{"vulnerability": "CVE-2023-3078", "sightings": [{"uuid": "4a56cbbc-d56b-47c2-83fc-c63749175cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30786", "type": "seen", "source": "https://t.me/cibsecurity/68630", "content": "\u203c CVE-2023-30786 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Benjamin Guy Captcha Them All plugin &lt;=\u00c2\u00a01.3.3 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T14:50:19.000000Z"}, {"uuid": "e1825327-96ac-4c1a-9982-030c74b54b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30784", "type": "seen", "source": "https://t.me/cibsecurity/68623", "content": "\u203c CVE-2023-30784 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kaya Studio Kaya QR Code Generator plugin &lt;=\u00c2\u00a01.5.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T14:41:15.000000Z"}, {"uuid": "3211ca21-8640-4439-ba31-2c357bc07fc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30785", "type": "seen", "source": "https://t.me/cibsecurity/68628", "content": "\u203c CVE-2023-30785 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Grid plugin &lt;=\u00c2\u00a01.21 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T14:47:18.000000Z"}, {"uuid": "06e1c8b3-0473-4679-9df6-ac43b4a67dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30782", "type": "seen", "source": "https://t.me/cibsecurity/68624", "content": "\u203c CVE-2023-30782 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin &lt;=\u00c2\u00a03.7.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T14:41:16.000000Z"}, {"uuid": "85196cd1-ebcf-499e-9205-7c442ef52007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30780", "type": "seen", "source": "https://t.me/cibsecurity/64391", "content": "\u203c CVE-2023-30780 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TheGuideX User IP and Location plugin &lt;=\u00c2\u00a02.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T14:32:19.000000Z"}, {"uuid": "9b223b3b-c5b0-4b18-bddf-c9906dc2fb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30781", "type": "seen", "source": "https://t.me/cibsecurity/72527", "content": "\u203c CVE-2023-30781 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Theme Blvd Tweeple plugin &lt;=\u00c2\u00a00.9.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T18:33:47.000000Z"}, {"uuid": "ea045c6a-77fc-4664-b646-e59ad1a0874e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3078", "type": "seen", "source": "https://t.me/cibsecurity/68766", "content": "\u203c CVE-2023-3078 \u203c\n\nAn uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T20:37:28.000000Z"}, {"uuid": "98c2f9af-0509-4bbf-bf4e-83a7415893f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30789", "type": "seen", "source": "https://t.me/cibsecurity/63527", "content": "\u203c CVE-2023-30789 \u203c\n\nMonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/work` endpoint and job and company parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:54:03.000000Z"}, {"uuid": "8c9a0c39-d180-4358-b093-0807c4e2bb68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30789", "type": "seen", "source": "Telegram/iOf1uBHdGjKRe0ts-6xpGDe4s7IKRbq92LJP7VvGncZJ2yPo", "content": "", "creation_timestamp": "2025-02-06T02:40:19.000000Z"}, {"uuid": "f248a45f-b800-4645-b7b4-23c998709d7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3078", "type": "seen", "source": "https://t.me/arpsyndicate/2413", "content": "#ExploitObserverAlert\n\nCVE-2023-3078\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-3078. An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-04T02:56:46.000000Z"}, {"uuid": "b8da8718-06cd-495b-b126-d6a45750597b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30787", "type": "seen", "source": "https://t.me/cibsecurity/63494", "content": "\u203c CVE-2023-30787 \u203c\n\nMonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:43:08.000000Z"}]}