admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-15T19:00:18.474903+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-15 19:00:22 +00:00
parent baf61ec7c1
commit fdad9d05d5
56 changed files with 2892 additions and 253 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2021/CVE-2021-238xx/CVE-2021-23886.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-23886",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-04-15T08:15:14.620",
"lastModified": "2023-11-07T03:30:58.493",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:46:23.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,11 +126,17 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10354",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10357",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

33
CVE-2021/CVE-2021-238xx/CVE-2021-23894.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-23894",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-06-02T13:15:11.810",
"lastModified": "2023-11-07T03:31:00.427",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:47:26.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,8 +21,8 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
@ -30,14 +30,14 @@
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,7 +126,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10359",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

41
CVE-2021/CVE-2021-318xx/CVE-2021-31831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31831",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-06-03T10:15:07.437",
"lastModified": "2023-11-07T03:35:01.657",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:53:33.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,23 +21,23 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
"exploitabilityScore": 2.1,
"impactScore": 3.4
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,7 +126,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10359",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2021/CVE-2021-318xx/CVE-2021-31835.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31835",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-10-22T11:15:07.900",
"lastModified": "2023-11-07T03:35:03.420",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:53:43.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -176,7 +186,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10366",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2021/CVE-2021-318xx/CVE-2021-31836.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31836",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-09-22T14:15:07.410",
"lastModified": "2023-11-07T03:35:03.823",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:54:47.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.2
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,7 +126,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10369",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2021/CVE-2021-318xx/CVE-2021-31837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31837",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-06-09T14:15:09.777",
"lastModified": "2023-11-07T03:35:04.160",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:55:04.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,7 +126,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10363",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

35
CVE-2021/CVE-2021-318xx/CVE-2021-31841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31841",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-09-22T14:15:07.497",
"lastModified": "2023-11-07T03:35:05.537",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T18:59:19.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,23 +21,23 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,21 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
},
{
"lang": "en",
"value": "CWE-426"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -120,7 +134,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10369",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

56
CVE-2022/CVE-2022-416xx/CVE-2022-41616.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2022-41616",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T18:15:07.780",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:05:43.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Kaushik Kalathiya Export Users Data CSV. Este problema afecta a Export Users Data CSV: desde n/a hasta 2.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaushikkalathiya:export_users_data:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "1E53FBF9-6761-4CE4-991A-4A44EF6DE8CA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/export-users-data-csv/wordpress-export-users-data-csv-plugin-2-1-auth-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2022/CVE-2022-447xx/CVE-2022-44738.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2022-44738",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T18:15:08.127",
"lastModified": "2023-11-07T19:07:44.230",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:19:21.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Patrick Robrecht Posts and Users Stats.This issue affects Posts and Users Stats: from n/a through 1.1.3.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Patrick Robrecht Posts and Users Stats. Este problema afecta Posts and Users Stats: desde n/a hasta 1.1.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:patrickrobrecht:posts_and_users_stats:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.4",
"matchCriteriaId": "DC88DE8B-A344-47B0-92FE-79D900B68C78"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/posts-and-users-stats/wordpress-posts-and-users-stats-plugin-1-1-3-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

25
CVE-2023/CVE-2023-03xx/CVE-2023-0330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0330",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-03-06T23:15:11.457",
"lastModified": "2023-10-05T18:15:11.690",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T17:14:05.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -103,12 +103,31 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html",

56
CVE-2023/CVE-2023-227xx/CVE-2023-22719.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-22719",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T16:15:28.140",
"lastModified": "2023-11-07T16:17:59.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:40:21.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en GiveWP. Este problema afecta a GiveWP: desde n/a hasta 2.25.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.25.1",
"matchCriteriaId": "6C4CDACF-6460-44AF-9F00-0D5E5E54E3E0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-236xx/CVE-2023-23678.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-23678",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T16:15:28.240",
"lastModified": "2023-11-07T16:17:59.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:43:43.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ): from n/a through 2.2.5.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en WPEkaClub WP Cookie Consent (para GDPR, CCPA y ePrivacy). Este problema afecta al WP Cookie Consent (para GDPR, CCPA y ePrivacy): desde n/a hasta 2.2.5."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpeka:wp_cookie_consent:*:*:*:*:-:wordpress:*:*",
"versionEndIncluding": "2.2.5",
"matchCriteriaId": "CC2F05A4-9010-4B01-BF7A-B42723873A3E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/gdpr-cookie-consent/wordpress-wp-cookie-notice-for-gdpr-ccpa-eprivacy-consent-plugin-2-2-5-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-237xx/CVE-2023-23796.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-23796",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T16:15:28.333",
"lastModified": "2023-11-07T16:17:59.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:47:20.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en Muneeb Form Builder | Create Responsive Contact Forms. Este problema afecta a Form Builder | Create Responsive Contact Forms: desde n/a hasta 1.9.9.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:web-settler:form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.9.9.0",
"matchCriteriaId": "6B51798E-4A7B-4902-9672-07C67F897A68"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-form-add/wordpress-form-builder-create-responsive-contact-forms-plugin-1-9-9-0-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-259xx/CVE-2023-25983.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-25983",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T16:15:28.433",
"lastModified": "2023-11-07T16:17:59.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:47:31.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en WPOmnia KB Support. Este problema afecta a KB Support: desde n/a hasta 1.5.84."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -23,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liquidweb:kb_support:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.85",
"matchCriteriaId": "3C2CFE7D-0C1C-4395-A7F7-171A64E8A8A9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/kb-support/wordpress-kb-support-wordpress-help-desk-plugin-1-5-84-csv-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-294xx/CVE-2023-29426.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-29426",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-10T14:15:35.327",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:00:02.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd.Net AG) Spreadshop plugin <=\u00a01.6.5 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Spreadshop de Robert Schulz (sprd.Net AG) en versiones &lt;= 1.6.5."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:spreadshop:spreadshop:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.5",
"matchCriteriaId": "7D7CAB21-0383-4A73-AD49-8B9FD0F5F565"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/spreadshop/wordpress-spreadshop-plugin-plugin-1-6-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-294xx/CVE-2023-29428.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-29428",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-10T14:15:35.693",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:59:05.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <=\u00a01.1.3 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress en versiones &lt;= 1.1.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:superbthemes:superb_social_media_share_buttons_and_follow_buttons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.3",
"matchCriteriaId": "0C83D9C5-8F2F-4FED-B19B-6BAA1C86F99C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/superb-social-share-and-follow-buttons/wordpress-superb-social-media-share-buttons-and-follow-buttons-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-294xx/CVE-2023-29440.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-29440",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-10T14:15:35.767",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:58:06.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board plugin <=\u00a02.10.3 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento PressTigers Simple Job Board en versiones &lt;= 2.10.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:presstigers:simple_job_board:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.10.3",
"matchCriteriaId": "124338DC-AF2B-465B-A7B2-75759F4EAE3E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-job-board/wordpress-simple-job-board-plugin-2-10-3-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-304xx/CVE-2023-30478.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-30478",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-10T14:15:35.850",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:57:55.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters plugin <=\u00a04.8.8 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Tribulant Newsletters en versiones &lt;= 4.8.8."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribulant:newsletters:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.8.8",
"matchCriteriaId": "F855E484-EC13-416A-AEB7-13D5364F56D7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/newsletters-lite/wordpress-newsletters-plugin-4-8-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-310xx/CVE-2023-31078.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-31078",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-10T14:15:35.997",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:54:15.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <=\u00a04.4.1 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Marco Steinbrecher WP BrowserUpdate en versiones &lt;= 4.4.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:browserupdate:wp_browserupdate:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.4.1",
"matchCriteriaId": "F02473C8-6549-4DEA-8AB1-6AE7991DA646"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-browser-update/wordpress-wp-browserupdate-plugin-4-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-310xx/CVE-2023-31086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31086",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.000",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:49:30.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Igor Benic Simple Giveaways complemento: haga crecer su negocio, sus listas de correo electr\u00f3nico y su tr\u00e1fico con el complemento de concursos en versiones &lt;= 2.46.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibenic:simple_giveaways:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.46.1",
"matchCriteriaId": "1E0EE6FA-08C1-4500-B7D8-1E25AF57C47D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/giveasap/wordpress-simple-giveaways-plugin-2-45-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-310xx/CVE-2023-31088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31088",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.067",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:49:16.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Faraz Quazi Floating Action Button en versiones &lt;= 1.2.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:floating_action_button_project:floating_action_button:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.2",
"matchCriteriaId": "605DE979-71FB-4B24-8D02-36A9666C87D6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/floating-action-button/wordpress-floating-action-button-plugin-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-310xx/CVE-2023-31093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31093",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.167",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:49:11.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Chronosly Chronosly Events Calendar en versiones &lt;= 2.6.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chronosly-events-calendar_project:chronosly-events-calendar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.2",
"matchCriteriaId": "04EDF68F-9DFD-498A-8BD9-2F042DA25673"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chronosly-events-calendar/wordpress-chronosly-events-calendar-plugin-2-6-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-312xx/CVE-2023-31235.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31235",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.267",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:48:46.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Roland Barker, xnau webdesign Participants Database en versiones &lt;= 2.4.9."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xnau:participants_database:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.5.0",
"matchCriteriaId": "A62A6F06-71C2-46BD-840A-F5ACF1B6E1E4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/participants-database/wordpress-participants-database-plugin-2-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-320xx/CVE-2023-32092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32092",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.357",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:48:53.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento PeepSo Community by PeepSo \u2013 Social Network, Membership, Registration, User Profiles en versiones &lt;= 6.0.9.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:peepso:peepso:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.1.0.0",
"matchCriteriaId": "8E63D3E7-3924-48D1-8C9C-423E3C93C476"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/peepso-core/wordpress-community-by-peepso-social-network-membership-registration-user-profiles-plugin-6-0-9-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-320xx/CVE-2023-32093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32093",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.447",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:48:41.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Criss Swaim TPG Redirect en versiones &lt;= 1.0.7."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tpginc:tpg_redirect:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.8",
"matchCriteriaId": "57B39544-0240-4D4F-944A-0BB84AD7DE7E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tpg-redirect/wordpress-tpg-redirect-plugin-1-0-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-321xx/CVE-2023-32125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32125",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.540",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:48:36.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Daniel Powney Multi Rating en versiones &lt;= 5.0.6."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:danielpowney:multi_rating:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.0.6",
"matchCriteriaId": "7D572B01-6EEF-4CE8-94F9-62107145B273"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/multi-rating/wordpress-multi-rating-plugin-5-0-6-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-325xx/CVE-2023-32500.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32500",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.633",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:48:31.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en xtemos WoodMart - Multipurpose WooCommerce Theme en versiones &lt;= 7.1.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xtemos:woodmart:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.1.2",
"matchCriteriaId": "B3E20BB5-5495-4C0A-94A0-2FE9F321B7FC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woodmart/wordpress-woodmart-theme-7-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-325xx/CVE-2023-32501.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32501",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.733",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:48:07.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento E4J s.R.L. VikBooking Hotel Booking Engine &amp; PMS en versiones &lt;= 1.6.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vikwp:vikbooking_hotel_booking_engine_\\&_pms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.6.2",
"matchCriteriaId": "07452FE3-7B9F-427B-8ADE-3E56D6A4DCB9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vikbooking/wordpress-vikbooking-hotel-booking-engine-pms-plugin-1-6-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-325xx/CVE-2023-32502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32502",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T23:15:09.823",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:47:55.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Sybre Waaijer Pro Mime Types \u2013 Manage file media types en versiones &lt;= 1.0.7."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -27,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyberwire:pro_mime_types:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "658CA6AD-9779-4454-8B4E-300EF1B17BA2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pro-mime-types/wordpress-pro-mime-types-plugin-1-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-325xx/CVE-2023-32587.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32587",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T22:15:10.817",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:49:26.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento WP Reactions, LLC WP Reactions Lite en versiones &lt;= 1.3.8."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpreactions:wp_reactions_lite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.9",
"matchCriteriaId": "20068252-574A-423E-9E5F-D69FA281F6DC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-reactions-lite/wordpress-wp-reactions-lite-plugin-1-3-8-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-325xx/CVE-2023-32592.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32592",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T22:15:10.900",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:49:21.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Palasthotel por Edward Bock, complemento Katharina Rompf Sunny Search en versiones &lt;= 1.0.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fast-search-powered-by-solr_project:fast-search-powered-by-solr:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2",
"matchCriteriaId": "29CCF16A-584B-4C2C-A47C-9C15D0A1AD5F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/fast-search-powered-by-solr/wordpress-sunny-search-plugin-1-0-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-326xx/CVE-2023-32602.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32602",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.180",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:49:21.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento LOKALYZE CALL ME NOW en versiones &lt;= 3.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lokalyze:call_me_now:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0",
"matchCriteriaId": "46FD52B7-C428-4D27-9B64-62E5BBCC6A72"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lokalyze-call-now/wordpress-call-me-now-plugin-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-327xx/CVE-2023-32739.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32739",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.270",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:53:54.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Web_Trendy WP Custom Cursors | WordPress Cursor Plugin en versiones &lt; 3.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamidrezasepehr:custom_cursors:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2",
"matchCriteriaId": "79AFC254-2DA3-47A3-8608-F2D5F00CA518"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-custom-cursors/wordpress-wp-custom-cursors-plugin-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-327xx/CVE-2023-32744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32744",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.370",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:52:04.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento WooCommerce Product Recommendations en versiones &lt;= 2.3.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woocommerce:product_recommendations:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.0",
"matchCriteriaId": "D3E1832F-994A-406F-B9F9-B7DE7FA29CBC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-product-recommendations/wordpress-woocommerce-product-recommendations-plugin-2-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-327xx/CVE-2023-32745.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32745",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.463",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:51:55.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento WooCommerce AutomateWoo en versiones &lt;= 5.7.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woocommerce:automatewoo:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.7.1",
"matchCriteriaId": "10FE0903-4EBF-4A9A-B63B-0BA3FC97D9E4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/automatewoo/wordpress-automatewoo-plugin-5-7-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-327xx/CVE-2023-32794.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32794",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.553",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:51:46.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento WooCommerce Product Add-Ons en versiones &lt;= 6.1.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woocommerce:product_addons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.1.3",
"matchCriteriaId": "C4A56CCE-859D-4EE5-8817-F3954ECFC5F2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-product-addons/wordpress-woocommerce-product-add-ons-plugin-6-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-338xx/CVE-2023-33873.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-33873",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-11-15T17:15:41.313",
"lastModified": "2023-11-15T17:15:41.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nThis privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target machine.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-250"
}
]
}
],
"references": [
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

52
CVE-2023/CVE-2023-340xx/CVE-2023-34024.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34024",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.647",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:51:36.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Guillemant David WP Full Auto Tags Manager en versiones &lt;= 2.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:guillemantdavid:full_auto_tags_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2",
"matchCriteriaId": "9913B341-6918-4797-BDD1-86FC5ABA1367"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-full-auto-tags-manager/wordpress-wp-full-auto-tags-manager-plugin-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-340xx/CVE-2023-34025.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34025",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.740",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:51:23.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento LWS LWS Hide Login en versiones &lt;= 2.1.6."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lws:lws_hide_login:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.6",
"matchCriteriaId": "2765D206-2D8A-47D8-BC6F-C8A64D829DA5"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lws-hide-login/wordpress-lws-hide-login-plugin-2-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-349xx/CVE-2023-34982.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-34982",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-11-15T17:15:41.563",
"lastModified": "2023-11-15T17:15:41.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nThis external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://www.aveva.com/en/support-and-success/cyber-security-updates/",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-318-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

60
CVE-2023/CVE-2023-360xx/CVE-2023-36014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36014",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-11-10T00:15:08.640",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:47:42.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.5
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
@ -38,10 +58,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "119.0.2151.58",
"matchCriteriaId": "19B758D7-F31B-4FF7-AA43-D58BD270D5F8"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36014",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-360xx/CVE-2023-36024.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36024",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-11-10T00:15:08.840",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:49:38.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
@ -38,10 +58,60 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:extended_stable:*:*:*",
"versionEndExcluding": "118.0.2088.102",
"matchCriteriaId": "06209F61-ECBC-4FF8-B561-C932DA3DB2C8"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "119.0.2151.58",
"matchCriteriaId": "19B758D7-F31B-4FF7-AA43-D58BD270D5F8"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36024",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-365xx/CVE-2023-36527.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-36527",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-07T16:15:28.530",
"lastModified": "2023-11-07T16:17:59.793",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:47:49.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de elementos de f\u00f3rmula en una vulnerabilidad de CSV File en BestWebSoft Post to CSV by BestWebSoft. Este problema afecta a Post to CSV by BestWebSoft: desde n/a hasta 1.4.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bestwebsoft:post_to_csv:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.0",
"matchCriteriaId": "30F4EA90-3059-4A81-8C2E-2D834AF4C48F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/post-to-csv/wordpress-post-to-csv-by-bestwebsoft-plugin-1-4-0-csv-injection?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-366xx/CVE-2023-36667.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-36667",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-08T22:15:08.983",
"lastModified": "2023-11-09T13:46:19.893",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:55:06.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal."
},
{
"lang": "es",
"value": "Couchbase Server 7.1.4 anterior a 7.1.5 y 7.2.0 anterior a 7.2.1 permite el cruce de directorios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:couchbase:couchbase_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "7.1.5",
"matchCriteriaId": "8CAEE598-4C6B-4C9D-A6E5-41C4D43DDAE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:couchbase:couchbase_server:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7BB41-6DE4-45D5-81FE-A3CC055853F1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.couchbase.com/alerts/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-452xx/CVE-2023-45269.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-45269",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-13T16:15:12.853",
"lastModified": "2023-10-18T20:10:23.203",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-15T17:15:41.743",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <=\u00a02.0.23 versions."
"value": "Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <=\u00a02.0.25 versions."
},
{
"lang": "es",

61
CVE-2023/CVE-2023-453xx/CVE-2023-45319.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45319",
"sourceIdentifier": "security@puppet.com",
"published": "2023-11-08T16:15:10.000",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:31:29.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner.\u00a0\n"
},
{
"lang": "es",
"value": "En las versiones de Helix Core anteriores a 2023.2, se identific\u00f3 una Denegaci\u00f3n de Servicio (DoS) remota no autenticada a trav\u00e9s de la funci\u00f3n commit. Reportado por Jason Geffner."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@puppet.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@puppet.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perforce:helix_core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.2",
"matchCriteriaId": "A3D3C9B0-BDEA-4021-A6E5-22584345FD82"
}
]
}
]
}
],
"references": [
{
"url": "https://perforce.com",
"source": "security@puppet.com"
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-458xx/CVE-2023-45849.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45849",
"sourceIdentifier": "security@puppet.com",
"published": "2023-11-08T16:15:10.193",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:24:38.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason Geffner.\n"
},
{
"lang": "es",
"value": "Se descubri\u00f3 una ejecuci\u00f3n de c\u00f3digo arbitrario que resulta en una escalada de privilegios en versiones de Helix Core anteriores a 2023.2. Reportado por Jason Geffner."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@puppet.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security@puppet.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perforce:helix_core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.2",
"matchCriteriaId": "A3D3C9B0-BDEA-4021-A6E5-22584345FD82"
}
]
}
]
}
],
"references": [
{
"url": "https://perforce.com",
"source": "security@puppet.com"
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-466xx/CVE-2023-46642.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-46642",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-08T17:15:07.780",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:45:53.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <=\u00a01.2.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Autenticada (con permisos de admin o superiores) Almacenada en el complemento sahumedia SAHU TikTok Pixel for E-Commerce en versiones &lt;= 1.2.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sahu:sahu_tiktok_pixel_for_e-commerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "4EE59CB1-B666-4C5D-8E38-E46955525191"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sahu-tiktok-pixel/wordpress-sahu-tiktok-pixel-for-e-commerce-plugin-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-466xx/CVE-2023-46643.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-46643",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-08T17:15:07.860",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:37:46.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <=\u00a03.2.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento GARY JEZORSKI CloudNet360 en versiones &lt;= 3.2.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudnet360:cloudnet360:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2.0",
"matchCriteriaId": "BDB7972B-EE4B-4E05-80F7-EA98EB7FFBF8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cloudnet-sync/wordpress-cloudnet360-plugin-3-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-471xx/CVE-2023-47181.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-47181",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-08T19:15:08.057",
"lastModified": "2023-11-09T13:46:24.437",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T17:31:40.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson IdeaPush plugin <=\u00a08.52 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Autenticada (con permisos de admin o superiores) Almacenada en el complemento Martin Gibson IdeaPush en versiones &lt;= 8.52."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:northernbeacheswebsites:ideapush:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.52",
"matchCriteriaId": "B897473B-E8FF-48BC-979F-8D2E1A59002F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ideapush/wordpress-ideapush-plugin-8-46-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-473xx/CVE-2023-47397.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-47397",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-08T16:15:11.017",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:36:36.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php."
},
{
"lang": "es",
"value": "WeBid en versiones &lt;= 1.2.2 es vulnerable a la inyecci\u00f3n de c\u00f3digo a trav\u00e9s de admin/categoriestrans.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webidsupport:webid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "9EAC0F5C-741F-49B1-B5E0-DE5CF6E1303B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://liotree.github.io/2023/webid.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

405
CVE-2023/CVE-2023-51xx/CVE-2023-5136.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5136",
"sourceIdentifier": "security@ni.com",
"published": "2023-11-08T16:15:11.067",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T18:42:41.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.\n"
},
{
"lang": "es",
"value": "Una asignaci\u00f3n de permiso incorrecta en TopoGrafix DataPlugin para GPX podr\u00eda resultar en la divulgaci\u00f3n de informaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad haciendo que un usuario abra un archivo de datos especialmente manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security@ni.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "security@ni.com",
"type": "Secondary",
@ -46,10 +80,375 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:topografix_data_plugin:2023:-:*:*:*:gpx:*:*",
"matchCriteriaId": "15732407-23EA-4542-96A2-5C878FB8481F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2B3E07-5832-4ABE-B7F8-EDFFC91940E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2015:-:*:*:*:*:*:*",
"matchCriteriaId": "B3D7F82A-8406-4B50-A9BA-CCB34A974F87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2015:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5CA88F99-AE0F-4B98-B86A-4B5289520DA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2017:-:*:*:*:*:*:*",
"matchCriteriaId": "7A59840A-5F72-4FB9-8B67-A91439E7DA1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2017:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2DBC89AC-5BA4-432B-96D8-57A5E9B6A338"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "C853AE58-D3C8-4627-A0D8-542382650932"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87C3A752-E66D-4F4C-B6FB-F572EAF092B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "3F41FF00-1098-43B3-822A-8AC92B991F20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2019:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3525F92B-30ED-4798-BF89-14D8EFCD7CC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7D3458A8-E460-4297-A69F-C4DDE1D232F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "49A24A9A-8601-49DA-8E7D-798D2E399273"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "4101C29B-BB75-47B6-9D2D-BC5491969EEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2021:sp1:*:*:*:*:*:*",
"matchCriteriaId": "10D8EBAC-D4CF-4841-AE65-5F8A1121788C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2022:q2:*:*:*:*:*:*",
"matchCriteriaId": "7C10702F-B2C2-46FF-88FF-2A314B502ED4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2022:q4:*:*:*:*:*:*",
"matchCriteriaId": "8C05E9A6-7B7D-4928-A60E-24942D4D51F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:diadem:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "9044BC02-8801-4DBD-8529-49DB7F0D3452"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F499514A-19DE-469D-9EF6-F7EC1E6810BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "D68D0C2C-C42D-4B8C-A3D6-93A136E5DD21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2015:-:*:*:*:*:*:*",
"matchCriteriaId": "29FA2254-FF6C-4FCA-8363-B36E4C38C6BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2015:sp1:*:*:*:*:*:*",
"matchCriteriaId": "18577799-88E6-44C1-9477-3261EA98ED4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "CA705301-337E-4162-8810-BF20B23CB9E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F1303A-A8D9-4E60-BB96-3B00AAAAD8A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "4FAF54A5-268E-4A76-9C31-F3E2FE465464"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E98B7755-005F-4036-AF81-002F113DBCD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "55743F60-FA68-494E-87B9-8E22787EEF4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "2CA4257E-5E97-46D6-BE97-205F6FC18CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "541008B0-5703-4937-9304-C09645454085"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2019:r3f1:*:*:*:*:*:*",
"matchCriteriaId": "5970C421-B8B1-459F-85DB-E74A0B31EDCB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "55ADD725-44EE-4F28-B9A3-923094352C4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "58D19502-B3F2-4D43-A4D2-CF6CD2E41E48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "AAF6DE83-A202-4A90-8B05-735D686FDB8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2020:r4:*:*:*:*:*:*",
"matchCriteriaId": "C90473FA-81CB-4984-8B4C-2EE907ED9DC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2020:r5:*:*:*:*:*:*",
"matchCriteriaId": "B09E4798-97D8-41B7-9E3C-A5D45F8C8CB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2020:r6:*:*:*:*:*:*",
"matchCriteriaId": "03D1BFD1-E75E-4816-9D3B-380DACB50EFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "C0BC96D8-AB88-47BF-B956-818BF9C8E91E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "CD0B65DD-E62E-4D7F-90C4-EE8EACE23F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2021:r3:*:*:*:*:*:*",
"matchCriteriaId": "006E30B2-90DC-475D-835B-030A5801332F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2023:q1:*:*:*:*:*:*",
"matchCriteriaId": "326C3FE1-6CE7-4FD4-9E8A-C14E1A0BE743"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "406FE5DA-02BE-4981-8F0E-C77840C5CB5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2023:q3:*:*:*:*:*:*",
"matchCriteriaId": "2B89A08C-C66E-400A-A224-DF6ED111D565"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:veristand:2023:q4:*:*:*:*:*:*",
"matchCriteriaId": "2A151AB1-BD09-4DF0-B7DD-4D8E1E7E026C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r1:*:*:*:*:*:*",
"matchCriteriaId": "9C2C31C3-9D4C-4FEE-8457-31E9F66CD043"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r2:*:*:*:*:*:*",
"matchCriteriaId": "F16894B6-5151-41DE-A1AC-7FB3C23DC05F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r3:*:*:*:*:*:*",
"matchCriteriaId": "4BE623D6-DE16-40ED-82CF-3CCD975B5C92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r4:*:*:*:*:*:*",
"matchCriteriaId": "0375EAF9-35F8-43AB-A26D-79B1C74E6055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r1:*:*:*:*:*:*",
"matchCriteriaId": "1E8E8A79-BCBA-42D0-A4D5-4134327FDB07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "91A2082B-47F5-4DFD-A9CE-115DB223B4A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "758C8631-05F4-415B-861A-FF47896756BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r4:*:*:*:*:*:*",
"matchCriteriaId": "CA0E5A70-2CE4-485F-97BC-CEF8FC2C6C62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "852AC7E1-DE18-4EAD-9079-7E3DF5EAD9A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "055A3E53-09AC-4CD4-8724-21E3F591550E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "BEE4C627-4298-469E-91BA-08C711F7EE14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r4:*:*:*:*:*:*",
"matchCriteriaId": "A7BB6592-DBC5-4D4C-96AD-CDE24E1F576A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r1:*:*:*:*:*:*",
"matchCriteriaId": "008505B6-6295-46CE-A923-27958172F026"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "CE96AE31-D36F-446A-96A5-46C762818A96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r3:*:*:*:*:*:*",
"matchCriteriaId": "336F1E07-92EE-4BF5-AA14-981BFB67965C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r4:*:*:*:*:*:*",
"matchCriteriaId": "7D3A4BF7-5BF0-4EE5-BF7C-8C514D6238B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2022:q2:*:*:*:*:*:*",
"matchCriteriaId": "0213180D-04BD-4979-88BE-B21F385469CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2022:q4:*:*:*:*:*:*",
"matchCriteriaId": "A336AAE6-FA87-4900-AECD-12997D064A64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q1:*:*:*:*:*:*",
"matchCriteriaId": "CBFBD9F4-9FFF-44B2-8E95-2DEAC4476A88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "FA33AE39-F976-4C56-9A4B-8932BC6855C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q3:*:*:*:*:*:*",
"matchCriteriaId": "21C2A279-F66F-49D3-A4A8-1D56FEF22B6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q4:*:*:*:*:*:*",
"matchCriteriaId": "08133BDF-895D-4D2A-8DAB-C02766DE86B1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html",
"source": "security@ni.com"
"source": "security@ni.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-59xx/CVE-2023-5997.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-5997",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-15T18:15:06.873",
"lastModified": "2023-11-15T18:15:06.873",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1497997",
"source": "chrome-cve-admin@google.com"
}
]
}

15
CVE-2023/CVE-2023-60xx/CVE-2023-6079.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-6079",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-11-15T17:15:41.840",
"lastModified": "2023-11-15T17:15:41.840",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: appears to be a duplicate of CVE-2023-40206"
}
],
"metrics": {},
"references": []
}

24
CVE-2023/CVE-2023-61xx/CVE-2023-6112.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-6112",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-15T18:15:06.933",
"lastModified": "2023-11-15T18:15:06.933",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1499298",
"source": "chrome-cve-admin@google.com"
}
]
}

68
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-15T17:00:18.336068+00:00
2023-11-15T19:00:18.474903+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-15T16:34:27.990000+00:00
2023-11-15T19:00:02.927000+00:00
```
### Last Data Feed Release
@ -29,47 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
230850
230855
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `5`
* [CVE-2023-48087](CVE-2023/CVE-2023-480xx/CVE-2023-48087.json) (`2023-11-15T15:15:07.453`)
* [CVE-2023-48088](CVE-2023/CVE-2023-480xx/CVE-2023-48088.json) (`2023-11-15T15:15:07.510`)
* [CVE-2023-48089](CVE-2023/CVE-2023-480xx/CVE-2023-48089.json) (`2023-11-15T15:15:07.553`)
* [CVE-2023-33873](CVE-2023/CVE-2023-338xx/CVE-2023-33873.json) (`2023-11-15T17:15:41.313`)
* [CVE-2023-34982](CVE-2023/CVE-2023-349xx/CVE-2023-34982.json) (`2023-11-15T17:15:41.563`)
* [CVE-2023-6079](CVE-2023/CVE-2023-60xx/CVE-2023-6079.json) (`2023-11-15T17:15:41.840`)
* [CVE-2023-5997](CVE-2023/CVE-2023-59xx/CVE-2023-5997.json) (`2023-11-15T18:15:06.873`)
* [CVE-2023-6112](CVE-2023/CVE-2023-61xx/CVE-2023-6112.json) (`2023-11-15T18:15:06.933`)
### CVEs modified in the last Commit
Recently modified CVEs: `39`
Recently modified CVEs: `50`
* [CVE-2023-32594](CVE-2023/CVE-2023-325xx/CVE-2023-32594.json) (`2023-11-15T15:39:23.877`)
* [CVE-2023-4956](CVE-2023/CVE-2023-49xx/CVE-2023-4956.json) (`2023-11-15T15:40:02.737`)
* [CVE-2023-4154](CVE-2023/CVE-2023-41xx/CVE-2023-4154.json) (`2023-11-15T15:40:50.033`)
* [CVE-2023-46243](CVE-2023/CVE-2023-462xx/CVE-2023-46243.json) (`2023-11-15T15:41:03.463`)
* [CVE-2023-5998](CVE-2023/CVE-2023-59xx/CVE-2023-5998.json) (`2023-11-15T15:41:50.257`)
* [CVE-2023-5309](CVE-2023/CVE-2023-53xx/CVE-2023-5309.json) (`2023-11-15T15:46:11.740`)
* [CVE-2023-46253](CVE-2023/CVE-2023-462xx/CVE-2023-46253.json) (`2023-11-15T15:47:04.770`)
* [CVE-2023-28499](CVE-2023/CVE-2023-284xx/CVE-2023-28499.json) (`2023-11-15T15:48:21.907`)
* [CVE-2023-5996](CVE-2023/CVE-2023-59xx/CVE-2023-5996.json) (`2023-11-15T15:48:42.877`)
* [CVE-2023-47229](CVE-2023/CVE-2023-472xx/CVE-2023-47229.json) (`2023-11-15T15:49:10.033`)
* [CVE-2023-46252](CVE-2023/CVE-2023-462xx/CVE-2023-46252.json) (`2023-11-15T15:52:36.240`)
* [CVE-2023-46765](CVE-2023/CVE-2023-467xx/CVE-2023-46765.json) (`2023-11-15T16:01:11.077`)
* [CVE-2023-46764](CVE-2023/CVE-2023-467xx/CVE-2023-46764.json) (`2023-11-15T16:16:19.310`)
* [CVE-2023-46763](CVE-2023/CVE-2023-467xx/CVE-2023-46763.json) (`2023-11-15T16:16:36.933`)
* [CVE-2023-44115](CVE-2023/CVE-2023-441xx/CVE-2023-44115.json) (`2023-11-15T16:16:46.917`)
* [CVE-2023-5801](CVE-2023/CVE-2023-58xx/CVE-2023-5801.json) (`2023-11-15T16:16:56.247`)
* [CVE-2023-35767](CVE-2023/CVE-2023-357xx/CVE-2023-35767.json) (`2023-11-15T16:17:04.597`)
* [CVE-2023-32298](CVE-2023/CVE-2023-322xx/CVE-2023-32298.json) (`2023-11-15T16:17:11.723`)
* [CVE-2023-46759](CVE-2023/CVE-2023-467xx/CVE-2023-46759.json) (`2023-11-15T16:17:22.023`)
* [CVE-2023-46758](CVE-2023/CVE-2023-467xx/CVE-2023-46758.json) (`2023-11-15T16:18:47.657`)
* [CVE-2023-46757](CVE-2023/CVE-2023-467xx/CVE-2023-46757.json) (`2023-11-15T16:19:03.930`)
* [CVE-2023-46756](CVE-2023/CVE-2023-467xx/CVE-2023-46756.json) (`2023-11-15T16:20:22.913`)
* [CVE-2023-47231](CVE-2023/CVE-2023-472xx/CVE-2023-47231.json) (`2023-11-15T16:21:11.800`)
* [CVE-2023-23368](CVE-2023/CVE-2023-233xx/CVE-2023-23368.json) (`2023-11-15T16:28:56.140`)
* [CVE-2023-23369](CVE-2023/CVE-2023-233xx/CVE-2023-23369.json) (`2023-11-15T16:29:27.060`)
* [CVE-2023-31086](CVE-2023/CVE-2023-310xx/CVE-2023-31086.json) (`2023-11-15T17:49:30.480`)
* [CVE-2023-36024](CVE-2023/CVE-2023-360xx/CVE-2023-36024.json) (`2023-11-15T17:49:38.517`)
* [CVE-2023-45849](CVE-2023/CVE-2023-458xx/CVE-2023-45849.json) (`2023-11-15T18:24:38.817`)
* [CVE-2023-45319](CVE-2023/CVE-2023-453xx/CVE-2023-45319.json) (`2023-11-15T18:31:29.637`)
* [CVE-2023-47397](CVE-2023/CVE-2023-473xx/CVE-2023-47397.json) (`2023-11-15T18:36:36.873`)
* [CVE-2023-22719](CVE-2023/CVE-2023-227xx/CVE-2023-22719.json) (`2023-11-15T18:40:21.427`)
* [CVE-2023-5136](CVE-2023/CVE-2023-51xx/CVE-2023-5136.json) (`2023-11-15T18:42:41.643`)
* [CVE-2023-23678](CVE-2023/CVE-2023-236xx/CVE-2023-23678.json) (`2023-11-15T18:43:43.703`)
* [CVE-2023-46642](CVE-2023/CVE-2023-466xx/CVE-2023-46642.json) (`2023-11-15T18:45:53.883`)
* [CVE-2023-23796](CVE-2023/CVE-2023-237xx/CVE-2023-23796.json) (`2023-11-15T18:47:20.180`)
* [CVE-2023-25983](CVE-2023/CVE-2023-259xx/CVE-2023-25983.json) (`2023-11-15T18:47:31.797`)
* [CVE-2023-36527](CVE-2023/CVE-2023-365xx/CVE-2023-36527.json) (`2023-11-15T18:47:49.703`)
* [CVE-2023-32602](CVE-2023/CVE-2023-326xx/CVE-2023-32602.json) (`2023-11-15T18:49:21.803`)
* [CVE-2023-34025](CVE-2023/CVE-2023-340xx/CVE-2023-34025.json) (`2023-11-15T18:51:23.390`)
* [CVE-2023-34024](CVE-2023/CVE-2023-340xx/CVE-2023-34024.json) (`2023-11-15T18:51:36.880`)
* [CVE-2023-32794](CVE-2023/CVE-2023-327xx/CVE-2023-32794.json) (`2023-11-15T18:51:46.473`)
* [CVE-2023-32745](CVE-2023/CVE-2023-327xx/CVE-2023-32745.json) (`2023-11-15T18:51:55.497`)
* [CVE-2023-32744](CVE-2023/CVE-2023-327xx/CVE-2023-32744.json) (`2023-11-15T18:52:04.750`)
* [CVE-2023-32739](CVE-2023/CVE-2023-327xx/CVE-2023-32739.json) (`2023-11-15T18:53:54.840`)
* [CVE-2023-31078](CVE-2023/CVE-2023-310xx/CVE-2023-31078.json) (`2023-11-15T18:54:15.437`)
* [CVE-2023-36667](CVE-2023/CVE-2023-366xx/CVE-2023-36667.json) (`2023-11-15T18:55:06.793`)
* [CVE-2023-30478](CVE-2023/CVE-2023-304xx/CVE-2023-30478.json) (`2023-11-15T18:57:55.753`)
* [CVE-2023-29440](CVE-2023/CVE-2023-294xx/CVE-2023-29440.json) (`2023-11-15T18:58:06.763`)
* [CVE-2023-29428](CVE-2023/CVE-2023-294xx/CVE-2023-29428.json) (`2023-11-15T18:59:05.663`)
* [CVE-2023-29426](CVE-2023/CVE-2023-294xx/CVE-2023-29426.json) (`2023-11-15T19:00:02.927`)
## Download and Usage