Daily Vulnerability Trends: Sat Jul 22 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-20323A POST based reflected Cross Site Scripting vulnerability on has been identified...
Vulnerabilities
WooCommerce Ship to Multiple Addresses plugin for WordPress cross-site request forgery | CVE-2023-36514
NAME__________WooCommerce Ship to Multiple Addresses plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WooCommerce Shipping Multiple Addresses 3.8.5Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WooCommerce...
InfoDoc Document On-line Submission and Approval System server-side request forgery | CVE-2023-37290
NAME__________InfoDoc Document On-line Submission and Approval System server-side request forgeryPlatforms Affected:InfoDoc Document On-line Submission and Approval System 22547 InfoDoc Document...
Recipe Maker For Your Food Blog from Zip Recipes plugin for WordPress cross-site request forgery | CVE-2023-35089
NAME__________Recipe Maker For Your Food Blog from Zip Recipes plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Recipe Maker For Your...
myCred plugin for WordPress cross-site request forgery | CVE-2023-35096
NAME__________myCred plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress myCred plugin for WordPress 2.5Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________myCred plugin for WordPress is...
xHTTP denial of service | CVE-2023-38434
NAME__________xHTTP denial of servicePlatforms Affected:xHTTP xHTTPRisk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________xHTTP is vulnerable to a denial of service, caused...
AutomateWoo plugin for WordPress cross-site request forgery | CVE-2023-36513
NAME__________AutomateWoo plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress AutomateWoo Plugin for WordPress 5.7.5Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AutomateWoo plugin for WordPress is...
Open Enclave security bypass | CVE-2023-37479
NAME__________Open Enclave security bypassPlatforms Affected:Open Enclave Open Enclave SDK 0.19.2Risk Level:5.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Open Enclave could allow a remote attacker to...
Oracle MySQL Server unspecified | CVE-2023-22005
NAME__________Oracle MySQL Server unspecifiedPlatforms Affected:Oracle MySQL Server 8.0.33Risk Level:4.4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________An unspecified vulnerability in Oracle MySQL Server related to...
WooCommerce Order Barcodes plugin for WordPress cross-site request forgery | CVE-2023-36511
NAME__________WooCommerce Order Barcodes plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WooCommerce Order Barcodes Plugin for WordPress 1.6.4Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WooCommerce...
Ultimate Member plugin for WordPress cross-site request forgery | CVE-2023-31216
NAME__________Ultimate Member plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Membership Plugin for WordPress 3.2.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Ultimate Member plugin for...
Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK unspecified | CVE-2023-22051
NAME__________Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 21.3.6 Oracle GraalVM Enterprise Edition 22.3.2...
WooCommerce Brands plugin for WordPress cross-site request forgery | CVE-2023-35880
NAME__________WooCommerce Brands plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WooCommerce Brands plugin for WordPress 1.6.49Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WooCommerce Brands plugin...
KOMET privilege escalation | CVE-2023-3786
NAME__________KOMET privilege escalationPlatforms Affected:AURES Technologies KOMETRisk Level:4.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________KOMET could allow a physical attacker to gain elevated privileges on the...
MeterSphere directory traversal | CVE-2023-37461
NAME__________MeterSphere directory traversalPlatforms Affected:MeterSphere MeterSphere 2.10.2 LTSRisk Level:3.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MeterSphere could allow a remote authenticated attacker to traverse directories on...
VMware Tanzu Spring Security security bypass | CVE-2023-34035
NAME__________VMware Tanzu Spring Security security bypassPlatforms Affected:VMware Tanzu Spring Security 5.8.0 VMware Tanzu Spring Security 6.0.0 VMware Tanzu Spring Security...
Event Manager for WooCommerce plugin for WordPress cross-site scripting | CVE-2023-36383
NAME__________Event Manager for WooCommerce plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Event Manager for WooCommerce plugin for WordPress 3.9.5Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Jaeger UI cross-site scripting | CVE-2023-36656
NAME__________Jaeger UI cross-site scriptingPlatforms Affected:Jaegertracing Jaeger UI 1.31.0Risk Level:5.7Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Jaeger UI is vulnerable to cross-site scripting, caused by improper...
Oracle Business Intelligence Enterprise Edition unspecified | CVE-2023-22061
NAME__________Oracle Business Intelligence Enterprise Edition unspecifiedPlatforms Affected:Oracle Business Intelligence Enterprise Edition 6.4.0.0.0Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________An unspecified vulnerability in Oracle Business...
Oracle Hyperion Workspace unspecified | CVE-2023-22060
NAME__________Oracle Hyperion Workspace unspecifiedPlatforms Affected:Oracle Hyperion Workspace 11.2.13.0.000Risk Level:7.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________An unspecified vulnerability in Oracle Hyperion Workspace related to the...
Easy Captcha Plugin for WordPress cross-site scripting | CVE-2023-33312
NAME__________Easy Captcha Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Easy Captcha Plugin for WordPress 1.0Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Easy Captcha Plugin for...
Custom Post Type Generator plugin for WordPress cross-site scripting | CVE-2023-33329
NAME__________Custom Post Type Generator plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Custom Post Type Generator Plugin for WordPress 2.4.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Grav code execution | CVE-2023-37897
NAME__________Grav code executionPlatforms Affected:Grav Grav 1.7.42.1Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Grav could allow a remote authenticated attacker to execute arbitrary code on...
Oracle MySQL Server unspecified | CVE-2023-22046
NAME__________Oracle MySQL Server unspecifiedPlatforms Affected:Oracle MySQL Server 8.0.33Risk Level:4.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________An unspecified vulnerability in Oracle MySQL Server related to...
