{"vulnerability": "CVE-2023-4270", "sightings": [{"uuid": "4ad81331-f16b-4434-8cd5-2b1d0f8c4fa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4270", "type": "seen", "source": "https://t.me/cibsecurity/70239", "content": "\u203c CVE-2023-4270 \u203c\n\nThe Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-12T00:26:22.000000Z"}, {"uuid": "f1ca9e9d-ab56-4157-b4c0-4a5dac215120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42708", "type": "seen", "source": "https://t.me/ctinow/158423", "content": "https://ift.tt/GOLzc7h\nCVE-2023-42708 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:58:47.000000Z"}, {"uuid": "0115ea95-6e2e-4f78-9dc9-80386211ebdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42709", "type": "seen", "source": "https://t.me/ctinow/158420", "content": "https://ift.tt/2nUEpvH\nCVE-2023-42709 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:58:43.000000Z"}, {"uuid": "71c88d61-f3e1-44cd-b7ba-7e59b62f65c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42707", "type": "seen", "source": "https://t.me/ctinow/158419", "content": "https://ift.tt/pKsbHnA\nCVE-2023-42707 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:58:42.000000Z"}, {"uuid": "cbbba486-9360-4878-a6ac-e90f8d9562ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42702", "type": "seen", "source": "https://t.me/ctinow/158415", "content": "https://ift.tt/MCPDcuY\nCVE-2023-42702 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:58:37.000000Z"}, {"uuid": "1297055a-1281-416d-ad7e-5a22ef9932b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42706", "type": "seen", "source": "https://t.me/ctinow/158407", "content": "https://ift.tt/a9wWA1P\nCVE-2023-42706 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:27:10.000000Z"}, {"uuid": "ab5ba6f8-0c44-4e18-b874-ff80099db125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42703", "type": "seen", "source": "https://t.me/ctinow/158406", "content": "https://ift.tt/EwGmJIU\nCVE-2023-42703 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:27:09.000000Z"}, {"uuid": "49435afc-4876-4021-84db-c992c1bc6850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42705", "type": "seen", "source": "https://t.me/ctinow/158405", "content": "https://ift.tt/SDatnJ5\nCVE-2023-42705 | Unisoc S8000 Imsservice information disclosure", "creation_timestamp": "2023-12-22T14:27:08.000000Z"}, {"uuid": "89bc8a12-1cc9-4f17-99ee-f9aa691daf2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42704", "type": "seen", "source": "https://t.me/ctinow/158404", "content": "https://ift.tt/ulJvr8a\nCVE-2023-42704 | Unisoc S8000 Imsservice information disclosure", "creation_timestamp": "2023-12-22T14:27:06.000000Z"}, {"uuid": "3b79ca41-f9b3-4954-8463-46d276af60c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42701", "type": "seen", "source": "https://t.me/ctinow/158403", "content": "https://ift.tt/OcDk138\nCVE-2023-42701 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:27:05.000000Z"}, {"uuid": "30590c32-2479-4d13-aa9a-cf099a73099c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42700", "type": "seen", "source": "https://t.me/ctinow/158400", "content": "https://ift.tt/M6q9Ppv\nCVE-2023-42700 | Unisoc S8000 Firewall Service information disclosure", "creation_timestamp": "2023-12-22T14:27:02.000000Z"}, {"uuid": "3f70bb30-2da0-487f-a27c-57195c3568d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4270", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14530", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-4270\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Min Max Control WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n\ud83d\udccf Published: 2023-09-11T19:46:05.206Z\n\ud83d\udccf Modified: 2025-05-02T16:52:53.525Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/04560bf1-676b-46fb-9344-4150862f2686", "creation_timestamp": "2025-05-02T17:16:32.000000Z"}, {"uuid": "d2c13e66-7059-40a0-94e5-fcad1cd34621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-42704", "type": "seen", "source": "https://t.me/arpsyndicate/2442", "content": "#ExploitObserverAlert\n\nCVE-2023-42704\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-42704. In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2024-01-04T06:11:50.000000Z"}]}