{"vulnerability": "cve-2023-6485", "sightings": [{"uuid": "eaebc254-b9f3-45b7-a644-a20d0eb37a5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6485", "type": "seen", "source": "https://t.me/ctinow/161366", "content": "https://ift.tt/LkTC1BR\nCVE-2023-6485", "creation_timestamp": "2024-01-01T16:26:28.000000Z"}, {"uuid": "dc118c14-b905-4513-bd10-6424ac64f6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6485", "type": "seen", "source": "https://t.me/ctinow/171124", "content": "https://ift.tt/k6DVYqK\nCVE-2023-6485 | Html5 Video Player Plugin up to 2.5.18 on WordPress Setting cross site scripting", "creation_timestamp": "2024-01-22T12:37:03.000000Z"}, {"uuid": "ea256e72-45a7-44b0-8e95-5b67ed8f1171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6485", "type": "seen", "source": "https://t.me/cibsecurity/74093", "content": "\u203c\ufe0fCVE-2023-6485\u203c\ufe0f\n\nThe Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored CrossSite Scripting attacks against high privilege users like admins\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-02T01:31:21.000000Z"}, {"uuid": "4837f769-dd6c-4076-b55e-22cc516ed614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6485", "type": "seen", "source": "https://t.me/ctinow/164701", "content": "https://ift.tt/0p3gyEu\nCVE-2023-6485 Exploit", "creation_timestamp": "2024-01-08T23:17:29.000000Z"}]}