From 81ff4549b4f52149002ae8cf13f4aba1004927a1 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Wed, 5 Jun 2024 09:35:05 +0100 Subject: [PATCH] patchstack 2024-06-05 Signed-off-by: Weston Steimel --- data/anchore/2023/CVE-2023-28494.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-33930.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-37865.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-38520.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-40332.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-44235.json | 41 ++++++++++++++++++++++ data/anchore/2023/CVE-2023-45635.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-46310.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47189.json | 45 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47513.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47769.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47818.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-47837.json | 40 ++++++++++++++++++++++ data/anchore/2023/CVE-2023-48271.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-48276.json | 41 ++++++++++++++++++++++ data/anchore/2023/CVE-2023-48290.json | 45 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-48318.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-48747.json | 45 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-48753.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-49741.json | 41 ++++++++++++++++++++++ data/anchore/2023/CVE-2023-49748.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-49774.json | 45 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-49822.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51511.json | 49 +++++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51543.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51544.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-51667.json | 44 ++++++++++++++++++++++++ data/anchore/2023/CVE-2023-52147.json | 47 +++++++++++++++++++++++++ data/anchore/2023/CVE-2023-52176.json | 44 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-25095.json | 41 ++++++++++++++++++++++ data/anchore/2024/CVE-2024-30528.json | 44 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-33628.json | 39 +++++++++++++++++++++ data/anchore/2024/CVE-2024-34384.json | 45 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-35649.json | 39 +++++++++++++++++++++ data/anchore/2024/CVE-2024-35655.json | 36 ++++++++++++++++++++ data/anchore/2024/CVE-2024-35666.json | 36 ++++++++++++++++++++ data/anchore/2024/CVE-2024-35668.json | 39 +++++++++++++++++++++ data/anchore/2024/CVE-2024-35670.json | 39 +++++++++++++++++++++ data/anchore/2024/CVE-2024-36128.json | 4 +-- 39 files changed, 1635 insertions(+), 2 deletions(-) create mode 100644 data/anchore/2023/CVE-2023-28494.json create mode 100644 data/anchore/2023/CVE-2023-33930.json create mode 100644 data/anchore/2023/CVE-2023-37865.json create mode 100644 data/anchore/2023/CVE-2023-38520.json create mode 100644 data/anchore/2023/CVE-2023-40332.json create mode 100644 data/anchore/2023/CVE-2023-44235.json create mode 100644 data/anchore/2023/CVE-2023-45635.json create mode 100644 data/anchore/2023/CVE-2023-46310.json create mode 100644 data/anchore/2023/CVE-2023-47189.json create mode 100644 data/anchore/2023/CVE-2023-47513.json create mode 100644 data/anchore/2023/CVE-2023-47769.json create mode 100644 data/anchore/2023/CVE-2023-47818.json create mode 100644 data/anchore/2023/CVE-2023-47837.json create mode 100644 data/anchore/2023/CVE-2023-48271.json create mode 100644 data/anchore/2023/CVE-2023-48276.json create mode 100644 data/anchore/2023/CVE-2023-48290.json create mode 100644 data/anchore/2023/CVE-2023-48318.json create mode 100644 data/anchore/2023/CVE-2023-48747.json create mode 100644 data/anchore/2023/CVE-2023-48753.json create mode 100644 data/anchore/2023/CVE-2023-49741.json create mode 100644 data/anchore/2023/CVE-2023-49748.json create mode 100644 data/anchore/2023/CVE-2023-49774.json create mode 100644 data/anchore/2023/CVE-2023-49822.json create mode 100644 data/anchore/2023/CVE-2023-51511.json create mode 100644 data/anchore/2023/CVE-2023-51543.json create mode 100644 data/anchore/2023/CVE-2023-51544.json create mode 100644 data/anchore/2023/CVE-2023-51667.json create mode 100644 data/anchore/2023/CVE-2023-52147.json create mode 100644 data/anchore/2023/CVE-2023-52176.json create mode 100644 data/anchore/2024/CVE-2024-25095.json create mode 100644 data/anchore/2024/CVE-2024-30528.json create mode 100644 data/anchore/2024/CVE-2024-33628.json create mode 100644 data/anchore/2024/CVE-2024-34384.json create mode 100644 data/anchore/2024/CVE-2024-35649.json create mode 100644 data/anchore/2024/CVE-2024-35655.json create mode 100644 data/anchore/2024/CVE-2024-35666.json create mode 100644 data/anchore/2024/CVE-2024-35668.json create mode 100644 data/anchore/2024/CVE-2024-35670.json diff --git a/data/anchore/2023/CVE-2023-28494.json b/data/anchore/2023/CVE-2023-28494.json new file mode 100644 index 00000000..33319e3f --- /dev/null +++ b/data/anchore/2023/CVE-2023-28494.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-28494", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/contact-form-to-email/wordpress-contact-form-email-plugin-1-3-31-missing-authorization-leading-to-feedback-submission-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.32 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:codepeople:contact_form_email:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "contact-form-to-email", + "product": "Contact Form Email", + "repo": "https://plugins.svn.wordpress.org/contact-form-to-email", + "vendor": "CodePeople", + "versions": [ + { + "lessThan": "1.3.32", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9596c243-4099-420a-aa2a-381b6299f927?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-33930.json b/data/anchore/2023/CVE-2023-33930.json new file mode 100644 index 00000000..2f4ae914 --- /dev/null +++ b/data/anchore/2023/CVE-2023-33930.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-33930", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/unlimited-elements-for-elementor/wordpress-unlimited-elements-for-elementor-plugin-1-5-66-unrestricted-zip-extraction-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.5.67 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:unlimited-elements:unlimited_elements_for_elementor_\\(free_widgets\\,_addons\\,_templates\\):*:*:*:*:*:wordpress:*:*" + ], + "packageName": "unlimited-elements-for-elementor", + "product": "Unlimited Elements For Elementor (Free Widgets, Addons, Templates)", + "repo": "https://plugins.svn.wordpress.org/unlimited-elements-for-elementor", + "vendor": "Unlimited Elements", + "versions": [ + { + "lessThan": "1.5.67", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f600361c-cf7a-498c-aa3d-beeb28d27101?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-37865.json b/data/anchore/2023/CVE-2023-37865.json new file mode 100644 index 00000000..e39e004d --- /dev/null +++ b/data/anchore/2023/CVE-2023-37865.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-37865", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ip2location-country-blocker/wordpress-ip2location-country-blocker-plugin-2-29-1-ip-bypass-vulnerability-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.29.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ip2location:country_blocker:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ip2location-country-blocker", + "product": "Download IP2Location Country Blocker", + "repo": "https://plugins.svn.wordpress.org/ip2location-country-blocker", + "vendor": "IP2Location", + "versions": [ + { + "lessThan": "2.29.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/814fd060-8781-46ad-86e6-e2b75a7fffc0?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-38520.json b/data/anchore/2023/CVE-2023-38520.json new file mode 100644 index 00000000..cd309ee7 --- /dev/null +++ b/data/anchore/2023/CVE-2023-38520.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-38520", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/booking-system/wordpress-pinpoint-booking-system-plugin-2-9-9-3-4-parameter-tampering?_s_id=cve" + ], + "solutions": [ + "Update to 2.9.9.3.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pinpoint:pinpoint_booking_system:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "booking-system", + "product": "Pinpoint Booking System", + "repo": "https://plugins.svn.wordpress.org/booking-system", + "vendor": "PINPOINT.WORLD", + "versions": [ + { + "lessThan": "2.9.9.3.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6ad895db-5fe9-419b-8884-9a840bd350f6?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-40332.json b/data/anchore/2023/CVE-2023-40332.json new file mode 100644 index 00000000..b7d8103b --- /dev/null +++ b/data/anchore/2023/CVE-2023-40332.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-40332", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-postratings/wordpress-wp-postratings-plugin-1-91-rating-limit-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.91.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:lesterchan:wp-postratings:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-postratings", + "product": "WP-PostRatings", + "repo": "https://plugins.svn.wordpress.org/wp-postratings", + "vendor": "Lester ‘GaMerZ’ Chan", + "versions": [ + { + "lessThan": "1.91.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6aed9434-1681-47d6-bbc1-0815db548a24?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-44235.json b/data/anchore/2023/CVE-2023-44235.json new file mode 100644 index 00000000..b9947467 --- /dev/null +++ b/data/anchore/2023/CVE-2023-44235.json @@ -0,0 +1,41 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-44235", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-captcha/wordpress-wp-captcha-plugin-2-0-0-captcha-bypass-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:devnath_verma:wp_captcha:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-captcha", + "product": "WP Captcha", + "repo": "https://plugins.svn.wordpress.org/wp-captcha", + "vendor": "Devnath verma", + "versions": [ + { + "lessThanOrEqual": "2.0.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9bc2a04c-7b7c-483f-b81b-97a7caac179c?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-45635.json b/data/anchore/2023/CVE-2023-45635.json new file mode 100644 index 00000000..1f810c80 --- /dev/null +++ b/data/anchore/2023/CVE-2023-45635.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-45635", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/responsive-tabs/wordpress-responsive-tabs-plugin-4-0-6-html-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.0.6 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpdarko:responsive_tabs:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "responsive-tabs", + "product": "Responsive Tabs", + "repo": "https://plugins.svn.wordpress.org/responsive-tabs", + "vendor": "WP Darko", + "versions": [ + { + "lessThan": "4.0.6", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9af12ac-68ef-4c65-aecb-82ce7b927340?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-46310.json b/data/anchore/2023/CVE-2023-46310.json new file mode 100644 index 00000000..6ee2304d --- /dev/null +++ b/data/anchore/2023/CVE-2023-46310.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-46310", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wpdiscuz/wordpress-wpdiscuz-plugin-7-6-10-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.6.11 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:gvectors:wpdiscuz:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wpdiscuz", + "product": "wpDiscuz", + "repo": "https://plugins.svn.wordpress.org/wpdiscuz", + "vendor": "gVectors Team", + "versions": [ + { + "lessThan": "7.6.11", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6fa1299e-308e-47ea-843c-c76b8a412ce9?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47189.json b/data/anchore/2023/CVE-2023-47189.json new file mode 100644 index 00000000..b6096230 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47189.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47189", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/defender-security/wordpress-defender-securit-plugin-4-2-0-masked-login-area-view-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.2.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wmpudev:defender_security:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "defender-security", + "product": "Defender Security", + "repo": "https://plugins.svn.wordpress.org/defender-security", + "vendor": "WPMU DEV", + "versions": [ + { + "lessThan": "4.2.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/66122be6-7c28-44cc-a8dd-7b2ec64346f7?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47513.json b/data/anchore/2023/CVE-2023-47513.json new file mode 100644 index 00000000..c5d68189 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47513.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47513", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-wordpress-quizzes-builder-plugin-1-2-32-content-injection-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:ari-soft:ari_stream_quiz:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ari-stream-quiz", + "product": "ARI Stream Quiz", + "repo": "https://plugins.svn.wordpress.org/ari-stream-quiz", + "vendor": "ARI Soft", + "versions": [ + { + "lessThan": "1.3.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fa6fc22e-0d30-4c4b-8c8d-13f04ed1aa7c?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47769.json b/data/anchore/2023/CVE-2023-47769.json new file mode 100644 index 00000000..f14e06f4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47769.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47769", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-maintenance/wordpress-wp-maintenance-plugin-6-1-3-ip-filtering-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 6.1.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wp_maintenance_project:wp_maintenance:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-maintenance", + "product": "WP Maintenance", + "repo": "https://plugins.svn.wordpress.org/wp-maintenance", + "vendor": "Florent Maillefaud", + "versions": [ + { + "lessThan": "6.1.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87a1cc00-330c-40c3-a174-8ea50075c4bd?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47818.json b/data/anchore/2023/CVE-2023-47818.json new file mode 100644 index 00000000..534aaad8 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47818.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47818", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/lws-hide-login/wordpress-lws-hide-login-plugin-2-1-8-secret-login-page-location-disclosure-on-multisites-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 2.1.9 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:lws:lws_hide_login:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "lws-hide-login", + "product": "LWS Hide Login", + "repo": "https://plugins.svn.wordpress.org/lws-hide-login", + "vendor": "LWS", + "versions": [ + { + "lessThan": "2.1.9", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/532cffdb-16e8-4ced-9477-483c96db343c?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-47837.json b/data/anchore/2023/CVE-2023-47837.json new file mode 100644 index 00000000..9c39a405 --- /dev/null +++ b/data/anchore/2023/CVE-2023-47837.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-47837", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-plugin-4-0-10-membership-plan-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.0.11 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:armemberplugin:armember:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:reputeinfosystems:armember:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "armember-membership", + "product": "ARMember", + "repo": "https://plugins.svn.wordpress.org/armember-membership", + "vendor": "Repute Infosystems", + "versions": [ + { + "lessThan": "4.0.11", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48271.json b/data/anchore/2023/CVE-2023-48271.json new file mode 100644 index 00000000..c10eed73 --- /dev/null +++ b/data/anchore/2023/CVE-2023-48271.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48271", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/contact-forms-anti-spam/wordpress-maspik-spam-blacklist-plugin-0-9-2-ip-filtering-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 0.10.4 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpmaspik:maspik:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "contact-forms-anti-spam", + "product": "Maspik – Spam blacklist", + "repo": "https://plugins.svn.wordpress.org/contact-forms-anti-spam", + "vendor": "yonifre", + "versions": [ + { + "lessThan": "0.10.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3a8273e-2439-4138-941e-379d130e0c74?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48276.json b/data/anchore/2023/CVE-2023-48276.json new file mode 100644 index 00000000..e1e92797 --- /dev/null +++ b/data/anchore/2023/CVE-2023-48276.json @@ -0,0 +1,41 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48276", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-forms-puzzle-captcha/wordpress-wp-forms-puzzle-captcha-plugin-4-1-captcha-bypass-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:nitinrathod:wp_forms_puzzle_captcha:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-forms-puzzle-captcha", + "product": "WP Forms Puzzle Captcha", + "repo": "https://plugins.svn.wordpress.org/wp-forms-puzzle-captcha", + "vendor": "Nitin Rathod", + "versions": [ + { + "lessThanOrEqual": "4.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/58502e48-c1cf-4b94-954c-71046256c917?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48290.json b/data/anchore/2023/CVE-2023-48290.json new file mode 100644 index 00000000..cc2568bd --- /dev/null +++ b/data/anchore/2023/CVE-2023-48290.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48290", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/form-maker/wordpress-form-maker-by-10web-plugin-1-15-20-captcha-bypass-vulnerability-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.15.21 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:10web:form_maker:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:web-dorado:form_maker:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "form-maker", + "product": "Form Maker by 10Web", + "repo": "https://plugins.svn.wordpress.org/form-maker", + "vendor": "10Web Form Builder Team", + "versions": [ + { + "lessThan": "1.15.21", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/46525a06-f3a4-4c78-ba32-4b937e1dbac6?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48318.json b/data/anchore/2023/CVE-2023-48318.json new file mode 100644 index 00000000..a58e44c9 --- /dev/null +++ b/data/anchore/2023/CVE-2023-48318.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48318", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/contact-form-to-email/wordpress-contact-form-email-plugin-1-3-41-captcha-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.42 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:codepeople:contact_form_email:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "contact-form-to-email", + "product": "Contact Form Email", + "repo": "https://plugins.svn.wordpress.org/contact-form-to-email", + "vendor": "CodePeople", + "versions": [ + { + "lessThan": "1.3.42", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b637ebfd-c273-428b-985c-6f5b6a03f263?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48747.json b/data/anchore/2023/CVE-2023-48747.json new file mode 100644 index 00000000..ed03fbba --- /dev/null +++ b/data/anchore/2023/CVE-2023-48747.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48747", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/woocommerce-jetpack/wordpress-booster-for-woocommerce-plugin-7-1-2-authenticated-production-creation-modification-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.1.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:elite:wordpress:*:*" + ], + "packageName": "woocommerce-jetpack", + "product": "Booster for WooCommerce", + "repo": "https://plugins.svn.wordpress.org/woocommerce-jetpack", + "vendor": "Pluggabl LLC", + "versions": [ + { + "lessThan": "7.1.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/00ec2f57-48ee-49ea-ae8f-e7b24bf4535c?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-48753.json b/data/anchore/2023/CVE-2023-48753.json new file mode 100644 index 00000000..b80751d4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-48753.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-48753", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/restricted-site-access/wordpress-restricted-site-access-plugin-7-4-1-ip-restriction-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.5.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:10up:restricted_site_access:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "restricted-site-access", + "product": "Restricted Site Access", + "repo": "https://plugins.svn.wordpress.org/restricted-site-access", + "vendor": "10up", + "versions": [ + { + "lessThan": "7.5.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/804169d3-a53a-42ba-821d-e9647ac075c4?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-49741.json b/data/anchore/2023/CVE-2023-49741.json new file mode 100644 index 00000000..87eaf109 --- /dev/null +++ b/data/anchore/2023/CVE-2023-49741.json @@ -0,0 +1,41 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-49741", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/coming-soon-page/wordpress-coming-soon-and-maintenance-mode-plugin-3-7-3-ip-filtering-bypass-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpdevart:coming_soon_and_maintenance_mode:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "coming-soon-page", + "product": "Coming soon and Maintenance mode", + "repo": "https://plugins.svn.wordpress.org/coming-soon-page", + "vendor": "wpdevart", + "versions": [ + { + "lessThanOrEqual": "3.7.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9fd9c076-d36c-4cda-b636-aa65195956d2?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-49748.json b/data/anchore/2023/CVE-2023-49748.json new file mode 100644 index 00000000..7dbef75d --- /dev/null +++ b/data/anchore/2023/CVE-2023-49748.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-49748", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wps-hide-login/wordpress-wps-hide-login-plugin-1-9-11-secret-login-page-location-disclosure-on-multisites-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.9.12 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wpserveur:wps_hide_login:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wps-hide-login", + "product": "WPS Hide Login", + "repo": "https://plugins.svn.wordpress.org/wps-hide-login", + "vendor": "WPServeur, NicolasKulka, wpformation", + "versions": [ + { + "lessThan": "1.9.12", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bb81e90f-8da4-483c-9bc1-18b6c016df5e?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-49774.json b/data/anchore/2023/CVE-2023-49774.json new file mode 100644 index 00000000..ba53bb82 --- /dev/null +++ b/data/anchore/2023/CVE-2023-49774.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-49774", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-5-02-005-ip-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 8.6.01.005 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:wp_photo_album_plus_project:wp_photo_album_plus:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:wppa.opajaap:wp-photo-album-plus:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "wp-photo-album-plus", + "product": "WP Photo Album Plus", + "repo": "https://plugins.svn.wordpress.org/wp-photo-album-plus", + "vendor": "J.N. Breetvelt a.k.a. OpaJaap", + "versions": [ + { + "lessThan": "8.6.01.005", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/017fe804-a1a5-4f8d-a531-e928d668dbc4?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-49822.json b/data/anchore/2023/CVE-2023-49822.json new file mode 100644 index 00000000..69dc7f09 --- /dev/null +++ b/data/anchore/2023/CVE-2023-49822.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-49822", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/ultimate-dashboard/wordpress-ultimate-dashboard-plugin-3-7-10-secret-login-page-location-disclosure-on-multisites-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.7.11 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:davidvongries:ultimate_dashboard:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "ultimate-dashboard", + "product": "Ultimate Dashboard", + "repo": "https://plugins.svn.wordpress.org/ultimate-dashboard", + "vendor": "David Vongries", + "versions": [ + { + "lessThan": "3.7.11", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/56f3cb34-0452-4e3d-9442-0decc77f5e63?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51511.json b/data/anchore/2023/CVE-2023-51511.json new file mode 100644 index 00000000..1f8386af --- /dev/null +++ b/data/anchore/2023/CVE-2023-51511.json @@ -0,0 +1,49 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51511", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/booster-elite-for-woocommerce/wordpress-booster-elite-for-woocommerce-plugin-7-1-3-authenticated-production-creation-modification-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 7.1.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:booster:booster_elite_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:booster:booster_elite_woocommerce:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:elite:wordpress:*:*", + "cpe:2.3:a:booster:booster_plus_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:booster:booster_plus_woocommerce:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "woocommerce-jetpack", + "product": "Booster Elite for WooCommerce", + "repo": "https://plugins.svn.wordpress.org/woocommerce-jetpack", + "vendor": "Pluggabl LLC", + "versions": [ + { + "lessThan": "7.1.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/995a086a-4795-4092-823c-b941445dc361?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51543.json b/data/anchore/2023/CVE-2023-51543.json new file mode 100644 index 00000000..78bf3672 --- /dev/null +++ b/data/anchore/2023/CVE-2023-51543.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51543", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-plugin-5-2-5-0-ip-limit-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.2.5.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "custom-registration-form-builder-with-submission-manager", + "product": "RegistrationMagic", + "repo": "https://plugins.svn.wordpress.org/custom-registration-form-builder-with-submission-manager", + "vendor": "Metagauss", + "versions": [ + { + "lessThan": "5.2.5.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4b37b57c-4a11-4971-b38f-12c70d71b76b?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51544.json b/data/anchore/2023/CVE-2023-51544.json new file mode 100644 index 00000000..9286494a --- /dev/null +++ b/data/anchore/2023/CVE-2023-51544.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51544", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-plugin-5-2-5-0-form-submission-limit-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.2.5.1 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "custom-registration-form-builder-with-submission-manager", + "product": "RegistrationMagic", + "repo": "https://plugins.svn.wordpress.org/custom-registration-form-builder-with-submission-manager", + "vendor": "Metagauss", + "versions": [ + { + "lessThan": "5.2.5.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86ebb3d1-5fd1-48cb-95b7-f82014323f01?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-51667.json b/data/anchore/2023/CVE-2023-51667.json new file mode 100644 index 00000000..7aee3e74 --- /dev/null +++ b/data/anchore/2023/CVE-2023-51667.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-51667", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-4-2-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.4.3 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:blazzdev:rate_my_post:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "rate-my-post", + "product": "Rate my Post – WP Rating System", + "repo": "https://plugins.svn.wordpress.org/rate-my-post", + "vendor": "FeedbackWP", + "versions": [ + { + "lessThan": "3.4.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d24aa7e-bbf1-4a54-b53b-7a37e613e0e6?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-52147.json b/data/anchore/2023/CVE-2023-52147.json new file mode 100644 index 00000000..3ab819f6 --- /dev/null +++ b/data/anchore/2023/CVE-2023-52147.json @@ -0,0 +1,47 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-52147", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/all-in-one-wp-security-and-firewall/wordpress-all-in-one-security-aios-plugin-5-2-4-secret-login-page-location-disclosure-on-multisites-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 5.2.5 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:tips_and_tricks_hq:all_in_one_wordpress_security_and_firewall:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:tipsandtricks-hq:all_in_one_wp_security_\\&_firewall:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:tipsandtricks-hq:wp_security_\\&_firewall:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:updraftplus:all-in-one_security:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "all-in-one-wp-security-and-firewall", + "product": "All In One WP Security & Firewall", + "repo": "https://plugins.svn.wordpress.org/all-in-one-wp-security-and-firewall", + "vendor": "All In One WP Security & Firewall Team", + "versions": [ + { + "lessThan": "5.2.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/63fc381e-ce72-4c90-bb35-daba520be40d?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-52176.json b/data/anchore/2023/CVE-2023-52176.json new file mode 100644 index 00000000..80887308 --- /dev/null +++ b/data/anchore/2023/CVE-2023-52176.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2023-52176", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/miniorange-malware-protection/wordpress-malware-scanner-plugin-4-7-1-ip-restriction-bypass-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.7.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:miniorange:malware_scanner:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "miniorange-malware-protection", + "product": "Malware Scanner", + "repo": "https://plugins.svn.wordpress.org/miniorange-malware-protection", + "vendor": "miniorange", + "versions": [ + { + "lessThan": "4.7.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb19fd06-7b2c-41a1-a470-230da7ce944d?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-25095.json b/data/anchore/2024/CVE-2024-25095.json new file mode 100644 index 00000000..3b80fe8a --- /dev/null +++ b/data/anchore/2024/CVE-2024-25095.json @@ -0,0 +1,41 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-25095", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/yikes-inc-easy-mailchimp-extender/wordpress-easy-forms-for-mailchimp-plugin-6-8-10-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:yikesinc:easy_forms_for_mailchimp:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "yikes-inc-easy-mailchimp-extender", + "product": "Easy Forms for Mailchimp", + "repo": "https://plugins.svn.wordpress.org/yikes-inc-easy-mailchimp-extender", + "vendor": "Code Parrots", + "versions": [ + { + "lessThanOrEqual": "6.9.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc07bcec-f822-492a-b73d-79e791907dd1?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-30528.json b/data/anchore/2024/CVE-2024-30528.json new file mode 100644 index 00000000..62677bf0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-30528.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-30528", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-10-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 4.9.11 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:spiffyplugins:spiffy_calendar:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "spiffy-calendar", + "product": "Spiffy Calendar", + "repo": "https://plugins.svn.wordpress.org/spiffy-calendar", + "vendor": "Spiffy Plugins", + "versions": [ + { + "lessThan": "4.9.11", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/114e8ba9-b6b0-4b54-982c-8e9efaa616c7?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-33628.json b/data/anchore/2024/CVE-2024-33628.json new file mode 100644 index 00000000..677b9a56 --- /dev/null +++ b/data/anchore/2024/CVE-2024-33628.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-33628", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/xforwoocommerce/wordpress-xforwoocommerce-plugin-2-0-2-authenticated-local-file-inclusion-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:xforwoocommerce:product_loops:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:xforwoocommerce:xforwoocommerce:*:*:*:*:*:wordpress:*:*" + ], + "product": "XforWooCommerce", + "vendor": "XforWooCommerce", + "versions": [ + { + "lessThanOrEqual": "2.0.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5de8b93a-d7b1-4679-8c3c-2ac099a1f58f?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34384.json b/data/anchore/2024/CVE-2024-34384.json new file mode 100644 index 00000000..3e198838 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34384.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-34384", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/sina-extension-for-elementor/wordpress-sina-extension-for-elementor-plugin-3-5-1-local-file-inclusion-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.5.2 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:shaosina:sina_extension_for_elementor:*:*:*:*:*:wordpress:*:*", + "cpe:2.3:a:sinaextra:sina_extension_for_elementor:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "sina-extension-for-elementor", + "product": "Sina Extension for Elementor", + "repo": "https://plugins.svn.wordpress.org/sina-extension-for-elementor", + "vendor": "SinaExtra", + "versions": [ + { + "lessThan": "3.5.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + }, + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db4616f7-e685-4dc7-947c-23c378a9bdd6?source=cve" + } + ] + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35649.json b/data/anchore/2024/CVE-2024-35649.json new file mode 100644 index 00000000..d41ada50 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35649.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35649", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/save-as-pdf-by-pdfcrowd/wordpress-save-as-pdf-plugin-by-pdfcrowd-plugin-3-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.3.0 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pdfcrowd:save_as_pdf:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "save-as-pdf-by-pdfcrowd", + "product": "Save as PDF plugin by Pdfcrowd", + "repo": "https://plugins.svn.wordpress.org/save-as-pdf-by-pdfcrowd", + "vendor": "Pdfcrowd", + "versions": [ + { + "lessThan": "3.3.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35655.json b/data/anchore/2024/CVE-2024-35655.json new file mode 100644 index 00000000..f3d6dfa2 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35655.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35655", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/brave-popup-builder/wordpress-brave-interactive-content-plugin-0-6-8-cross-site-scripting-xss-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:getbrave:brave:*:*:*:*:wordpress:*:*:*" + ], + "packageName": "brave-popup-builder", + "product": "Brave Popup Builder", + "repo": "https://plugins.svn.wordpress.org/brave-popup-builder", + "vendor": "Brave", + "versions": [ + { + "lessThanOrEqual": "0.6.8", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35666.json b/data/anchore/2024/CVE-2024-35666.json new file mode 100644 index 00000000..3f648a71 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35666.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35666", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/themesflat-addons-for-elementor/wordpress-themesflat-addons-for-elementor-plugin-2-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:themesflat:themesflat_addons_for_elementor:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "themesflat-addons-for-elementor", + "product": "Themesflat Addons For Elementor", + "repo": "https://plugins.svn.wordpress.org/themesflat-addons-for-elementor", + "vendor": "Themesflat", + "versions": [ + { + "lessThanOrEqual": "2.1.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35668.json b/data/anchore/2024/CVE-2024-35668.json new file mode 100644 index 00000000..051ee06d --- /dev/null +++ b/data/anchore/2024/CVE-2024-35668.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35668", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/mailin/wordpress-newsletter-smtp-email-marketing-and-subscribe-forms-by-brevo-plugin-3-1-77-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 3.1.78 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:sendinblue:newsletter\\,_smtp\\,_email_marketing_and_subscribe:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "mailin", + "product": "Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue", + "repo": "https://plugins.svn.wordpress.org/mailin", + "vendor": "Brevo", + "versions": [ + { + "lessThan": "3.1.78", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35670.json b/data/anchore/2024/CVE-2024-35670.json new file mode 100644 index 00000000..3c90d735 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35670.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "patchstack", + "cveId": "CVE-2024-35670", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve" + ], + "solutions": [ + "Update to 1.3.94 or a higher version." + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "integrate-google-drive", + "product": "Integrate Google Drive", + "repo": "https://plugins.svn.wordpress.org/integrate-google-drive", + "vendor": "SoftLab", + "versions": [ + { + "lessThan": "1.3.94", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-36128.json b/data/anchore/2024/CVE-2024-36128.json index 3b1d9958..fdfb8fe2 100644 --- a/data/anchore/2024/CVE-2024-36128.json +++ b/data/anchore/2024/CVE-2024-36128.json @@ -11,12 +11,12 @@ "adp": { "affected": [ { - "collectionURL": "https://github.com", + "collectionURL": "https://registry.npmjs.org", "cpes": [ "cpe:2.3:a:monospace:directus:*:*:*:*:*:node.js:*:*", "cpe:2.3:a:rangerstudio:directus:*:*:*:*:*:*:*:*" ], - "packageName": "directus/directus", + "packageName": "directus", "product": "directus", "repo": "https://github.com/directus/directus", "vendor": "directus",