https://vulnerability.circl.lu/sightings/feed 2026-05-04T17:50:41.891147+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/e2b56a8e-9981-49c4-a64b-1bc335d73aac/export 2026-05-04T17:50:42.307229+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e2b56a8e-9981-49c4-a64b-1bc335d73aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45072", "type": "seen", "source": "https://t.me/cibsecurity/72508", "content": "\u203c CVE-2023-45072 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kardi Order auto complete for WooCommerce plugin <=\u00c2\u00a01.2.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T16:33:40.000000Z"} 2023-10-18T16:33:40+00:00 https://vulnerability.circl.lu/sighting/105aabf8-8115-443c-92e8-d7cbc0d1de7b/export 2026-05-04T17:50:42.307119+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "105aabf8-8115-443c-92e8-d7cbc0d1de7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45070", "type": "seen", "source": "https://t.me/cibsecurity/72511", "content": "\u203c CVE-2023-45070 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web \u00e2\u20ac\u201c Mobile-Friendly Drag & Drop Contact Form Builder plugin <=\u00c2\u00a01.15.18 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T16:33:43.000000Z"} 2023-10-18T16:33:43+00:00 https://vulnerability.circl.lu/sighting/f4210853-49f1-40c3-bb2c-2966a6e85e92/export 2026-05-04T17:50:42.306993+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f4210853-49f1-40c3-bb2c-2966a6e85e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45071", "type": "seen", "source": "https://t.me/cibsecurity/72514", "content": "\u203c CVE-2023-45071 \u203c\n\nUnauth. Stored Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web \u00e2\u20ac\u201c Mobile-Friendly Drag & Drop Contact Form Builder plugin <=\u00c2\u00a01.15.18 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T16:33:47.000000Z"} 2023-10-18T16:33:47+00:00 https://vulnerability.circl.lu/sighting/b05c4571-496a-4159-b4e0-e9d75d981889/export 2026-05-04T17:50:42.306880+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b05c4571-496a-4159-b4e0-e9d75d981889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45073", "type": "seen", "source": "https://t.me/cibsecurity/72515", "content": "\u203c CVE-2023-45073 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Koch Mendeley Plugin plugin <=\u00c2\u00a01.3.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T16:33:48.000000Z"} 2023-10-18T16:33:48+00:00 https://vulnerability.circl.lu/sighting/5692299a-67f6-4287-b3c2-d363134fcfee/export 2026-05-04T17:50:42.306752+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5692299a-67f6-4287-b3c2-d363134fcfee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45074", "type": "seen", "source": "https://t.me/cibsecurity/73578", "content": "\u203c CVE-2023-45074 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter \u00e2\u20ac\u201c Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter \u00e2\u20ac\u201c Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-06T12:25:41.000000Z"} 2023-11-06T12:25:41+00:00 https://vulnerability.circl.lu/sighting/80d34b91-680c-4f81-81d0-3c488464a0db/export 2026-05-04T17:50:42.306592+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "80d34b91-680c-4f81-81d0-3c488464a0db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4507", "type": "seen", "source": "https://t.me/cvedetector/3384", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-4507 - \"WordPress Admission AppManager Reflected Cross-Site Scripting Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2023-4507 \nPublished : Aug. 17, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-17T10:37:28.000000Z"} 2024-08-17T10:37:28+00:00 https://vulnerability.circl.lu/sighting/71e644c9-f464-49e1-b721-0bb21be4466e/export 2026-05-04T17:50:42.303100+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "71e644c9-f464-49e1-b721-0bb21be4466e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45074", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-45074\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter \u2013 Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1.\n\n\n\ud83d\udccf Published: 2023-11-06T08:35:02.853Z\n\ud83d\udccf Modified: 2025-02-26T21:09:15.565Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/vulnerability/advanced-page-visit-counter/wordpress-advanced-page-visit-counter-plugin-7-1-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-26T21:25:32.000000Z"} 2025-02-26T21:25:32+00:00