{"vulnerability": "CVE-2023-3999", "sightings": [{"uuid": "e5e202bc-2f0d-4a36-853a-0dcd8204bbcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39994", "type": "seen", "source": "https://t.me/cvedetector/14165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-39994 - Repute InfoSystems ARMember Premium Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-39994 \nPublished : Jan. 2, 2025, 3:15 p.m. | 27\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember Premium: from n/a through 5.9.2. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-02T16:46:08.000000Z"}, {"uuid": "c38102eb-6830-4570-a354-af88f1f50faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39999", "type": "seen", "source": "https://t.me/cibsecurity/72247", "content": "\u203c CVE-2023-39999 \u203c\n\nExposure of Sensitive Information to an Unauthorized Actor in WordPress\u00c2\u00a0from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-13T16:29:14.000000Z"}, {"uuid": "94795c0b-3dd3-4c44-9839-8d5823b14bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39995", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647168668769879", "content": "", "creation_timestamp": "2024-12-13T19:29:35.033451Z"}, {"uuid": "2e7ba171-66ff-428d-8f1e-78fbe2d7fbbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39996", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647227667249941", "content": "", "creation_timestamp": "2024-12-13T19:44:34.898859Z"}, {"uuid": "fe793c48-3d27-413d-9c7c-7a62dac31b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39997", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647227681540088", "content": "", "creation_timestamp": "2024-12-13T19:44:35.315056Z"}, {"uuid": "f08fd169-a78f-40c1-bbed-3ed7a8a5cc41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39991", "type": "seen", "source": "https://t.me/cibsecurity/69771", "content": "\u203c CVE-2023-39991 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blindside Networks BigBlueButton plugin <=\u00c2\u00a03.0.0-beta.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T14:16:31.000000Z"}, {"uuid": "0b2a4de5-86aa-4e7a-9c61-4d7f4e2af9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39992", "type": "seen", "source": "https://t.me/cibsecurity/69765", "content": "\u203c CVE-2023-39992 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <=\u00c2\u00a04.3.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T14:16:20.000000Z"}, {"uuid": "d1a3cb1a-9c46-4726-91b5-1b31c4b30da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3999", "type": "seen", "source": "https://t.me/cibsecurity/69522", "content": "\u203c CVE-2023-3999 \u203c\n\nThe Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX calls in versions up to, and including, 0.6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create and delete countdowns as well as manipulate other plugin settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T12:13:00.000000Z"}, {"uuid": "5998dc67-c3d1-49fb-ac9e-0f91823ea7bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39994", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lerellcgoe2i", "content": "", "creation_timestamp": "2025-01-02T15:15:51.070700Z"}, {"uuid": "780973e6-43ab-475f-afcc-dd47fe6c15a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39994", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lergwvtoa32g", "content": "", "creation_timestamp": "2025-01-02T15:57:56.911738Z"}]}