-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Weston Steimel <[email protected]>
- Loading branch information
1 parent
cd265f5
commit 52b8b74
Showing
114 changed files
with
4,981 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-22701", | ||
"description": "Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/ebook-store/vulnerability/wordpress-ebook-store-plugin-5-775-broken-authentication-vulnerability?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"No patched version is available." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:shopfiles:ebook_store:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "ebook-store", | ||
"packageType": "wordpress-plugin", | ||
"product": "Ebook Store", | ||
"repo": "https://plugins.svn.wordpress.org/ebook-store", | ||
"vendor": "Shopfiles Ltd", | ||
"versions": [ | ||
{ | ||
"lessThan": "5.78", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4b17cce-bb52-4125-8c85-6da15517275f?source=cve" | ||
} | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-22708", | ||
"description": "Missing Authorization vulnerability in Karim Salman Kraken.io Image Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kraken.io Image Optimizer: from n/a through 2.6.7.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/kraken-image-optimizer/vulnerability/wordpress-kraken-io-image-optimizer-plugin-2-6-7-broken-access-control?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"Update the WordPress Kraken.io Image Optimizer plugin to the latest available version (at least 2.6.8)." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:kraken:kraken.io_image_optimizer:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "kraken-image-optimizer", | ||
"packageType": "wordpress-plugin", | ||
"product": "Kraken.io Image Optimizer", | ||
"repo": "https://plugins.svn.wordpress.org/kraken-image-optimizer", | ||
"vendor": "Karim Salman", | ||
"versions": [ | ||
{ | ||
"lessThan": "2.6.8", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2497837d-dec6-4a1d-be88-5c0e659eeb46?source=cve" | ||
} | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-23715", | ||
"description": "Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/jobboardwp/vulnerability/wordpress-jobboardwp-job-board-listings-and-submissions-plugin-1-2-2-idor-leading-to-job-removal-vulnerability?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"Update the WordPress JobBoardWP – Job Board Listings and Submissions plugin to the latest available version (at least 1.2.3)." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:ultimatemember:jobboardwp:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "jobboardwp", | ||
"packageType": "wordpress-plugin", | ||
"product": "JobBoardWP – Job Board Listings and Submissions", | ||
"repo": "https://plugins.svn.wordpress.org/jobboardwp", | ||
"vendor": "JobBoardWP", | ||
"versions": [ | ||
{ | ||
"lessThan": "1.2.3", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50cc1a15-bb73-4c60-b610-e0c3bf1ef841?source=cve" | ||
} | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-23726", | ||
"description": "Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera allows Cross Site Request Forgery.This issue affects Tickera: from n/a through 3.5.1.0.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/tickera-event-ticketing-system/vulnerability/wordpress-tickera-wordpress-event-ticketing-plugin-3-5-1-0-csrf-leading-to-post-status-change-vulnerability?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"Update the WordPress Tickera plugin to the latest available version (at least 3.5.1.1)." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:tickera:tickera:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "tickera-event-ticketing-system", | ||
"packageType": "wordpress-plugin", | ||
"product": "Tickera", | ||
"repo": "https://plugins.svn.wordpress.org/tickera-event-ticketing-system", | ||
"vendor": "Tickera.com", | ||
"versions": [ | ||
{ | ||
"lessThan": "3.5.1.1", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb0f8a0c-d02f-46e2-8808-3ffada105d13?source=cve" | ||
} | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-23814", | ||
"description": "Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar : from n/a through 1.4.13.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/cp-multi-view-calendar/vulnerability/wordpress-calendar-event-multi-view-plugin-1-4-13-broken-access-control-vulnerability?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"Update the WordPress CP Multi View Event Calendar plugin to the latest available version (at least 1.4.15)." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:cp_multi_view_event_calendar_project:cp_multi_view_event_calendar:*:*:*:*:wordpress:wordpress:*:*", | ||
"cpe:2.3:a:dwbooster:calendar_event_multi_view:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "cp-multi-view-calendar", | ||
"packageType": "wordpress-plugin", | ||
"product": "CP Multi View Event Calendar", | ||
"repo": "https://plugins.svn.wordpress.org/cp-multi-view-calendar", | ||
"vendor": "CodePeople", | ||
"versions": [ | ||
{ | ||
"lessThan": "1.4.15", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13d0eb8a-5b63-460e-b4ba-a3ed80c84fc2?source=cve" | ||
} | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-23823", | ||
"description": "Missing Authorization vulnerability in Clever Widgets Enhanced Text Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Enhanced Text Widget: from n/a through 1.5.8.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/enhanced-text-widget/vulnerability/wordpress-enhanced-text-widget-plugin-1-5-7-broken-access-control-vulnerability?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"No patched version is available. No reply from the vendor." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:themecheck:enhanced_text_widget:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "enhanced-text-widget", | ||
"packageType": "wordpress-plugin", | ||
"product": "Enhanced Text Widget", | ||
"repo": "https://plugins.svn.wordpress.org/enhanced-text-widget", | ||
"vendor": "Clever Widgets", | ||
"versions": [ | ||
{ | ||
"lessThan": "1.5.9", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7487f72c-9852-4651-a848-239d4882bbf8?source=cve" | ||
} | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"additionalMetadata": { | ||
"cna": "patchstack", | ||
"cveId": "CVE-2023-23825", | ||
"description": "Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.", | ||
"reason": "Added CPE configurations because not yet analyzed by NVD.", | ||
"references": [ | ||
"https://patchstack.com/database/wordpress/plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-broken-access-control-csrf-on-import-wpforms-vulnerability?_s_id=cve" | ||
], | ||
"solutions": [ | ||
"Update the WordPress Gutenberg Blocks plugin to the latest available version (at least 2.3.1)." | ||
] | ||
}, | ||
"adp": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"cpes": [ | ||
"cpe:2.3:a:brainstormforce:spectra:*:*:*:*:*:wordpress:*:*" | ||
], | ||
"packageName": "ultimate-addons-for-gutenberg", | ||
"packageType": "wordpress-plugin", | ||
"product": "Spectra", | ||
"repo": "https://plugins.svn.wordpress.org/ultimate-addons-for-gutenberg", | ||
"vendor": "Brainstorm Force", | ||
"versions": [ | ||
{ | ||
"lessThan": "2.3.2", | ||
"status": "affected", | ||
"version": "0", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "00000000-0000-4000-8000-000000000000", | ||
"shortName": "anchoreadp" | ||
}, | ||
"references": [ | ||
{ | ||
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b225e5e-7207-4af4-b023-ad23fd540d56?source=cve" | ||
} | ||
] | ||
} | ||
} |
Oops, something went wrong.