{"vulnerability": "CVE-2023-28782", "sightings": [{"uuid": "d3058791-69cc-4c06-87bc-26b0427d12eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28782", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8402", "content": "#exploit\n1. CVE-2023-34152 / CVE-2023-34151:\nShell Command Injection in ImageMagick / \nUndefined behaviors of casting double to size_t in svg, mvg, and other coders\nhttps://github.com/ImageMagick/ImageMagick/issues/6341\n]-> CVE-2023-34153:\u00a0Shell command injection vulnerability\nhttps://github.com/ImageMagick/ImageMagick/issues/6338\n\n2. CVE-2023-28782:\nPHP Object Injection Flaw in WordPress Gravity Forms Plugin\nhttps://securityonline.info/cve-2023-28782-php-object-injection-flaw-in-wordpress-gravity-forms-plugin-with-1-million-active-installations\n\n3. CVE-2023-3009:\nStored XSS on item name - Bypassing CVE-2023-2516 in TeamPass <3.0.9\nhttps://github.com/mnqazi/CVE-2023-3009", "creation_timestamp": "2023-06-01T13:16:22.000000Z"}, {"uuid": "6187ad1d-5da2-4610-969d-d977b07db286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28782", "type": "seen", "source": "https://t.me/ctinow/167856", "content": "https://ift.tt/xCJUvnl\nCVE-2023-28782 | Rocketgenius Gravity Forms Plugin up to 2.7.3 on WordPress deserialization", "creation_timestamp": "2024-01-13T15:21:59.000000Z"}, {"uuid": "0c2e7c45-2ba9-402a-830e-ab6ddc2f5579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28782", "type": "seen", "source": "https://t.me/ctinow/157117", "content": "https://ift.tt/s8vXjLA\nCVE-2023-28782", "creation_timestamp": "2023-12-20T16:23:53.000000Z"}, {"uuid": "37584492-51b1-4891-9cf7-288b1ef77309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28782", "type": "seen", "source": "https://t.me/arpsyndicate/2130", "content": "#ExploitObserverAlert\n\nCVE-2023-28782\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28782. Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3.", "creation_timestamp": "2023-12-23T13:28:37.000000Z"}]}