{"vulnerability": "CVE-2023-2578", "sightings": [{"uuid": "f1031cb8-d79c-49fe-b8ae-5e4ca971ac16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25780", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/755", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25780\n\ud83d\udd39 Description: It is identified a vulnerability of insufficient authentication in an important specific function of Status PowerBPM. A LAN attacker with normal user privilege can exploit this vulnerability to modify substitute agent to arbitrary users, resulting in serious consequence.\n\ud83d\udccf Published: 2023-06-02T00:00:00\n\ud83d\udccf Modified: 2025-01-08T18:01:59.090Z\n\ud83d\udd17 References:\n1. https://www.twcert.org.tw/tw/cp-132-7152-d7f5b-1.html", "creation_timestamp": "2025-01-08T18:14:36.000000Z"}, {"uuid": "85664b94-bdde-477e-a6b1-da132af4c970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25783", "type": "seen", "source": "https://t.me/cibsecurity/63211", "content": "\u203c CVE-2023-25783 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss FireCask Like & Share Button plugin <=\u00c2\u00a01.1.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-12T12:39:39.000000Z"}, {"uuid": "daa1d354-b558-4101-b34b-b62c0c0e2ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25788", "type": "seen", "source": "https://t.me/cibsecurity/71552", "content": "\u203c CVE-2023-25788 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Saphali Saphali Woocommerce Lite plugin <=\u00c2\u00a01.8.13 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T14:11:47.000000Z"}, {"uuid": "47d69d68-30f6-4690-83ea-2f5eed8738ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25784", "type": "seen", "source": "https://t.me/cibsecurity/63213", "content": "\u203c CVE-2023-25784 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bon Plan Gratos Sticky Ad Bar plugin\u00c2\u00a0<= 1.3.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T14:31:01.000000Z"}, {"uuid": "89ccfc41-9f68-45c9-b73f-44d2fd3cbb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25789", "type": "seen", "source": "https://t.me/cibsecurity/63209", "content": "\u203c CVE-2023-25789 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tapfiliate plugin <=\u00c2\u00a03.0.12 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T14:30:55.000000Z"}, {"uuid": "68a8b5a7-188d-4b6a-8df0-12dbe3cc9d20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25787", "type": "seen", "source": "https://t.me/cibsecurity/63207", "content": "\u203c CVE-2023-25787 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wbolt team WP?????? plugin <=\u00c2\u00a01.3.9 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T14:30:53.000000Z"}, {"uuid": "98c91718-fb67-4b50-88b2-b35badb7efda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25786", "type": "seen", "source": "https://t.me/cibsecurity/63206", "content": "\u203c CVE-2023-25786 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin <=\u00c2\u00a01.8.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T14:30:52.000000Z"}]}