](CVE-2023/CVE-2023-30xx/CVE-2023-3047.json) (`2023-06-13T12:15:09.477`)
* [CVE-2023-3048](CVE-2023/CVE-2023-30xx/CVE-2023-3048.json) (`2023-06-13T12:15:09.573`)
* [CVE-2023-3049](CVE-2023/CVE-2023-30xx/CVE-2023-3049.json) (`2023-06-13T12:15:09.667`)
* [CVE-2023-3050](CVE-2023/CVE-2023-30xx/CVE-2023-3050.json) (`2023-06-13T12:15:09.750`)
* [CVE-2022-42880](CVE-2022/CVE-2022-428xx/CVE-2022-42880.json) (`2023-06-13T15:15:11.607`)
* [CVE-2023-23831](CVE-2023/CVE-2023-238xx/CVE-2023-23831.json) (`2023-06-13T15:15:12.523`)
* [CVE-2023-25964](CVE-2023/CVE-2023-259xx/CVE-2023-25964.json) (`2023-06-13T15:15:12.960`)
* [CVE-2023-26528](CVE-2023/CVE-2023-265xx/CVE-2023-26528.json) (`2023-06-13T15:15:13.663`)
* [CVE-2023-26538](CVE-2023/CVE-2023-265xx/CVE-2023-26538.json) (`2023-06-13T15:15:13.907`)
* [CVE-2023-28620](CVE-2023/CVE-2023-286xx/CVE-2023-28620.json) (`2023-06-13T15:15:14.043`)
* [CVE-2023-33568](CVE-2023/CVE-2023-335xx/CVE-2023-33568.json) (`2023-06-13T15:15:14.147`)
* [CVE-2023-35064](CVE-2023/CVE-2023-350xx/CVE-2023-35064.json) (`2023-06-13T15:15:14.257`)
### CVEs modified in the last Commit
Recently modified CVEs: `102`
Recently modified CVEs: `31`
* [CVE-2023-26297](CVE-2023/CVE-2023-262xx/CVE-2023-26297.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-26298](CVE-2023/CVE-2023-262xx/CVE-2023-26298.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-32673](CVE-2023/CVE-2023-326xx/CVE-2023-32673.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-32674](CVE-2023/CVE-2023-326xx/CVE-2023-32674.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-2277](CVE-2023/CVE-2023-22xx/CVE-2023-2277.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-2278](CVE-2023/CVE-2023-22xx/CVE-2023-2278.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-2351](CVE-2023/CVE-2023-23xx/CVE-2023-2351.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-2563](CVE-2023/CVE-2023-25xx/CVE-2023-2563.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-2827](CVE-2023/CVE-2023-28xx/CVE-2023-2827.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-32114](CVE-2023/CVE-2023-321xx/CVE-2023-32114.json) (`2023-06-13T13:00:53.777`)
* [CVE-2023-1897](CVE-2023/CVE-2023-18xx/CVE-2023-1897.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-1898](CVE-2023/CVE-2023-18xx/CVE-2023-1898.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-1899](CVE-2023/CVE-2023-18xx/CVE-2023-1899.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-28478](CVE-2023/CVE-2023-284xx/CVE-2023-28478.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-33625](CVE-2023/CVE-2023-336xx/CVE-2023-33625.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-33626](CVE-2023/CVE-2023-336xx/CVE-2023-33626.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-34940](CVE-2023/CVE-2023-349xx/CVE-2023-34940.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-34941](CVE-2023/CVE-2023-349xx/CVE-2023-34941.json) (`2023-06-13T13:01:10.377`)
* [CVE-2023-2276](CVE-2023/CVE-2023-22xx/CVE-2023-2276.json) (`2023-06-13T13:15:08.990`)
* [CVE-2023-2546](CVE-2023/CVE-2023-25xx/CVE-2023-2546.json) (`2023-06-13T13:15:09.090`)
* [CVE-2023-34411](CVE-2023/CVE-2023-344xx/CVE-2023-34411.json) (`2023-06-13T13:15:09.173`)
* [CVE-2023-27991](CVE-2023/CVE-2023-279xx/CVE-2023-27991.json) (`2023-06-13T13:18:19.840`)
* [CVE-2023-27990](CVE-2023/CVE-2023-279xx/CVE-2023-27990.json) (`2023-06-13T13:18:32.220`)
* [CVE-2023-33693](CVE-2023/CVE-2023-336xx/CVE-2023-33693.json) (`2023-06-13T13:33:08.377`)
* [CVE-2023-3100](CVE-2023/CVE-2023-31xx/CVE-2023-3100.json) (`2023-06-13T13:46:01.977`)
* [CVE-2020-36720](CVE-2020/CVE-2020-367xx/CVE-2020-36720.json) (`2023-06-13T15:24:02.663`)
* [CVE-2020-36729](CVE-2020/CVE-2020-367xx/CVE-2020-36729.json) (`2023-06-13T15:46:08.890`)
* [CVE-2020-36730](CVE-2020/CVE-2020-367xx/CVE-2020-36730.json) (`2023-06-13T15:49:40.423`)
* [CVE-2021-4371](CVE-2021/CVE-2021-43xx/CVE-2021-4371.json) (`2023-06-13T14:42:13.740`)
* [CVE-2021-4341](CVE-2021/CVE-2021-43xx/CVE-2021-4341.json) (`2023-06-13T14:44:07.323`)
* [CVE-2021-4340](CVE-2021/CVE-2021-43xx/CVE-2021-4340.json) (`2023-06-13T14:45:59.050`)
* [CVE-2021-4370](CVE-2021/CVE-2021-43xx/CVE-2021-4370.json) (`2023-06-13T14:52:03.017`)
* [CVE-2021-4369](CVE-2021/CVE-2021-43xx/CVE-2021-4369.json) (`2023-06-13T14:52:28.660`)
* [CVE-2021-4339](CVE-2021/CVE-2021-43xx/CVE-2021-4339.json) (`2023-06-13T14:56:25.750`)
* [CVE-2021-4368](CVE-2021/CVE-2021-43xx/CVE-2021-4368.json) (`2023-06-13T15:03:50.253`)
* [CVE-2021-4362](CVE-2021/CVE-2021-43xx/CVE-2021-4362.json) (`2023-06-13T15:04:16.103`)
* [CVE-2021-4363](CVE-2021/CVE-2021-43xx/CVE-2021-4363.json) (`2023-06-13T15:05:14.453`)
* [CVE-2021-4364](CVE-2021/CVE-2021-43xx/CVE-2021-4364.json) (`2023-06-13T15:09:05.753`)
* [CVE-2021-4367](CVE-2021/CVE-2021-43xx/CVE-2021-4367.json) (`2023-06-13T15:09:21.410`)
* [CVE-2021-4365](CVE-2021/CVE-2021-43xx/CVE-2021-4365.json) (`2023-06-13T15:09:35.313`)
* [CVE-2021-4338](CVE-2021/CVE-2021-43xx/CVE-2021-4338.json) (`2023-06-13T15:56:23.340`)
* [CVE-2021-4343](CVE-2021/CVE-2021-43xx/CVE-2021-4343.json) (`2023-06-13T15:56:42.397`)
* [CVE-2023-0152](CVE-2023/CVE-2023-01xx/CVE-2023-0152.json) (`2023-06-13T14:56:26.733`)
* [CVE-2023-2598](CVE-2023/CVE-2023-25xx/CVE-2023-2598.json) (`2023-06-13T15:11:05.637`)
* [CVE-2023-0545](CVE-2023/CVE-2023-05xx/CVE-2023-0545.json) (`2023-06-13T15:11:32.837`)
* [CVE-2023-33569](CVE-2023/CVE-2023-335xx/CVE-2023-33569.json) (`2023-06-13T15:17:31.487`)
* [CVE-2023-33781](CVE-2023/CVE-2023-337xx/CVE-2023-33781.json) (`2023-06-13T15:20:48.590`)
* [CVE-2023-33782](CVE-2023/CVE-2023-337xx/CVE-2023-33782.json) (`2023-06-13T15:23:21.023`)
* [CVE-2023-28350](CVE-2023/CVE-2023-283xx/CVE-2023-28350.json) (`2023-06-13T15:32:19.533`)
* [CVE-2023-28351](CVE-2023/CVE-2023-283xx/CVE-2023-28351.json) (`2023-06-13T15:51:13.697`)
## Download and Usage