Skip to content

Commit

Permalink
149 changes (149 new | 0 updated):
Browse files Browse the repository at this point in the history 
      - 149 new CVEs:  CVE-2023-44258, CVE-2023-44988, CVE-2023-45002, CVE-2023-45045, CVE-2023-45061, CVE-2023-45101, CVE-2023-45104, CVE-2023-45110, CVE-2023-45271, CVE-2023-45275, CVE-2023-45631, CVE-2023-45636, CVE-2023-45649, CVE-2023-45760, CVE-2023-45765, CVE-2023-45766, CVE-2023-45828, CVE-2023-46073, CVE-2023-46079, CVE-2023-46080, CVE-2023-46082, CVE-2023-46083, CVE-2023-46188, CVE-2023-46195, CVE-2023-46196, CVE-2023-46203, CVE-2023-46206, CVE-2023-46309, CVE-2023-46605, CVE-2023-46606, CVE-2023-46607, CVE-2023-46608, CVE-2023-46609, CVE-2023-46610, CVE-2023-46611, CVE-2023-46612, CVE-2023-46616, CVE-2023-46628, CVE-2023-46631, CVE-2023-46632, CVE-2023-46633, CVE-2023-46635, CVE-2023-46637, CVE-2023-46639, CVE-2023-46644, CVE-2023-47179, CVE-2023-47180, CVE-2023-47183, CVE-2023-47187, CVE-2023-47188, CVE-2023-47224, CVE-2023-47225, CVE-2023-47241, CVE-2023-47515, CVE-2023-47523, CVE-2023-47557, CVE-2023-47647, CVE-2023-47648, CVE-2023-47661, CVE-2023-47689, CVE-2023-47692, CVE-2023-47693, CVE-2024-13107, CVE-2024-37093, CVE-2024-37102, CVE-2024-37103, CVE-2024-37104, CVE-2024-37235, CVE-2024-37236, CVE-2024-37238, CVE-2024-37240, CVE-2024-37242, CVE-2024-37243, CVE-2024-37272, CVE-2024-37274, CVE-2024-37412, CVE-2024-37413, CVE-2024-37417, CVE-2024-37421, CVE-2024-37426, CVE-2024-37431, CVE-2024-37435, CVE-2024-37441, CVE-2024-37448, CVE-2024-37450, CVE-2024-37451, CVE-2024-37458, CVE-2024-37467, CVE-2024-37469, CVE-2024-37473, CVE-2024-37478, CVE-2024-37490, CVE-2024-37491, CVE-2024-37493, CVE-2024-37503, CVE-2024-37508, CVE-2024-37511, CVE-2024-37518, CVE-2024-37540, CVE-2024-37543, CVE-2024-37937, CVE-2024-38691, CVE-2024-38729, CVE-2024-38751, CVE-2024-38753, CVE-2024-38754, CVE-2024-38762, CVE-2024-38763, CVE-2024-38765, CVE-2024-38766, CVE-2024-38789, CVE-2024-38790, CVE-2024-43927, CVE-2024-56018, CVE-2024-56022, CVE-2024-56023, CVE-2024-56024, CVE-2024-56025, CVE-2024-56026, CVE-2024-56236, CVE-2024-56237, CVE-2024-56238, CVE-2024-56239, CVE-2024-56240, CVE-2024-56241, CVE-2024-56242, CVE-2024-56243, CVE-2024-56244, CVE-2024-56245, CVE-2024-56246, CVE-2024-56247, CVE-2024-56248, CVE-2024-56249, CVE-2024-56250, CVE-2024-56251, CVE-2024-56252, CVE-2024-56253, CVE-2024-56254, CVE-2024-56255, CVE-2024-56258, CVE-2024-56259, CVE-2024-56260, CVE-2024-56261, CVE-2024-56262, CVE-2024-56263, CVE-2024-56264, CVE-2024-56266, CVE-2024-56267, CVE-2024-56302
      - 0 updated CVEs:
  • Loading branch information
cvelistV5 Github Action committed Jan 2, 2025
1 parent f92bbaa commit 3698129
Show file tree
Hide file tree
Showing 151 changed files with 22,579 additions and 70 deletions.
142 changes: 142 additions & 0 deletions cves/2023/44xxx/CVE-2023-44258.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2023-44258",
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"state": "PUBLISHED",
"assignerShortName": "Patchstack",
"dateReserved": "2023-09-27T12:39:26.099Z",
"datePublished": "2025-01-02T11:59:46.069Z",
"dateUpdated": "2025-01-02T11:59:46.069Z"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack",
"dateUpdated": "2025-01-02T11:59:46.069Z"
},
"title": "WordPress Schema App Structured Data plugin <= 1.23.1 - Broken Access Control + CSRF vulnerability",
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"affected": [
{
"vendor": "Schema App",
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "schema-app-structured-data-for-schemaorg",
"product": "Schema App Structured Data",
"versions": [
{
"lessThanOrEqual": "1.23.1",
"status": "affected",
"version": "n/a",
"versionType": "custom",
"changes": [
{
"at": "1.23.2",
"status": "unaffected"
}
]
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Schema App Schema App Structured Data allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Schema App Structured Data: from n/a through 1.23.1.",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "<p>Missing Authorization vulnerability in Schema App Schema App Structured Data allows Exploiting Incorrectly Configured Access Control Security Levels.</p><p>This issue affects Schema App Structured Data: from n/a through 1.23.1.</p>"
}
]
}
],
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/schema-app-structured-data-for-schemaorg/vulnerability/wordpress-schema-app-structured-data-plugin-1-22-3-csrf-broken-access-control-vulnerability?_s_id=cve"
}
],
"metrics": [
{
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
],
"cvssV3_1": {
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"version": "3.1"
}
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No patched version is available. No reply from the vendor."
}
],
"value": "No patched version is available. No reply from the vendor."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rio Darmawan (Patchstack Alliance)"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
}
}
142 changes: 142 additions & 0 deletions cves/2023/44xxx/CVE-2023-44988.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"cveMetadata": {
"cveId": "CVE-2023-44988",
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"state": "PUBLISHED",
"assignerShortName": "Patchstack",
"dateReserved": "2023-10-02T09:38:08.907Z",
"datePublished": "2025-01-02T11:59:46.731Z",
"dateUpdated": "2025-01-02T11:59:46.731Z"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack",
"dateUpdated": "2025-01-02T11:59:46.731Z"
},
"title": "WordPress WP Custom Admin Interface plugin <= 7.32 - Broken Access Control vulnerability",
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"affected": [
{
"vendor": "Martin Gibson",
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-custom-admin-interface",
"product": "WP Custom Admin Interface",
"versions": [
{
"lessThanOrEqual": "7.32",
"status": "affected",
"version": "n/a",
"versionType": "custom",
"changes": [
{
"at": "7.33",
"status": "unaffected"
}
]
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Admin Interface: from n/a through 7.32.",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "<p>Missing Authorization vulnerability in Martin Gibson WP Custom Admin Interface allows Exploiting Incorrectly Configured Access Control Security Levels.</p><p>This issue affects WP Custom Admin Interface: from n/a through 7.32.</p>"
}
]
}
],
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wp-custom-admin-interface/vulnerability/wordpress-wp-custom-admin-interface-plugin-7-32-broken-access-control-vulnerability?_s_id=cve"
}
],
"metrics": [
{
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
],
"cvssV3_1": {
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"version": "3.1"
}
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress WP Custom Admin Interface plugin to the latest available version (at least 7.33)."
}
],
"value": "Update the WordPress WP Custom Admin Interface plugin to the latest available version (at least 7.33)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abdi Pranata (Patchstack Alliance)"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
}
}
Loading

0 comments on commit 3698129

Please sign in to comment.