{"vulnerability": "cve-2023-4920", "sightings": [{"uuid": "f45a5cbb-d76b-42e8-b54b-d85448fa95af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49205", "type": "seen", "source": "Telegram/jHCDPEpVRgq5D6l_aer-oTMtl5KFvgMyq4zL2NDeZWOt9_o", "content": "", "creation_timestamp": "2024-07-27T18:04:50.000000Z"}, {"uuid": "af6e4ba6-60b9-4835-9f1c-7b0442092714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49202", "type": "seen", "source": "Telegram/jHCDPEpVRgq5D6l_aer-oTMtl5KFvgMyq4zL2NDeZWOt9_o", "content": "", "creation_timestamp": "2024-07-27T18:04:50.000000Z"}, {"uuid": "94d30207-7fab-4387-8510-a1ba4df711b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49204", "type": "seen", "source": "Telegram/jHCDPEpVRgq5D6l_aer-oTMtl5KFvgMyq4zL2NDeZWOt9_o", "content": "", "creation_timestamp": "2024-07-27T18:04:50.000000Z"}, {"uuid": "e337d93e-a303-49ea-9d3d-8d8f9dd8d423", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49201", "type": "seen", "source": "Telegram/jHCDPEpVRgq5D6l_aer-oTMtl5KFvgMyq4zL2NDeZWOt9_o", "content": "", "creation_timestamp": "2024-07-27T18:04:50.000000Z"}, {"uuid": "20cb3e01-33ac-4ac9-99bb-b9134b72d327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49203", "type": "seen", "source": "Telegram/jHCDPEpVRgq5D6l_aer-oTMtl5KFvgMyq4zL2NDeZWOt9_o", "content": "", "creation_timestamp": "2024-07-27T18:04:50.000000Z"}, {"uuid": "a100caac-1352-4ecf-b4b9-615f98a5738d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49206", "type": "seen", "source": "Telegram/jHCDPEpVRgq5D6l_aer-oTMtl5KFvgMyq4zL2NDeZWOt9_o", "content": "", "creation_timestamp": "2024-07-27T18:04:50.000000Z"}, {"uuid": "52a2a560-43e1-47b9-88b1-75005e08fc57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4920", "type": "seen", "source": "https://t.me/cibsecurity/72653", "content": "\u203c CVE-2023-4920 \u203c\n\nThe BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobe_save_options function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Additionally, input sanitization and escaping is insufficient resulting in the possibility of malicious script injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-20T12:35:10.000000Z"}, {"uuid": "84de652e-3dea-46db-ba48-f4b07e6bdd86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49209", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10003", "content": "#exploit\n1. CVE-2023-42115:\nExim AUTH Out-Of-Bounds Write RCE\nhttps://github.com/cammclain/CVE-2023-42115\n\n2. TOTOLINK LR1200GB Auth Bypass\nhttps://ssd-disclosure.com/ssd-advisory-totolink-lr1200gb-auth-bypass\n\n3. CVE-2023-49209:\nBarracuda Email Security Gateway - code injection\nhttps://github.com/Kaue-Navarro/POC-CVE-2023-49209", "creation_timestamp": "2024-03-04T16:20:50.000000Z"}]}