Skip to content

Commit

Permalink
3 changes (3 new | 0 updated):
Browse files Browse the repository at this point in the history 
      - 3 new CVEs:  CVE-2023-47657, CVE-2023-5977, CVE-2023-6010
      - 0 updated CVEs:
  • Loading branch information
cvelistV5 Github Action committed Nov 13, 2023
1 parent 6c71502 commit 53d9ab2
Show file tree
Hide file tree
Showing 5 changed files with 238 additions and 44 deletions.
142 changes: 142 additions & 0 deletions cves/2023/47xxx/CVE-2023-47657.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"cveMetadata": {
"cveId": "CVE-2023-47657",
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"state": "PUBLISHED",
"assignerShortName": "Patchstack",
"dateReserved": "2023-11-07T17:36:32.258Z",
"datePublished": "2023-11-13T23:43:01.797Z",
"dateUpdated": "2023-11-13T23:43:01.797Z"
},
"containers": {
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "quick-view-and-buy-now-for-woocommerce",
"product": "Direct Checkout – Quick View – Buy Now For WooCommerce",
"vendor": "GrandPlugins",
"versions": [
{
"changes": [
{
"at": "1.5.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.5.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Emili Castells (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin &lt;=<span style=\"background-color: var(--wht);\">&nbsp;1.5.8 versions.</span>"
}
],
"value": "Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin <= 1.5.8 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack",
"dateUpdated": "2023-11-13T23:43:01.797Z"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/quick-view-and-buy-now-for-woocommerce/wordpress-direct-checkout-quick-view-buy-now-for-woocommerce-plugin-1-5-8-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to&nbsp;1.5.9 or a higher version."
}
],
"value": "Update to 1.5.9 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Direct Checkout – Quick View – Buy Now For WooCommerce Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
}
}
28 changes: 28 additions & 0 deletions cves/2023/5xxx/CVE-2023-5977.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"cveMetadata": {
"cveId": "CVE-2023-5977",
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"state": "REJECTED",
"dateReserved": "2023-11-07T00:15:54.215Z",
"dateUpdated": "2023-11-13T23:42:23.793Z",
"dateRejected": "2023-11-13T23:42:23.793Z",
"assignerShortName": "Wordfence"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence",
"dateUpdated": "2023-11-13T23:42:23.793Z"
},
"rejectedReasons": [
{
"lang": "en",
"value": "Accidental Request."
}
]
}
}
}
28 changes: 28 additions & 0 deletions cves/2023/6xxx/CVE-2023-6010.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
{
"dataType": "CVE_RECORD",
"dataVersion": "5.0",
"cveMetadata": {
"cveId": "CVE-2023-6010",
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"state": "REJECTED",
"dateReserved": "2023-11-08T05:44:55.728Z",
"dateUpdated": "2023-11-13T23:40:24.212Z",
"dateRejected": "2023-11-13T23:40:24.212Z",
"assignerShortName": "Wordfence"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence",
"dateUpdated": "2023-11-13T23:40:24.212Z"
},
"rejectedReasons": [
{
"lang": "en",
"value": "Accidental Request."
}
]
}
}
}
58 changes: 14 additions & 44 deletions cves/delta.json
View file
Original file line number Diff line number Diff line change
@@ -1,54 +1,24 @@
{
"fetchTime": "2023-11-13T23:40:04.139Z",
"numberOfChanges": 8,
"fetchTime": "2023-11-13T23:45:52.854Z",
"numberOfChanges": 3,
"new": [
{
"cveId": "CVE-2023-47662",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-47662",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/47xxx/CVE-2023-47662.json",
"dateUpdated": "2023-11-13T23:36:52.726Z"
"cveId": "CVE-2023-47657",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-47657",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/47xxx/CVE-2023-47657.json",
"dateUpdated": "2023-11-13T23:43:01.797Z"
},
{
"cveId": "CVE-2023-6034",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6034",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6034.json",
"dateUpdated": "2023-11-13T23:39:52.077Z"
"cveId": "CVE-2023-5977",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5977",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5977.json",
"dateUpdated": "2023-11-13T23:42:23.793Z"
},
{
"cveId": "CVE-2023-6083",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6083",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6083.json",
"dateUpdated": "2023-11-13T23:39:06.646Z"
},
{
"cveId": "CVE-2023-6085",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6085",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6085.json",
"dateUpdated": "2023-11-13T23:38:05.122Z"
},
{
"cveId": "CVE-2023-6086",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6086",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6086.json",
"dateUpdated": "2023-11-13T23:35:39.741Z"
},
{
"cveId": "CVE-2023-6087",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6087",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6087.json",
"dateUpdated": "2023-11-13T23:34:27.357Z"
},
{
"cveId": "CVE-2023-6106",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6106",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6106.json",
"dateUpdated": "2023-11-13T23:36:29.663Z"
},
{
"cveId": "CVE-2023-6107",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6107",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6107.json",
"dateUpdated": "2023-11-13T23:37:02.937Z"
"cveId": "CVE-2023-6010",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6010",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6010.json",
"dateUpdated": "2023-11-13T23:40:24.212Z"
}
],
"updated": [],
Expand Down
26 changes: 26 additions & 0 deletions cves/deltaLog.json
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,30 @@
[
{
"fetchTime": "2023-11-13T23:45:52.854Z",
"numberOfChanges": 3,
"new": [
{
"cveId": "CVE-2023-47657",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-47657",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/47xxx/CVE-2023-47657.json",
"dateUpdated": "2023-11-13T23:43:01.797Z"
},
{
"cveId": "CVE-2023-5977",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5977",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5977.json",
"dateUpdated": "2023-11-13T23:42:23.793Z"
},
{
"cveId": "CVE-2023-6010",
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6010",
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6010.json",
"dateUpdated": "2023-11-13T23:40:24.212Z"
}
],
"updated": [],
"error": []
},
{
"fetchTime": "2023-11-13T23:40:04.139Z",
"numberOfChanges": 8,
Expand Down

0 comments on commit 53d9ab2

Please sign in to comment.