Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 02:21:23 +0000 97f3187e-c4fe-4502-ac47-4233afb4d300 https://vulnerability.circl.lu/sighting/97f3187e-c4fe-4502-ac47-4233afb4d300/export {"uuid": "97f3187e-c4fe-4502-ac47-4233afb4d300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6708", "type": "seen", "source": "https://t.me/cvedetector/1140", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-6708 - \"WordPress SVG Support Stored Cross-Site Scripting Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2023-6708 \nPublished : July 18, 2024, 3:15 a.m. | 35\u00a0minutes ago \nDescription : The SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping, even when the 'Sanitize SVG while uploading' feature is enabled. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note that successful exploitation of this vulnerability requires the administrator to allow author-level users to upload SVG files. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T05:55:57.000000Z"} {"uuid": "97f3187e-c4fe-4502-ac47-4233afb4d300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6708", "type": "seen", "source": "https://t.me/cvedetector/1140", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-6708 - \"WordPress SVG Support Stored Cross-Site Scripting Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2023-6708 \nPublished : July 18, 2024, 3:15 a.m. | 35\u00a0minutes ago \nDescription : The SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping, even when the 'Sanitize SVG while uploading' feature is enabled. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note that successful exploitation of this vulnerability requires the administrator to allow author-level users to upload SVG files. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T05:55:57.000000Z"} https://vulnerability.circl.lu/sighting/97f3187e-c4fe-4502-ac47-4233afb4d300/export Thu, 18 Jul 2024 05:55:57 +0000