diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2813.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2813.json new file mode 100644 index 00000000000..7806a293843 --- /dev/null +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2813.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2813", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:08.997", + "lastModified": "2023-09-04T12:15:08.997", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30485.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30485.json new file mode 100644 index 00000000000..f7994a66c71 --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30485.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30485", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.140", + "lastModified": "2023-09-04T12:15:09.140", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider \u2013 Avartan Slider Lite plugin <=\u00a01.5.3 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/avartan-slider-lite/wordpress-avartan-slider-lite-plugin-1-5-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32102.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32102.json new file mode 100644 index 00000000000..c83e4ef408e --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32102.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32102", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.220", + "lastModified": "2023-09-04T12:15:09.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Pexle Chris Library Viewer plugin <=\u00a02.0.6 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/library-viewer/wordpress-library-viewer-plugin-2-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32296.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32296.json new file mode 100644 index 00000000000..8d802975e1b --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32296.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32296", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.313", + "lastModified": "2023-09-04T12:15:09.313", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kangu para WooCommerce plugin <=\u00a02.2.9 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/kangu/wordpress-kangu-para-woocommerce-plugin-2-2-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-325xx/CVE-2023-32578.json b/CVE-2023/CVE-2023-325xx/CVE-2023-32578.json new file mode 100644 index 00000000000..e93f646f8b5 --- /dev/null +++ b/CVE-2023/CVE-2023-325xx/CVE-2023-32578.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32578", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.400", + "lastModified": "2023-09-04T12:15:09.400", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <=\u00a01.3.3 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/column-matic/wordpress-column-matic-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json new file mode 100644 index 00000000000..947d7725fb5 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3221", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-09-04T13:15:32.853", + "lastModified": "2023-09-04T13:15:32.853", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-204" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json new file mode 100644 index 00000000000..7c2720d6c53 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3222", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-09-04T13:15:33.987", + "lastModified": "2023-09-04T13:15:33.987", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user\u00b4s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-640" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json new file mode 100644 index 00000000000..da07e74f560 --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-3499", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:09.493", + "lastModified": "2023-09-04T12:15:09.493", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/ea29413b-494e-410e-ae42-42f96284899c", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3814.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3814.json new file mode 100644 index 00000000000..92f5663fd25 --- /dev/null +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3814.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-3814", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:09.570", + "lastModified": "2023-09-04T12:15:09.570", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/ca954ec6-6ebd-4d72-a323-570474e2e339", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40196.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40196.json new file mode 100644 index 00000000000..dc452689e39 --- /dev/null +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40196.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-40196", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.647", + "lastModified": "2023-09-04T12:15:09.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <=\u00a03.1.11 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/imagerecycle-pdf-image-compression/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-11-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40197.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40197.json new file mode 100644 index 00000000000..e3596fb4c80 --- /dev/null +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40197.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-40197", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.737", + "lastModified": "2023-09-04T12:15:09.737", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Devaldi Ltd flowpaper plugin <=\u00a01.9.9 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/flowpaper-lite-pdf-flipbook/wordpress-flowpaper-plugin-1-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40205.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40205.json new file mode 100644 index 00000000000..acca0726a72 --- /dev/null +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40205.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-40205", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.823", + "lastModified": "2023-09-04T12:15:09.823", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pixelgrade PixTypes plugin <=\u00a01.4.15 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/pixtypes/wordpress-pixtypes-plugin-1-4-15-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40214.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40214.json new file mode 100644 index 00000000000..87eadbfbaca --- /dev/null +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40214.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-40214", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-09-04T12:15:09.917", + "lastModified": "2023-09-04T12:15:09.917", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vathemes Business Pro theme <= 1.10.4 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/business-pro/wordpress-business-pro-theme-1-10-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4019.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4019.json new file mode 100644 index 00000000000..5bd9bdcbfb9 --- /dev/null +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4019.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4019", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.037", + "lastModified": "2023-09-04T12:15:10.037", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/0d323b07-c6e7-4aba-85bc-64659ad0c85d", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4059.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4059.json new file mode 100644 index 00000000000..7136103e2e7 --- /dev/null +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4059.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-4059", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.110", + "lastModified": "2023-09-04T12:15:10.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/fc719d12-2f58-4d1f-b696-0f937e706842", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-41xx/CVE-2023-4151.json b/CVE-2023/CVE-2023-41xx/CVE-2023-4151.json new file mode 100644 index 00000000000..59055f6ddbf --- /dev/null +++ b/CVE-2023/CVE-2023-41xx/CVE-2023-4151.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4151", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.187", + "lastModified": "2023-09-04T12:15:10.187", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/c9d80aa4-a26d-4b3f-b7bf-9d2fb0560d7b", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4216.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4216.json new file mode 100644 index 00000000000..48d212fa8b9 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4216.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4216", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.257", + "lastModified": "2023-09-04T12:15:10.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however limited to the first line of the file." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/8189afc4-17b3-4696-89e1-731011cb9e2b", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4253.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4253.json new file mode 100644 index 00000000000..5d744744d89 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4253.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4253", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.333", + "lastModified": "2023-09-04T12:15:10.333", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/1cbbab9e-be3d-4081-bc0e-c52d500d9871", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4254.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4254.json new file mode 100644 index 00000000000..b502a1807bc --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4254.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4254", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.403", + "lastModified": "2023-09-04T12:15:10.403", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/0dfffe48-e60d-4bab-b194-8a63554246c3", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4269.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4269.json new file mode 100644 index 00000000000..5d4c5ef4947 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4269.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4269", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.470", + "lastModified": "2023-09-04T12:15:10.470", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/db3e4336-117c-47f2-9b43-2ca115525297", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4279.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4279.json new file mode 100644 index 00000000000..6fec3ff2e5a --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4279.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4279", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.547", + "lastModified": "2023-09-04T12:15:10.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-290" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/2bd2579e-b383-4d12-b207-6fc32cfb82bc", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4284.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4284.json new file mode 100644 index 00000000000..f4906ff2455 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4284.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4284", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.627", + "lastModified": "2023-09-04T12:15:10.627", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/1c126869-0afa-456f-94cc-10334964e5f9", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4298.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4298.json new file mode 100644 index 00000000000..16955f81fb1 --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4298.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-4298", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-09-04T12:15:10.693", + "lastModified": "2023-09-04T12:15:10.693", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The 123.chat WordPress plugin before 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/36285052-8464-4fd6-b4b1-c175e730edad", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4587.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4587.json new file mode 100644 index 00000000000..9d04f736020 --- /dev/null +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4587.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4587", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-09-04T12:15:10.760", + "lastModified": "2023-09-04T12:15:10.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPPORTED WHEN ASSIGNED ** An IDOR vulnerability has been found in ZKTeco ZEM800 product affecting version 6.60. This vulnerability allows a local attacker to obtain registered user backup files or device configuration files over a local network or through a VPN server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-zkteco-zem800", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index e7efb2f02e7..b6ef7705504 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-04T12:00:25.206087+00:00 +2023-09-04T14:00:25.277392+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-04T11:15:41.747000+00:00 +2023-09-04T13:15:33.987000+00:00 ``` ### Last Data Feed Release @@ -29,38 +29,43 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224094 +224118 ``` ### CVEs added in the last Commit -Recently added CVEs: `18` +Recently added CVEs: `24` -* [CVE-2023-25465](CVE-2023/CVE-2023-254xx/CVE-2023-25465.json) (`2023-09-04T10:15:07.940`) -* [CVE-2023-36382](CVE-2023/CVE-2023-363xx/CVE-2023-36382.json) (`2023-09-04T10:15:08.730`) -* [CVE-2023-39162](CVE-2023/CVE-2023-391xx/CVE-2023-39162.json) (`2023-09-04T10:15:08.913`) -* [CVE-2023-39164](CVE-2023/CVE-2023-391xx/CVE-2023-39164.json) (`2023-09-04T10:15:09.097`) -* [CVE-2023-30494](CVE-2023/CVE-2023-304xx/CVE-2023-30494.json) (`2023-09-04T11:15:39.627`) -* [CVE-2023-31220](CVE-2023/CVE-2023-312xx/CVE-2023-31220.json) (`2023-09-04T11:15:40.123`) -* [CVE-2023-37393](CVE-2023/CVE-2023-373xx/CVE-2023-37393.json) (`2023-09-04T11:15:40.383`) -* [CVE-2023-39918](CVE-2023/CVE-2023-399xx/CVE-2023-39918.json) (`2023-09-04T11:15:40.483`) -* [CVE-2023-39919](CVE-2023/CVE-2023-399xx/CVE-2023-39919.json) (`2023-09-04T11:15:40.627`) -* [CVE-2023-39987](CVE-2023/CVE-2023-399xx/CVE-2023-39987.json) (`2023-09-04T11:15:40.737`) -* [CVE-2023-39988](CVE-2023/CVE-2023-399xx/CVE-2023-39988.json) (`2023-09-04T11:15:40.840`) -* [CVE-2023-39991](CVE-2023/CVE-2023-399xx/CVE-2023-39991.json) (`2023-09-04T11:15:40.933`) -* [CVE-2023-39992](CVE-2023/CVE-2023-399xx/CVE-2023-39992.json) (`2023-09-04T11:15:41.030`) -* [CVE-2023-40206](CVE-2023/CVE-2023-402xx/CVE-2023-40206.json) (`2023-09-04T11:15:41.133`) -* [CVE-2023-40208](CVE-2023/CVE-2023-402xx/CVE-2023-40208.json) (`2023-09-04T11:15:41.227`) -* [CVE-2023-4614](CVE-2023/CVE-2023-46xx/CVE-2023-4614.json) (`2023-09-04T11:15:41.560`) -* [CVE-2023-4615](CVE-2023/CVE-2023-46xx/CVE-2023-4615.json) (`2023-09-04T11:15:41.657`) -* [CVE-2023-4616](CVE-2023/CVE-2023-46xx/CVE-2023-4616.json) (`2023-09-04T11:15:41.747`) +* [CVE-2023-2813](CVE-2023/CVE-2023-28xx/CVE-2023-2813.json) (`2023-09-04T12:15:08.997`) +* [CVE-2023-30485](CVE-2023/CVE-2023-304xx/CVE-2023-30485.json) (`2023-09-04T12:15:09.140`) +* [CVE-2023-32102](CVE-2023/CVE-2023-321xx/CVE-2023-32102.json) (`2023-09-04T12:15:09.220`) +* [CVE-2023-32296](CVE-2023/CVE-2023-322xx/CVE-2023-32296.json) (`2023-09-04T12:15:09.313`) +* [CVE-2023-32578](CVE-2023/CVE-2023-325xx/CVE-2023-32578.json) (`2023-09-04T12:15:09.400`) +* [CVE-2023-3499](CVE-2023/CVE-2023-34xx/CVE-2023-3499.json) (`2023-09-04T12:15:09.493`) +* [CVE-2023-3814](CVE-2023/CVE-2023-38xx/CVE-2023-3814.json) (`2023-09-04T12:15:09.570`) +* [CVE-2023-40196](CVE-2023/CVE-2023-401xx/CVE-2023-40196.json) (`2023-09-04T12:15:09.647`) +* [CVE-2023-40197](CVE-2023/CVE-2023-401xx/CVE-2023-40197.json) (`2023-09-04T12:15:09.737`) +* [CVE-2023-40205](CVE-2023/CVE-2023-402xx/CVE-2023-40205.json) (`2023-09-04T12:15:09.823`) +* [CVE-2023-40214](CVE-2023/CVE-2023-402xx/CVE-2023-40214.json) (`2023-09-04T12:15:09.917`) +* [CVE-2023-4019](CVE-2023/CVE-2023-40xx/CVE-2023-4019.json) (`2023-09-04T12:15:10.037`) +* [CVE-2023-4059](CVE-2023/CVE-2023-40xx/CVE-2023-4059.json) (`2023-09-04T12:15:10.110`) +* [CVE-2023-4151](CVE-2023/CVE-2023-41xx/CVE-2023-4151.json) (`2023-09-04T12:15:10.187`) +* [CVE-2023-4216](CVE-2023/CVE-2023-42xx/CVE-2023-4216.json) (`2023-09-04T12:15:10.257`) +* [CVE-2023-4253](CVE-2023/CVE-2023-42xx/CVE-2023-4253.json) (`2023-09-04T12:15:10.333`) +* [CVE-2023-4254](CVE-2023/CVE-2023-42xx/CVE-2023-4254.json) (`2023-09-04T12:15:10.403`) +* [CVE-2023-4269](CVE-2023/CVE-2023-42xx/CVE-2023-4269.json) (`2023-09-04T12:15:10.470`) +* [CVE-2023-4279](CVE-2023/CVE-2023-42xx/CVE-2023-4279.json) (`2023-09-04T12:15:10.547`) +* [CVE-2023-4284](CVE-2023/CVE-2023-42xx/CVE-2023-4284.json) (`2023-09-04T12:15:10.627`) +* [CVE-2023-4298](CVE-2023/CVE-2023-42xx/CVE-2023-4298.json) (`2023-09-04T12:15:10.693`) +* [CVE-2023-4587](CVE-2023/CVE-2023-45xx/CVE-2023-4587.json) (`2023-09-04T12:15:10.760`) +* [CVE-2023-3221](CVE-2023/CVE-2023-32xx/CVE-2023-3221.json) (`2023-09-04T13:15:32.853`) +* [CVE-2023-3222](CVE-2023/CVE-2023-32xx/CVE-2023-3222.json) (`2023-09-04T13:15:33.987`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -* [CVE-2023-4613](CVE-2023/CVE-2023-46xx/CVE-2023-4613.json) (`2023-09-04T11:15:41.360`) ## Download and Usage