Dernières vulnérabilités du Mercredi 30 Août 2023

Dernières vulnérabilités du Mercredi 30 Août 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 30/08/2023 à 23:58:02

(2) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : wordfence.com

Vulnérabilité ID : CVE-2023-4596

Première publication le : 30-08-2023 02:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVE ID : CVE-2023-4596
Source : security@wordfence.com
Score CVSS : 9.8

Références :
https://plugins.trac.wordpress.org/changeset/2954409/forminator/trunk/library/fields/postdata.php | source : security@wordfence.com
https://www.exploit-db.com/exploits/51664 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/9cd87da6-1f4c-4a15-8ebb-6e0f8ef72513?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-434


Source : github.com

Vulnérabilité ID : CVE-2023-40582

Première publication le : 30-08-2023 18:15:09
Dernière modification le : 30-08-2023 18:15:09

Description :
find-exec is a utility to discover available shell commands. Versions prior to 1.0.3 did not properly escape user input and are vulnerable to Command Injection via an attacker controlled parameter. As a result, attackers may run malicious shell commands in the context of the running process. This issue has been addressed in version 1.0.3. users are advised to upgrade. Users unable to upgrade should ensure that all input passed to find-exec comes from a trusted source.

CVE ID : CVE-2023-40582
Source : security-advisories@github.com
Score CVSS : 9.8

Références :
https://github.com/shime/find-exec/commit/74fb108097c229b03d6dba4cce81e36aa364b51c | source : security-advisories@github.com
https://github.com/shime/find-exec/security/advisories/GHSA-95rp-6gqp-6622 | source : security-advisories@github.com

Vulnérabilité : CWE-78


(28) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : splunk.com

Vulnérabilité ID : CVE-2023-40595

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that they can then use to serialize untrusted data. The attacker can use the query to execute arbitrary code.

CVE ID : CVE-2023-40595
Source : prodsec@splunk.com
Score CVSS : 8.8

Références :
https://advisory.splunk.com/advisories/SVD-2023-0804 | source : prodsec@splunk.com


Vulnérabilité ID : CVE-2023-4571

Première publication le : 30-08-2023 17:15:11
Dernière modification le : 30-08-2023 17:15:11

Description :
In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can inject American National Standards Institute (ANSI) escape codes into Splunk ITSI log files that, when a vulnerable terminal application reads them, can run malicious code in the vulnerable application. This attack requires a user to use a terminal application that translates ANSI escape codes to read the malicious log file locally in the vulnerable terminal. The vulnerability also requires additional user interaction to succeed. The vulnerability does not directly affect Splunk ITSI. The indirect impact on Splunk ITSI can vary significantly depending on the permissions in the vulnerable terminal application, as well as where and how the user reads the malicious log file. For example, users can copy the malicious file from Splunk ITSI and read it on their local machine.

CVE ID : CVE-2023-4571
Source : prodsec@splunk.com
Score CVSS : 8.6

Références :
https://advisory.splunk.com/advisories/SVD-2023-0810 | source : prodsec@splunk.com


Vulnérabilité ID : CVE-2023-40598

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external lookup that calls a legacy internal function. The attacker can use this internal function to insert code into the Splunk platform installation directory. From there, a user can execute arbitrary code on the Splunk platform Instance.

CVE ID : CVE-2023-40598
Source : prodsec@splunk.com
Score CVSS : 8.5

Références :
https://advisory.splunk.com/advisories/SVD-2023-0807 | source : prodsec@splunk.com


Vulnérabilité ID : CVE-2023-40592

Première publication le : 30-08-2023 17:15:09
Dernière modification le : 30-08-2023 17:15:09

Description :
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance.

CVE ID : CVE-2023-40592
Source : prodsec@splunk.com
Score CVSS : 8.4

Références :
https://advisory.splunk.com/advisories/SVD-2023-0801 | source : prodsec@splunk.com


Vulnérabilité ID : CVE-2023-40597

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk.

CVE ID : CVE-2023-40597
Source : prodsec@splunk.com
Score CVSS : 7.8

Références :
https://advisory.splunk.com/advisories/SVD-2023-0806 | source : prodsec@splunk.com


Vulnérabilité ID : CVE-2023-40596

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL) that ships with Splunk Enterprise references an insecure path for the OPENSSLDIR build definition. An attacker can abuse this reference and subsequently install malicious code to achieve privilege escalation on the Windows machine.

CVE ID : CVE-2023-40596
Source : prodsec@splunk.com
Score CVSS : 7.0

Références :
https://advisory.splunk.com/advisories/SVD-2023-0805 | source : prodsec@splunk.com


Source : github.com

Vulnérabilité ID : CVE-2023-41039

Première publication le : 30-08-2023 18:15:09
Dernière modification le : 30-08-2023 18:15:09

Description :
RestrictedPython is a restricted execution environment for Python to run untrusted code. Python's "format" functionality allows someone controlling the format string to "read" all objects accessible through recursive attribute lookup and subscription from objects he can access. This can lead to critical information disclosure. With `RestrictedPython`, the format functionality is available via the `format` and `format_map` methods of `str` (and `unicode`) (accessed either via the class or its instances) and via `string.Formatter`. All known versions of `RestrictedPython` are vulnerable. This issue has been addressed in commit `4134aedcff1` which has been included in the 5.4 and 6.2 releases. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-41039
Source : security-advisories@github.com
Score CVSS : 8.3

Références :
https://github.com/zopefoundation/RestrictedPython/commit/4134aedcff17c977da7717693ed89ce56d54c120 | source : security-advisories@github.com
https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-xjw2-6jm9-rf67 | source : security-advisories@github.com

Vulnérabilité : CWE-74


Source : wordfence.com

Vulnérabilité ID : CVE-2023-3136

Première publication le : 30-08-2023 09:15:08
Dernière modification le : 30-08-2023 13:23:15

Description :
The MailArchiver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-3136
Source : security@wordfence.com
Score CVSS : 7.2

Références :
https://plugins.trac.wordpress.org/changeset/2937545/mailarchiver | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/ce330cae-c2f8-42f3-822b-ca24bf46e433?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Source : patchstack.com

Vulnérabilité ID : CVE-2023-25019

Première publication le : 30-08-2023 12:15:08
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premio Chaty plugin <= 3.0.9 versions

CVE ID : CVE-2023-25019
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/chaty/wordpress-chaty-plugin-3-0-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32597

Première publication le : 30-08-2023 12:15:08
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Gallery plugin <= 1.0.10 versions.

CVE ID : CVE-2023-32597
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/video-slider-with-thumbnails/wordpress-video-gallery-plugin-1-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32742

Première publication le : 30-08-2023 12:15:08
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in VeronaLabs WP SMS plugin <= 6.1.4 versions.

CVE ID : CVE-2023-32742
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wp-sms/wordpress-wp-sms-plugin-6-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32801

Première publication le : 30-08-2023 12:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Composite Products plugin <= 8.7.5 versions.

CVE ID : CVE-2023-32801
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woocommerce-composite-products/wordpress-woocommerce-composite-products-plugin-8-7-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32802

Première publication le : 30-08-2023 12:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin <= 1.9.0 versions.

CVE ID : CVE-2023-32802
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woocommerce-pre-orders/wordpress-woocommerce-pre-orders-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33317

Première publication le : 30-08-2023 13:15:12
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Returns and Warranty Requests plugin <= 2.1.6 versions.

CVE ID : CVE-2023-33317
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woocommerce-warranty/wordpress-woocommerce-warranty-requests-plugin-2-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33320

Première publication le : 30-08-2023 13:15:12
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mohammad I. Okfie WP-Hijri plugin <= 1.5.1 versions.

CVE ID : CVE-2023-33320
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wp-hijri/wordpress-wp-hijri-plugin-1-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33325

Première publication le : 30-08-2023 13:15:12
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.30.1 versions.

CVE ID : CVE-2023-33325
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/leyka/wordpress-leyka-plugin-3-29-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34174

Première publication le : 30-08-2023 14:15:08
Dernière modification le : 30-08-2023 14:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BBS e-Theme BBS e-Popup plugin <= 2.4.5 versions.

CVE ID : CVE-2023-34174
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/bbs-e-popup/wordpress-bbs-e-popup-plugin-2-4-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34175

Première publication le : 30-08-2023 14:15:09
Dernière modification le : 30-08-2023 14:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.

CVE ID : CVE-2023-34175
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/login-configurator/wordpress-login-configurator-plugin-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34176

Première publication le : 30-08-2023 14:15:09
Dernière modification le : 30-08-2023 14:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chilexpress Chilexpress woo oficial plugin <= 1.2.9 versions.

CVE ID : CVE-2023-34176
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/chilexpress-oficial/wordpress-chilexpress-woo-oficial-plugin-1-2-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34180

Première publication le : 30-08-2023 14:15:09
Dernière modification le : 30-08-2023 14:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in KAPlugins Google Fonts For WordPress plugin <= 3.0.0 versions.

CVE ID : CVE-2023-34180
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/free-google-fonts/wordpress-google-fonts-for-wordpress-plugin-3-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34184

Première publication le : 30-08-2023 14:15:09
Dernière modification le : 30-08-2023 14:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Bhavik Patel Woocommerce Order address Print plugin <= 3.2 versions.

CVE ID : CVE-2023-34184
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/woocommerce-order-address-print/wordpress-woocommerce-order-address-print-plugin-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34008

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in weDevs WP ERP plugin <= 1.12.3 versions.

CVE ID : CVE-2023-34008
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/erp/wordpress-wp-erp-plugin-1-12-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34022

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rakib Hasan Dynamic QR Code Generator plugin <= 0.0.5 versions.

CVE ID : CVE-2023-34022
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/dynamic-qr-code-generator/wordpress-dynamic-qr-code-generator-plugin-0-0-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34023

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions.

CVE ID : CVE-2023-34023
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wordpress-social-login/wordpress-wordpress-social-login-plugin-3-0-4-cross-site-scripting-xss-vulnerability-2?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34032

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions.

CVE ID : CVE-2023-34032
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/bbp-toolkit/wordpress-bbpress-toolkit-plugin-1-0-12-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25453

Première publication le : 30-08-2023 16:15:08
Dernière modification le : 30-08-2023 16:15:08

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ian Sadovy WordPress Tables plugin <= 1.3.9 versions.

CVE ID : CVE-2023-25453
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wptables/wordpress-wordpress-tables-plugin-1-3-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25466

Première publication le : 30-08-2023 16:15:09
Dernière modification le : 30-08-2023 16:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mahlamusa Who Hit The Page – Hit Counter plugin <= 1.4.14.3 versions.

CVE ID : CVE-2023-25466
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/who-hit-the-page-hit-counter/wordpress-who-hit-the-page-hit-counter-plugin-1-4-14-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25471

Première publication le : 30-08-2023 16:15:09
Dernière modification le : 30-08-2023 16:15:09

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions.

CVE ID : CVE-2023-25471
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/wcp-openweather/wordpress-wcp-openweather-plugin-2-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


(32) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : patchstack.com

Vulnérabilité ID : CVE-2023-32746

Première publication le : 30-08-2023 12:15:08
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Brands plugin <= 1.6.45 versions.

CVE ID : CVE-2023-32746
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/woocommerce-brands/wordpress-woocommerce-brands-plugin-1-6-45-contributor-stored-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32793

Première publication le : 30-08-2023 12:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin <= 2.0.0 versions.

CVE ID : CVE-2023-32793
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/woocommerce-pre-orders/wordpress-woocommerce-pre-orders-plugin-2-0-0-contributor-stored-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34004

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Box Office plugin <= 1.1.50 versions.

CVE ID : CVE-2023-34004
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/woocommerce-box-office/wordpress-woocommerce-box-office-plugin-1-1-50-contributor-stored-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-35094

Première publication le : 30-08-2023 16:15:10
Dernière modification le : 30-08-2023 16:15:10

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Berthelot / MPEmbed WP Matterport Shortcode plugin <= 2.1.4 versions.

CVE ID : CVE-2023-35094
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/shortcode-gallery-for-matterport-showcase/wordpress-wp-matterport-shortcode-plugin-2-1-4-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32962

Première publication le : 30-08-2023 12:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in HasTheme WishSuite – Wishlist for WooCommerce plugin <= 1.3.4 versions.

CVE ID : CVE-2023-32962
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wishsuite/wordpress-wishsuite-wishlist-for-woocommerce-plugin-1-3-4-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25462

Première publication le : 30-08-2023 13:15:10
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP htaccess Control plugin <= 3.5.1 versions.

CVE ID : CVE-2023-25462
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-htaccess-control/wordpress-wp-htaccess-control-plugin-3-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-27426

Première publication le : 30-08-2023 13:15:11
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Notifyvisitors NotifyVisitors plugin <= 1.0 versions.

CVE ID : CVE-2023-27426
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/notifyvisitors-lead-form/wordpress-notify-visitors-lead-form-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33208

Première publication le : 30-08-2023 13:15:11
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gsmith Cookie Monster plugin <= 1.51 versions.

CVE ID : CVE-2023-33208
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/cookiemonster/wordpress-cookie-monster-plugin-1-51-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33210

Première publication le : 30-08-2023 13:15:11
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nuajik plugin <= 0.1.0 versions.

CVE ID : CVE-2023-33210
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/nuajik-cdn/wordpress-nuajik-cdn-plugin-0-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-33929

Première publication le : 30-08-2023 13:15:12
Dernière modification le : 30-08-2023 13:23:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaquín Ruiz Easy Admin Menu plugin <= 1.3 versions.

CVE ID : CVE-2023-33929
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/easy-admin-menu/wordpress-easy-admin-menu-plugin-1-3-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34183

Première publication le : 30-08-2023 14:15:09
Dernière modification le : 30-08-2023 14:15:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Valiano Unite Gallery Lite plugin <= 1.7.61 versions.

CVE ID : CVE-2023-34183
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/unite-gallery-lite/wordpress-unite-gallery-lite-plugin-1-7-60-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34187

Première publication le : 30-08-2023 14:15:10
Dernière modification le : 30-08-2023 14:15:10

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alan Tien Call Now Icon Animate plugin <= 0.1.0 versions.

CVE ID : CVE-2023-34187
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/call-now-icon-animate/wordpress-call-now-icon-animate-plugin-0-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34172

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions.

CVE ID : CVE-2023-34172
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wordpress-social-login/wordpress-wordpress-social-login-plugin-3-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34173

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alexander Semikashev Yandex Metrica Counter plugin <= 1.4.3 versions.

CVE ID : CVE-2023-34173
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/counter-yandex-metrica/wordpress-yandex-metrica-counter-plugin-1-4-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-24397

Première publication le : 30-08-2023 16:15:08
Dernière modification le : 30-08-2023 16:15:08

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Reservation.Studio Reservation.Studio widget plugin <= 1.0.11 versions.

CVE ID : CVE-2023-24397
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/reservation-studio-widget/wordpress-reservation-studio-widget-plugin-1-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-24401

Première publication le : 30-08-2023 16:15:08
Dernière modification le : 30-08-2023 16:15:08

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Davidsword Mobile Call Now & Map Buttons plugin <= 1.5.0 versions.

CVE ID : CVE-2023-24401
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/mobile-call-now-map-buttons/wordpress-mobile-call-now-map-buttons-plugin-1-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-27621

Première publication le : 30-08-2023 16:15:09
Dernière modification le : 30-08-2023 16:15:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MrDemonWolf Livestream Notice plugin <= 1.2.0 versions.

CVE ID : CVE-2023-27621
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/livestream-notice/wordpress-livestream-notice-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28415

Première publication le : 30-08-2023 16:15:09
Dernière modification le : 30-08-2023 16:15:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XootiX Side Cart Woocommerce (Ajax) plugin <= 2.2 versions.

CVE ID : CVE-2023-28415
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/side-cart-woocommerce/wordpress-side-cart-woocommerce-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28692

Première publication le : 30-08-2023 16:15:09
Dernière modification le : 30-08-2023 16:15:09

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.3 versions.

CVE ID : CVE-2023-28692
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-abstracts-manuscripts-manager/wordpress-wp-abstracts-plugin-2-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32294

Première publication le : 30-08-2023 16:15:10
Dernière modification le : 30-08-2023 16:15:10

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin <= 1.1.6 versions.

CVE ID : CVE-2023-32294
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/cookie-consent-box/wordpress-gdpr-cookie-consent-notice-box-plugin-1-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34372

Première publication le : 30-08-2023 16:15:10
Dernière modification le : 30-08-2023 16:15:10

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.

CVE ID : CVE-2023-34372
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/spamreferrerblock/wordpress-spamreferrerblock-plugin-2-22-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-35092

Première publication le : 30-08-2023 16:15:10
Dernière modification le : 30-08-2023 16:15:10

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Abhay Yadav Breadcrumb simple plugin <= 1.3 versions.

CVE ID : CVE-2023-35092
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/breadcrumb-simple/wordpress-breadcrumb-simple-plugin-1-3-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-32740

Première publication le : 30-08-2023 11:15:40
Dernière modification le : 30-08-2023 13:23:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.8.1 versions.

CVE ID : CVE-2023-32740
Source : audit@patchstack.com
Score CVSS : 5.8

Références :
https://patchstack.com/database/vulnerability/custom-404-pro/wordpress-custom-404-pro-plugin-3-8-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : cisco.com

Vulnérabilité ID : CVE-2023-20266

Première publication le : 30-08-2023 17:15:08
Dernière modification le : 30-08-2023 17:15:08

Description :
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device.

CVE ID : CVE-2023-20266
Source : ykramarz@cisco.com
Score CVSS : 6.5

Références :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-priv-esc-D8Bky5eg | source : ykramarz@cisco.com


Source : splunk.com

Vulnérabilité ID : CVE-2023-40594

Première publication le : 30-08-2023 17:15:09
Dernière modification le : 30-08-2023 17:15:09

Description :
In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the `printf` SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance.

CVE ID : CVE-2023-40594
Source : prodsec@splunk.com
Score CVSS : 6.5

Références :
https://advisory.splunk.com/advisories/SVD-2023-0803 | source : prodsec@splunk.com


Vulnérabilité ID : CVE-2023-40593

Première publication le : 30-08-2023 17:15:09
Dernière modification le : 30-08-2023 17:15:09

Description :
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

CVE ID : CVE-2023-40593
Source : prodsec@splunk.com
Score CVSS : 6.3

Références :
https://advisory.splunk.com/advisories/SVD-2023-0802 | source : prodsec@splunk.com


Source : yugabyte.com

Vulnérabilité ID : CVE-2023-4640

Première publication le : 30-08-2023 17:15:11
Dernière modification le : 30-08-2023 17:15:11

Description :
The controller responsible for setting the logging level does not include any authorization checks to ensure the user is authenticated. This can be seen by noting that it extends Controller rather than AuthenticatedController and includes no further checks. This issue affects YugabyteDB Anywhere: from 2.0.0 through 2.17.3

CVE ID : CVE-2023-4640
Source : security@yugabyte.com
Score CVSS : 6.5

Références :
https://www.yugabyte.com/ | source : security@yugabyte.com

Vulnérabilité : CWE-284


Source : wordfence.com

Vulnérabilité ID : CVE-2023-4597

Première publication le : 30-08-2023 02:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slimstat' shortcode in versions up to, and including, 5.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4597
Source : security@wordfence.com
Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/wp-slimstat/tags/5.0.9/wp-slimstat.php#L892 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2959452%40wp-slimstat&new=2959452%40wp-slimstat&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/52aee4b8-f494-4eeb-8357-71ce8d5bc656?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4599

Première publication le : 30-08-2023 02:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4599
Source : security@wordfence.com
Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/email-encoder-bundle/tags/2.1.7/core/includes/classes/class-email-encoder-bundle-run.php#L529 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2958823/email-encoder-bundle#file60 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/e90f04e4-eb4c-4822-89c6-79f553987c37?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4600

Première publication le : 30-08-2023 12:15:09
Dernière modification le : 30-08-2023 13:23:15

Description :
The AffiliateWP for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'affwp_activate_addons_page_plugin' function called via an AJAX action in versions up to, and including, 2.14.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to activate arbitrary plugins.

CVE ID : CVE-2023-4600
Source : security@wordfence.com
Score CVSS : 4.3

Références :
https://affiliatewp.com/changelog/ | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/eab422b8-8cf5-441e-a21f-6a0e1b7642b2?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Source : github.com

Vulnérabilité ID : CVE-2023-36811

Première publication le : 30-08-2023 18:15:09
Dernière modification le : 30-08-2023 18:15:09

Description :
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to: 1. insert files (with no additional headers) into backups and 2. gain write access to the repository. This vulnerability does not disclose plaintext to the attacker, nor does it affect the authenticity of existing archives. Creating plausible fake archives may be feasible for empty or small archives, but is unlikely for large archives. The issue has been fixed in borgbackup 1.2.5. Users are advised to upgrade. Additionally to installing the fixed code, users must follow the upgrade procedure as documented in the change log. Data loss after being attacked can be avoided by reviewing the archives (timestamp and contents valid and as expected) after any "borg check --repair" and before "borg prune". There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-36811
Source : security-advisories@github.com
Score CVSS : 4.7

Références :
https://github.com/borgbackup/borg/blob/1.2.5-cvedocs/docs/changes.rst#pre-125-archives-spoofing-vulnerability-cve-2023-36811 | source : security-advisories@github.com
https://github.com/borgbackup/borg/commit/3eb070191da10c2d3f7bc6484cf3d51c3045f884 | source : security-advisories@github.com
https://github.com/borgbackup/borg/security/advisories/GHSA-8fjr-hghr-4m99 | source : security-advisories@github.com

Vulnérabilité : CWE-347


Source : gitlab.com

Vulnérabilité ID : CVE-2023-4522

Première publication le : 30-08-2023 08:15:52
Dernière modification le : 30-08-2023 13:23:15

Description :
An issue has been discovered in GitLab affecting all versions starting from 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit

CVE ID : CVE-2023-4522
Source : cve@gitlab.com
Score CVSS : 4.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/406817 | source : cve@gitlab.com
https://hackerone.com/reports/1937213 | source : cve@gitlab.com

Vulnérabilité : CWE-138


(2) Vulnérabilité(s) LOW [0.1, 3.9]

Source : github.com

Vulnérabilité ID : CVE-2023-40184

Première publication le : 30-08-2023 18:15:09
Dernière modification le : 30-08-2023 18:15:09

Description :
xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue.

CVE ID : CVE-2023-40184
Source : security-advisories@github.com
Score CVSS : 2.6

Références :
https://github.com/neutrinolabs/xrdp/blame/9bbb2ec68f390504c32f2062847aa3d821a0089a/sesman/sesexec/session.c#L571C5-L571C19 | source : security-advisories@github.com
https://github.com/neutrinolabs/xrdp/commit/a111a0fdfe2421ef600e40708b5f0168594cfb23 | source : security-advisories@github.com
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-f489-557v-47jq | source : security-advisories@github.com

Vulnérabilité : CWE-755


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4624

Première publication le : 30-08-2023 13:15:15
Dernière modification le : 30-08-2023 13:23:15

Description :
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.

CVE ID : CVE-2023-4624
Source : security@huntr.dev
Score CVSS : 2.4

Références :
https://github.com/bookstackapp/bookstack/commit/c324ad928dbdd54ce5b09eb0dabe60ef9de1ea38 | source : security@huntr.dev
https://huntr.dev/bounties/9ce5cef6-e546-44e7-addf-a2726fa4e60c | source : security@huntr.dev

Vulnérabilité : CWE-918


(43) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : samsung.com

Vulnérabilité ID : CVE-2023-41269

Première publication le : 30-08-2023 02:15:08
Dernière modification le : 30-08-2023 02:15:08

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

CVE ID : CVE-2023-41269
Source : PSIRT@samsung.com
Score CVSS : /

Références :


Source : google.com

Vulnérabilité ID : CVE-2023-4525

Première publication le : 30-08-2023 02:15:09
Dernière modification le : 30-08-2023 02:15:09

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

CVE ID : CVE-2023-4525
Source : mandiant-cve@google.com
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-4526

Première publication le : 30-08-2023 02:15:09
Dernière modification le : 30-08-2023 02:15:09

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

CVE ID : CVE-2023-4526
Source : mandiant-cve@google.com
Score CVSS : /

Références :


Source : tigera.io

Vulnérabilité ID : CVE-2023-4609

Première publication le : 30-08-2023 02:15:10
Dernière modification le : 30-08-2023 02:15:10

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.

CVE ID : CVE-2023-4609
Source : psirt@tigera.io
Score CVSS : /

Références :


Source : mitre.org

Vulnérabilité ID : CVE-2023-41552

Première publication le : 30-08-2023 13:15:13
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.

CVE ID : CVE-2023-41552
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/form_fast_setting_wifi_set/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41553

Première publication le : 30-08-2023 13:15:13
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg.

CVE ID : CVE-2023-41553
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/fromSetRouteStatic/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41554

Première publication le : 30-08-2023 13:15:13
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.

CVE ID : CVE-2023-41554
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/fromSetWirelessRepeat/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41555

Première publication le : 30-08-2023 13:15:13
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter security_5g at url /goform/WifiBasicSet.

CVE ID : CVE-2023-41555
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/formWifiBasicSet/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41556

Première publication le : 30-08-2023 13:15:13
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind.

CVE ID : CVE-2023-41556
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/fromSetIpMacBind/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41557

Première publication le : 30-08-2023 13:15:14
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter entrys and mitInterface at url /goform/addressNat.

CVE ID : CVE-2023-41557
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/fromAddressNat/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41558

Première publication le : 30-08-2023 13:15:14
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeCfg.

CVE ID : CVE-2023-41558
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/fromSetSysTime/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41559

Première publication le : 30-08-2023 13:15:14
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.

CVE ID : CVE-2023-41559
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/fromNatStaticSetting/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41560

Première publication le : 30-08-2023 13:15:14
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.

CVE ID : CVE-2023-41560
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/formSetFirewallCfg/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41561

Première publication le : 30-08-2023 13:15:14
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.

CVE ID : CVE-2023-41561
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/formSetPPTPServer/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41562

Première publication le : 30-08-2023 13:15:14
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.

CVE ID : CVE-2023-41562
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/setSmartPowerManagement/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41563

Première publication le : 30-08-2023 13:15:15
Dernière modification le : 30-08-2023 13:23:15

Description :
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.

CVE ID : CVE-2023-41563
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/peris-navince/founded-0-days/blob/main/GetParentControlInfo/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41537

Première publication le : 30-08-2023 14:15:10
Dernière modification le : 30-08-2023 14:15:10

Description :
phpjabbers Business Directory Script 3.2 is vulnerable to Cross Site Scripting (XSS) via the keyword parameter.

CVE ID : CVE-2023-41537
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Business-Directory-Script-Version%3A3.2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41538

Première publication le : 30-08-2023 14:15:11
Dernière modification le : 30-08-2023 14:15:11

Description :
phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting (XSS) via the keyword parameter.

CVE ID : CVE-2023-41538
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/PHP-Forum-Script-3.0 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41539

Première publication le : 30-08-2023 14:15:11
Dernière modification le : 30-08-2023 14:15:11

Description :
phpjabbers Business Directory Script 3.2 is vulnerable to SQL Injection via the column parameter.

CVE ID : CVE-2023-41539
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Business-Directory-Script-Version%3A3.2/SQLi | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40837

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute commands.

CVE ID : CVE-2023-40837
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/cmd/2/2.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40838

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.

CVE ID : CVE-2023-40838
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/cmd/1/1.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40839

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.

CVE ID : CVE-2023-40839
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/cmd/3/3.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40840

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."

CVE ID : CVE-2023-40840
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/6/6.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40841

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"

CVE ID : CVE-2023-40841
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/5/5.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40842

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."

CVE ID : CVE-2023-40842
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/4/4.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40843

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."

CVE ID : CVE-2023-40843
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/8/8.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40844

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'

CVE ID : CVE-2023-40844
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/2/2.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40845

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.

CVE ID : CVE-2023-40845
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/14/14.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40847

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.

CVE ID : CVE-2023-40847
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/12/12.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40848

Première publication le : 30-08-2023 17:15:10
Dernière modification le : 30-08-2023 17:15:10

Description :
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."

CVE ID : CVE-2023-40848
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/11/11.md | source : cve@mitre.org


Source : wpscan.com

Vulnérabilité ID : CVE-2022-1601

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible for attackers to access restricted content in certain situations.

CVE ID : CVE-2022-1601
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/f6d3408c-2ceb-4a89-822b-13f5272a5fce | source : contact@wpscan.com

Vulnérabilité : CWE-290


Vulnérabilité ID : CVE-2023-1982

Première publication le : 30-08-2023 15:15:08
Dernière modification le : 30-08-2023 15:15:08

Description :
The Front Editor WordPress plugin through 4.0.4 does not sanitize and escape some of its form settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-1982
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/51987966-8007-4e12-bc2e-997b92054739 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3356

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The Subscribers Text Counter WordPress plugin before 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping

CVE ID : CVE-2023-3356
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/93faad5b-e1e8-4e49-b19e-b91343d68b51 | source : contact@wpscan.com

Vulnérabilité : CWE-352
Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3501

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The FormCraft WordPress plugin before 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-3501
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/d3fb4a2b-ed51-4654-b7c1-4b0f59cd1ecf | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3720

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The Upload Media By URL WordPress plugin before 1.0.8 does not have CSRF check when uploading files, which could allow attackers to make logged in admins upload files (including HTML containing JS code for users with the unfiltered_html capability) on their behalf.

CVE ID : CVE-2023-3720
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/16375a7f-0a9f-4961-8510-d047ffbf3954 | source : contact@wpscan.com

Vulnérabilité : CWE-352
Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3992

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The PostX WordPress plugin before 3.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-3992
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/c43b669f-0377-4402-833c-817b75001888 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4013

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) WordPress plugin before 4.12.5 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks

CVE ID : CVE-2023-4013
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/54e4494c-a280-4d91-803d-7d55159cdbc5 | source : contact@wpscan.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-4023

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger.

CVE ID : CVE-2023-4023
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/682c0226-28bd-4051-830d-8b679626213d | source : contact@wpscan.com

Vulnérabilité : CWE-639


Vulnérabilité ID : CVE-2023-4035

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The Simple Blog Card WordPress plugin before 1.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

CVE ID : CVE-2023-4035
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/8fd9192a-2d08-4127-adcd-87fb1ea8d6fc | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4036

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones

CVE ID : CVE-2023-4036
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/de3e1718-c358-4510-b142-32896ffeb03f | source : contact@wpscan.com

Vulnérabilité : CWE-639


Vulnérabilité ID : CVE-2023-4109

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by a HTML Injection security vulnerability.

CVE ID : CVE-2023-4109
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/558e06ab-704b-4bb1-ba7f-b5f6bbbd68d9 | source : contact@wpscan.com

Vulnérabilité : CWE-80


Vulnérabilité ID : CVE-2023-4150

Première publication le : 30-08-2023 15:15:09
Dernière modification le : 30-08-2023 15:15:09

Description :
The User Activity Tracking and Log WordPress plugin before 4.0.9 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks

CVE ID : CVE-2023-4150
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/381ef15b-aafe-4ef4-a0bc-867d891f7f44 | source : contact@wpscan.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-4209

Première publication le : 30-08-2023 15:15:10
Dernière modification le : 30-08-2023 15:15:10

Description :
The POEditor WordPress plugin before 0.9.8 does not have CSRF checks in various places, which could allow attackers to make logged in admins perform unwanted actions, such as reset the plugin's settings and update its API key via CSRF attacks.

CVE ID : CVE-2023-4209
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/b2c6fa7d-1b0f-444b-8ca5-8c1c06cea1d9 | source : contact@wpscan.com

Vulnérabilité : CWE-352


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.