new patchstack vuln records

Signed-off-by: Weston Steimel <[email protected]>
anchore · May 23, 2024 · 7313c3a · 7313c3a
1 parent f6e25d0
commit 7313c3a
Show file tree

Hide file tree

Showing 121 changed files with 4,675 additions and 0 deletions.
diff --git a/data/anchore/2022/CVE-2022-44581.json b/data/anchore/2022/CVE-2022-44581.json
@@ -0,0 +1,40 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2022-44581",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/defender-security/wordpress-defender-security-plugin-3-3-2-broken-authentication-vulnerability?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 3.3.3 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:wmpudev:defender_security:*:*:*:*:*:wordpress:*:*",
+          "cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "defender-security",
+        "product": "Defender Security",
+        "repo": "https://plugins.svn.wordpress.org/defender-security",
+        "vendor": "WPMU DEV",
+        "versions": [
+          {
+            "lessThan": "3.3.3",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2022/CVE-2022-45368.json b/data/anchore/2022/CVE-2022-45368.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2022-45368",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/1003-mortgage-application/wordpress-1003-mortgage-application-plugin-1-73-local-file-inclusion?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 1.80 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:lenderd:1003_mortgage_application:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "1003-mortgage-application",
+        "product": "1003 Mortgage Application",
+        "repo": "https://plugins.svn.wordpress.org/1003-mortgage-application",
+        "vendor": "Lenderd",
+        "versions": [
+          {
+            "lessThan": "1.80",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2022/CVE-2022-45374.json b/data/anchore/2022/CVE-2022-45374.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2022-45374",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/yet-another-related-posts-plugin/wordpress-yet-another-related-posts-plugin-yarpp-plugin-5-30-2-local-file-inclusion?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 5.30.5 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:yarpp:yet_another_related_posts_plugin:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "yet-another-related-posts-plugin",
+        "product": "YARPP",
+        "repo": "https://plugins.svn.wordpress.org/yet-another-related-posts-plugin",
+        "vendor": "YARPP",
+        "versions": [
+          {
+            "lessThan": "5.30.5",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2023/CVE-2023-23645.json b/data/anchore/2023/CVE-2023-23645.json
@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2023-23645",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/mainwp-code-snippets-extension/wordpress-mainwp-code-snippets-extension-plugin-4-0-2-subscriber-arbitrary-php-code-injection-execution-vulnerability?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 4.0.3 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:mainwp:code_snippets_extension:*:*:*:*:*:wordpress:*:*"
+        ],
+        "product": "MainWP Code Snippets Extension",
+        "vendor": "MainWP",
+        "versions": [
+          {
+            "lessThan": "4.0.3",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2023/CVE-2023-23872.json b/data/anchore/2023/CVE-2023-23872.json
@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2023-23872",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/gmace/wordpress-gmace-plugin-1-5-2-arbitrary-file-download-vulnerability?_s_id=cve"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:gmace_project:gmace:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "gmace",
+        "product": "GMAce",
+        "repo": "https://plugins.svn.wordpress.org/gmace",
+        "vendor": "German Mesky",
+        "versions": [
+          {
+            "lessThanOrEqual": "1.5.2",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2023/CVE-2023-23888.json b/data/anchore/2023/CVE-2023-23888.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2023-23888",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/seo-by-rank-math/wordpress-rank-math-seo-plugin-1-0-107-2-local-file-inclusion-vulnerability?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 1.0.107.3 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:rankmath:seo:*:*:*:*:free:wordpress:*:*"
+        ],
+        "packageName": "seo-by-rank-math",
+        "product": "Rank Math SEO",
+        "repo": "https://plugins.svn.wordpress.org/seo-by-rank-math",
+        "vendor": "Rank Math",
+        "versions": [
+          {
+            "lessThan": "1.0.107.3",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2023/CVE-2023-23988.json b/data/anchore/2023/CVE-2023-23988.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2023-23988",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/my-tickets/wordpress-my-tickets-plugin-1-9-11-payment-bypass-vulnerability?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 1.9.12 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:my_tickets_project:my_tickets:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "my-tickets",
+        "product": "My Tickets",
+        "repo": "https://plugins.svn.wordpress.org/my-tickets",
+        "vendor": "Joseph C Dolson",
+        "versions": [
+          {
+            "lessThan": "1.9.12",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2023/CVE-2023-23990.json b/data/anchore/2023/CVE-2023-23990.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2023-23990",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-7-0-privilege-escalation-vulnerability?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 2.8.0 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "wpcf7-redirect",
+        "product": "Redirection for Contact Form 7",
+        "repo": "https://plugins.svn.wordpress.org/wpcf7-redirect",
+        "vendor": "Qube One Ltd.",
+        "versions": [
+          {
+            "lessThan": "2.8.0",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2023/CVE-2023-25050.json b/data/anchore/2023/CVE-2023-25050.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "patchstack",
+    "cveId": "CVE-2023-25050",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://patchstack.com/database/vulnerability/shortcodes-ultimate/wordpress-shortcodes-ultimate-plugin-5-12-6-arbitrary-file-download-vulnerability?_s_id=cve"
+    ],
+    "solutions": [
+      "Update to 5.12.7 or a higher version."
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://wordpress.org/plugins",
+        "cpes": [
+          "cpe:2.3:a:getshortcodes:shortcodes_ultimate:*:*:*:*:*:wordpress:*:*"
+        ],
+        "packageName": "shortcodes-ultimate",
+        "product": "Shortcodes Ultimate",
+        "repo": "https://plugins.svn.wordpress.org/shortcodes-ultimate",
+        "vendor": "Vova Anokhin",
+        "versions": [
+          {
+            "lessThan": "5.12.7",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}