{"vulnerability": "CVE-2023-5201", "sightings": [{"uuid": "31c264ba-d202-468d-b754-0e71c3bb3c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5201", "type": "seen", "source": "https://t.me/cibsecurity/71352", "content": "\u203c CVE-2023-5201 \u203c\n\nThe OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the [php] shortcode setting to be enabled on the vulnerable site.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-30T07:38:29.000000Z"}]}