-
Notifications
You must be signed in to change notification settings - Fork 206
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- 2 new CVEs: CVE-2023-45272, CVE-2023-45633 - 0 updated CVEs:
- Loading branch information
cvelistV5 Github Action
committed
Jan 2, 2025
1 parent
33c8220
commit e9eb26d
Showing
4 changed files
with
296 additions
and
422 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,142 @@ | ||
| { | ||
| "dataType": "CVE_RECORD", | ||
| "dataVersion": "5.1", | ||
| "cveMetadata": { | ||
| "cveId": "CVE-2023-45272", | ||
| "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
| "state": "PUBLISHED", | ||
| "assignerShortName": "Patchstack", | ||
| "dateReserved": "2023-10-06T13:05:32.934Z", | ||
| "datePublished": "2025-01-02T14:53:25.291Z", | ||
| "dateUpdated": "2025-01-02T14:53:25.291Z" | ||
| }, | ||
| "containers": { | ||
| "cna": { | ||
| "affected": [ | ||
| { | ||
| "collectionURL": "https://wordpress.org/plugins", | ||
| "defaultStatus": "unaffected", | ||
| "packageName": "wd-google-maps", | ||
| "product": "10Web Map Builder for Google Maps", | ||
| "vendor": "10Web", | ||
| "versions": [ | ||
| { | ||
| "changes": [ | ||
| { | ||
| "at": "1.0.74", | ||
| "status": "unaffected" | ||
| } | ||
| ], | ||
| "lessThanOrEqual": "1.0.73", | ||
| "status": "affected", | ||
| "version": "n/a", | ||
| "versionType": "custom" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "credits": [ | ||
| { | ||
| "lang": "en", | ||
| "type": "finder", | ||
| "user": "00000000-0000-4000-9000-000000000000", | ||
| "value": "Abdi Pranata (Patchstack Alliance)" | ||
| } | ||
| ], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "supportingMedia": [ | ||
| { | ||
| "base64": false, | ||
| "type": "text/html", | ||
| "value": "Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.</p>" | ||
| } | ||
| ], | ||
| "value": "Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73." | ||
| } | ||
| ], | ||
| "impacts": [ | ||
| { | ||
| "capecId": "CAPEC-180", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "metrics": [ | ||
| { | ||
| "cvssV3_1": { | ||
| "attackComplexity": "LOW", | ||
| "attackVector": "NETWORK", | ||
| "availabilityImpact": "LOW", | ||
| "baseScore": 5.4, | ||
| "baseSeverity": "MEDIUM", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "LOW", | ||
| "privilegesRequired": "LOW", | ||
| "scope": "UNCHANGED", | ||
| "userInteraction": "NONE", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", | ||
| "version": "3.1" | ||
| }, | ||
| "format": "CVSS", | ||
| "scenarios": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "GENERAL" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "problemTypes": [ | ||
| { | ||
| "descriptions": [ | ||
| { | ||
| "cweId": "CWE-862", | ||
| "description": "CWE-862 Missing Authorization", | ||
| "lang": "en", | ||
| "type": "CWE" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
| "shortName": "Patchstack", | ||
| "dateUpdated": "2025-01-02T14:53:25.291Z" | ||
| }, | ||
| "references": [ | ||
| { | ||
| "tags": [ | ||
| "vdb-entry" | ||
| ], | ||
| "url": "https://patchstack.com/database/wordpress/plugin/wd-google-maps/vulnerability/wordpress-10web-map-builder-for-google-maps-plugin-1-0-73-notice-dismissal-vulnerability?_s_id=cve" | ||
| } | ||
| ], | ||
| "solutions": [ | ||
| { | ||
| "lang": "en", | ||
| "supportingMedia": [ | ||
| { | ||
| "base64": false, | ||
| "type": "text/html", | ||
| "value": "Update the WordPress 10Web Map Builder for Google Maps plugin to the latest available version (at least 1.0.74)." | ||
| } | ||
| ], | ||
| "value": "Update the WordPress 10Web Map Builder for Google Maps plugin to the latest available version (at least 1.0.74)." | ||
| } | ||
| ], | ||
| "source": { | ||
| "discovery": "EXTERNAL" | ||
| }, | ||
| "title": "WordPress 10Web Map Builder for Google Maps plugin <= 1.0.73 - Notice Dismissal Vulnerability", | ||
| "x_generator": { | ||
| "engine": "Vulnogram 0.2.0" | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,123 @@ | ||
| { | ||
| "dataType": "CVE_RECORD", | ||
| "dataVersion": "5.1", | ||
| "cveMetadata": { | ||
| "cveId": "CVE-2023-45633", | ||
| "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
| "state": "PUBLISHED", | ||
| "assignerShortName": "Patchstack", | ||
| "dateReserved": "2023-10-10T07:47:54.381Z", | ||
| "datePublished": "2025-01-02T14:52:23.546Z", | ||
| "dateUpdated": "2025-01-02T14:52:23.546Z" | ||
| }, | ||
| "containers": { | ||
| "cna": { | ||
| "affected": [ | ||
| { | ||
| "collectionURL": "https://wordpress.org/plugins", | ||
| "defaultStatus": "unaffected", | ||
| "packageName": "wp-listings", | ||
| "product": "IMPress Listings", | ||
| "vendor": "IDX", | ||
| "versions": [ | ||
| { | ||
| "lessThanOrEqual": "2.6.2", | ||
| "status": "affected", | ||
| "version": "n/a", | ||
| "versionType": "custom" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "credits": [ | ||
| { | ||
| "lang": "en", | ||
| "type": "finder", | ||
| "user": "00000000-0000-4000-9000-000000000000", | ||
| "value": "Nguyen Anh Tien (Patchstack Alliance)" | ||
| } | ||
| ], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "supportingMedia": [ | ||
| { | ||
| "base64": false, | ||
| "type": "text/html", | ||
| "value": "Missing Authorization vulnerability in IDX IMPress Listings allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects IMPress Listings: from n/a through 2.6.2.</p>" | ||
| } | ||
| ], | ||
| "value": "Missing Authorization vulnerability in IDX IMPress Listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IMPress Listings: from n/a through 2.6.2." | ||
| } | ||
| ], | ||
| "impacts": [ | ||
| { | ||
| "capecId": "CAPEC-180", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "metrics": [ | ||
| { | ||
| "cvssV3_1": { | ||
| "attackComplexity": "LOW", | ||
| "attackVector": "NETWORK", | ||
| "availabilityImpact": "LOW", | ||
| "baseScore": 6.5, | ||
| "baseSeverity": "MEDIUM", | ||
| "confidentialityImpact": "NONE", | ||
| "integrityImpact": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "userInteraction": "NONE", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", | ||
| "version": "3.1" | ||
| }, | ||
| "format": "CVSS", | ||
| "scenarios": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "GENERAL" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "problemTypes": [ | ||
| { | ||
| "descriptions": [ | ||
| { | ||
| "cweId": "CWE-862", | ||
| "description": "CWE-862 Missing Authorization", | ||
| "lang": "en", | ||
| "type": "CWE" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "providerMetadata": { | ||
| "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", | ||
| "shortName": "Patchstack", | ||
| "dateUpdated": "2025-01-02T14:52:23.546Z" | ||
| }, | ||
| "references": [ | ||
| { | ||
| "tags": [ | ||
| "vdb-entry" | ||
| ], | ||
| "url": "https://patchstack.com/database/wordpress/plugin/wp-listings/vulnerability/wordpress-impress-listings-plugin-2-6-2-broken-access-control-vulnerability?_s_id=cve" | ||
| } | ||
| ], | ||
| "source": { | ||
| "discovery": "EXTERNAL" | ||
| }, | ||
| "title": "WordPress IMPress Listings plugin <= 2.6.2 - Broken Access Control vulnerability", | ||
| "x_generator": { | ||
| "engine": "Vulnogram 0.2.0" | ||
| } | ||
| } | ||
| } | ||
| } |
Oops, something went wrong.