{"vulnerability": "cve-2023-2504", "sightings": [{"uuid": "24afcae5-b309-46a2-90ec-9a2412014a14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25049", "type": "seen", "source": "https://t.me/cibsecurity/61665", "content": "\u203c CVE-2023-25049 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T16:28:06.000000Z"}, {"uuid": "11815045-38b9-4a17-9503-d5932ddd536c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25045", "type": "seen", "source": "https://t.me/cibsecurity/73232", "content": "\u203c CVE-2023-25045 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-31T17:21:01.000000Z"}, {"uuid": "ba0cafc4-d37a-4335-97ae-d39365557f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25042", "type": "seen", "source": "https://t.me/cibsecurity/69622", "content": "\u203c CVE-2023-25042 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy (Storm Consultancy) oAuth Twitter Feed for Developers plugin <=\u00c2\u00a02.3.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T14:13:48.000000Z"}, {"uuid": "b54290b0-c6a7-4077-a1ec-a8ea50eee924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25044", "type": "seen", "source": "https://t.me/cibsecurity/69631", "content": "\u203c CVE-2023-25044 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <=\u00c2\u00a04.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T14:13:57.000000Z"}, {"uuid": "91416d7e-9bca-409c-a1b6-e3f8c9320870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25041", "type": "seen", "source": "https://t.me/cibsecurity/61658", "content": "\u203c CVE-2023-25041 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T16:27:57.000000Z"}, {"uuid": "81fd4373-13e2-46df-8305-ae9f9525b11a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25047", "type": "seen", "source": "https://t.me/cibsecurity/73236", "content": "\u203c CVE-2023-25047 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-31T17:21:06.000000Z"}, {"uuid": "b1db948e-1145-4e15-a0c6-b222a3c1fdb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2504", "type": "seen", "source": "https://t.me/cibsecurity/64582", "content": "\u203c CVE-2023-2504 \u203c\n\nFiles present on firmware images could allow an attacker to gain unauthorized access as a root user using hard-coded credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T02:25:47.000000Z"}, {"uuid": "1870cfa7-cb34-4d4a-9b27-405a7eb7e842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25040", "type": "seen", "source": "https://t.me/cibsecurity/61171", "content": "\u203c CVE-2023-25040 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Vova Anokhin WordPress Shortcodes Plugin \u00e2\u20ac\u201d Shortcodes Ultimate plugin <= 5.12.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-30T16:26:20.000000Z"}]}