{"vulnerability": "CVE-2016-1094", "sightings": [{"uuid": "bc1983eb-1080-4f06-a91d-b355c402f1d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10941", "type": "seen", "source": "https://t.me/cibsecurity/6749", "content": "ATENTION\u203c New - CVE-2016-10941\n\nThe podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:32.000000Z"}, {"uuid": "4ae7a749-eeb9-4e9c-8f71-76d04748b09e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10940", "type": "seen", "source": "https://t.me/cibsecurity/6750", "content": "ATENTION\u203c New - CVE-2016-10940\n\nThe zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:34.000000Z"}, {"uuid": "35cfec6f-0996-4770-8f58-3643326d9a57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10942", "type": "seen", "source": "https://t.me/cibsecurity/6748", "content": "ATENTION\u203c New - CVE-2016-10942\n\nThe podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:31.000000Z"}, {"uuid": "1df49561-9cbb-45fd-9a90-f15aa08a6571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10949", "type": "seen", "source": "https://t.me/cibsecurity/6741", "content": "ATENTION\u203c New - CVE-2016-10949\n\nThe Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:24.000000Z"}, {"uuid": "9ca7f425-4420-4dae-8ada-1a3ad87d5e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10948", "type": "seen", "source": "https://t.me/cibsecurity/6742", "content": "ATENTION\u203c New - CVE-2016-10948\n\nThe Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:25.000000Z"}, {"uuid": "065a2957-6509-4488-921e-04cb56792b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10947", "type": "seen", "source": "https://t.me/cibsecurity/6743", "content": "ATENTION\u203c New - CVE-2016-10947\n\nThe Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:26.000000Z"}, {"uuid": "6cddceda-9e8b-4f36-954d-3da80a72d750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10946", "type": "seen", "source": "https://t.me/cibsecurity/6744", "content": "ATENTION\u203c New - CVE-2016-10946\n\nThe wp-d3 plugin before 2.4.1 for WordPress has CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:27.000000Z"}, {"uuid": "8b6c5315-47eb-4370-8ff6-8b19f064a6c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10945", "type": "seen", "source": "https://t.me/cibsecurity/6745", "content": "ATENTION\u203c New - CVE-2016-10945\n\nThe PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:28.000000Z"}, {"uuid": "62c81a6b-fa4d-4284-b18b-183eb6e7f0bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10944", "type": "seen", "source": "https://t.me/cibsecurity/6746", "content": "ATENTION\u203c New - CVE-2016-10944\n\nThe multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:29.000000Z"}, {"uuid": "b5b99873-c8e2-4bf0-b606-20eae5774e53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-10943", "type": "seen", "source": "https://t.me/cibsecurity/6747", "content": "ATENTION\u203c New - CVE-2016-10943\n\nThe zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-09-13T16:28:30.000000Z"}]}