-
Notifications
You must be signed in to change notification settings - Fork 206
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- 5 new CVEs: CVE-2022-45830, CVE-2023-32240, CVE-2023-39994, CVE-2023-40327, CVE-2025-0171 - 0 updated CVEs:
- Loading branch information
cvelistV5 Github Action
committed
Jan 2, 2025
1 parent
e9eb26d
commit e5d0cf7
Showing
7 changed files
with
768 additions
and
66 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
{ | ||
"dataType": "CVE_RECORD", | ||
"dataVersion": "5.1", | ||
"cveMetadata": { | ||
"cveId": "CVE-2022-45830", | ||
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
"state": "PUBLISHED", | ||
"assignerShortName": "Patchstack", | ||
"dateReserved": "2022-11-23T07:45:44.260Z", | ||
"datePublished": "2025-01-02T15:02:35.509Z", | ||
"dateUpdated": "2025-01-02T15:02:35.509Z" | ||
}, | ||
"containers": { | ||
"cna": { | ||
"affected": [ | ||
{ | ||
"collectionURL": "https://wordpress.org/plugins", | ||
"defaultStatus": "unaffected", | ||
"packageName": "wp-analytify", | ||
"product": "Analytify", | ||
"vendor": "Analytify", | ||
"versions": [ | ||
{ | ||
"changes": [ | ||
{ | ||
"at": "4.3.0", | ||
"status": "unaffected" | ||
} | ||
], | ||
"lessThanOrEqual": "4.2.3", | ||
"status": "affected", | ||
"version": "n/a", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"credits": [ | ||
{ | ||
"lang": "en", | ||
"type": "finder", | ||
"user": "00000000-0000-4000-9000-000000000000", | ||
"value": "Nguyen Anh Tien (Patchstack Alliance)" | ||
} | ||
], | ||
"descriptions": [ | ||
{ | ||
"lang": "en", | ||
"supportingMedia": [ | ||
{ | ||
"base64": false, | ||
"type": "text/html", | ||
"value": "Missing Authorization vulnerability in Analytify.<p>This issue affects Analytify: from n/a through 4.2.3.</p>" | ||
} | ||
], | ||
"value": "Missing Authorization vulnerability in Analytify.This issue affects Analytify: from n/a through 4.2.3." | ||
} | ||
], | ||
"metrics": [ | ||
{ | ||
"cvssV3_1": { | ||
"attackComplexity": "LOW", | ||
"attackVector": "NETWORK", | ||
"availabilityImpact": "LOW", | ||
"baseScore": 6.5, | ||
"baseSeverity": "MEDIUM", | ||
"confidentialityImpact": "NONE", | ||
"integrityImpact": "LOW", | ||
"privilegesRequired": "NONE", | ||
"scope": "UNCHANGED", | ||
"userInteraction": "NONE", | ||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", | ||
"version": "3.1" | ||
}, | ||
"format": "CVSS", | ||
"scenarios": [ | ||
{ | ||
"lang": "en", | ||
"value": "GENERAL" | ||
} | ||
] | ||
} | ||
], | ||
"problemTypes": [ | ||
{ | ||
"descriptions": [ | ||
{ | ||
"cweId": "CWE-862", | ||
"description": "CWE-862 Missing Authorization", | ||
"lang": "en", | ||
"type": "CWE" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
"shortName": "Patchstack", | ||
"dateUpdated": "2025-01-02T15:02:35.509Z" | ||
}, | ||
"references": [ | ||
{ | ||
"tags": [ | ||
"vdb-entry" | ||
], | ||
"url": "https://patchstack.com/database/wordpress/plugin/wp-analytify/vulnerability/wordpress-analytify-google-analytics-dashboard-plugin-4-2-3-privilege-escalation?_s_id=cve" | ||
} | ||
], | ||
"solutions": [ | ||
{ | ||
"lang": "en", | ||
"supportingMedia": [ | ||
{ | ||
"base64": false, | ||
"type": "text/html", | ||
"value": "Update the WordPress Analytify plugin to the latest available version (at least 4.3.0)." | ||
} | ||
], | ||
"value": "Update the WordPress Analytify plugin to the latest available version (at least 4.3.0)." | ||
} | ||
], | ||
"source": { | ||
"discovery": "EXTERNAL" | ||
}, | ||
"title": "WordPress Analytify - Google Analytics Dashboard plugin <= 4.2.3 - Privilege Escalation vulnerability", | ||
"x_generator": { | ||
"engine": "Vulnogram 0.2.0" | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,140 @@ | ||
{ | ||
"dataType": "CVE_RECORD", | ||
"dataVersion": "5.1", | ||
"cveMetadata": { | ||
"cveId": "CVE-2023-32240", | ||
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
"state": "PUBLISHED", | ||
"assignerShortName": "Patchstack", | ||
"dateReserved": "2023-05-05T08:13:46.345Z", | ||
"datePublished": "2025-01-02T15:05:19.181Z", | ||
"dateUpdated": "2025-01-02T15:05:19.181Z" | ||
}, | ||
"containers": { | ||
"cna": { | ||
"affected": [ | ||
{ | ||
"defaultStatus": "unaffected", | ||
"product": "WoodMart", | ||
"vendor": "Xtemos", | ||
"versions": [ | ||
{ | ||
"changes": [ | ||
{ | ||
"at": "7.2.2", | ||
"status": "unaffected" | ||
} | ||
], | ||
"lessThanOrEqual": "7.2.1", | ||
"status": "affected", | ||
"version": "n/a", | ||
"versionType": "custom" | ||
} | ||
] | ||
} | ||
], | ||
"credits": [ | ||
{ | ||
"lang": "en", | ||
"type": "finder", | ||
"user": "00000000-0000-4000-9000-000000000000", | ||
"value": "Dave Jong (Patchstack)" | ||
} | ||
], | ||
"descriptions": [ | ||
{ | ||
"lang": "en", | ||
"supportingMedia": [ | ||
{ | ||
"base64": false, | ||
"type": "text/html", | ||
"value": "Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects WoodMart: from n/a through 7.2.1.</p>" | ||
} | ||
], | ||
"value": "Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1." | ||
} | ||
], | ||
"impacts": [ | ||
{ | ||
"capecId": "CAPEC-180", | ||
"descriptions": [ | ||
{ | ||
"lang": "en", | ||
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" | ||
} | ||
] | ||
} | ||
], | ||
"metrics": [ | ||
{ | ||
"cvssV3_1": { | ||
"attackComplexity": "LOW", | ||
"attackVector": "NETWORK", | ||
"availabilityImpact": "NONE", | ||
"baseScore": 5.4, | ||
"baseSeverity": "MEDIUM", | ||
"confidentialityImpact": "LOW", | ||
"integrityImpact": "LOW", | ||
"privilegesRequired": "LOW", | ||
"scope": "UNCHANGED", | ||
"userInteraction": "NONE", | ||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", | ||
"version": "3.1" | ||
}, | ||
"format": "CVSS", | ||
"scenarios": [ | ||
{ | ||
"lang": "en", | ||
"value": "GENERAL" | ||
} | ||
] | ||
} | ||
], | ||
"problemTypes": [ | ||
{ | ||
"descriptions": [ | ||
{ | ||
"cweId": "CWE-862", | ||
"description": "CWE-862 Missing Authorization", | ||
"lang": "en", | ||
"type": "CWE" | ||
} | ||
] | ||
} | ||
], | ||
"providerMetadata": { | ||
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
"shortName": "Patchstack", | ||
"dateUpdated": "2025-01-02T15:05:19.181Z" | ||
}, | ||
"references": [ | ||
{ | ||
"tags": [ | ||
"vdb-entry" | ||
], | ||
"url": "https://patchstack.com/database/wordpress/theme/woodmart/vulnerability/wordpress-woodmart-theme-7-2-1-broken-access-control-vulnerability?_s_id=cve" | ||
} | ||
], | ||
"solutions": [ | ||
{ | ||
"lang": "en", | ||
"supportingMedia": [ | ||
{ | ||
"base64": false, | ||
"type": "text/html", | ||
"value": "Update to 7.2.2 or a higher version." | ||
} | ||
], | ||
"value": "Update to 7.2.2 or a higher version." | ||
} | ||
], | ||
"source": { | ||
"discovery": "EXTERNAL" | ||
}, | ||
"title": "WordPress Woodmart theme <= 7.2.1 - Broken Access Control vulnerability", | ||
"x_generator": { | ||
"engine": "Vulnogram 0.2.0" | ||
} | ||
} | ||
} | ||
} |
Oops, something went wrong.