{"vulnerability": "CVE-2023-4947", "sightings": [{"uuid": "bc0b07eb-9376-4d21-abee-a6d3b5842a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4947", "type": "seen", "source": "https://t.me/cibsecurity/72674", "content": "\u203c CVE-2023-4947 \u203c\n\nThe WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refresh_order_ean_data AJAX action in versions up to 6.1.0. This makes it possible for authenticated attackers with contributor-level access and above, to update EAN numbers for orders.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-20T12:41:14.000000Z"}, {"uuid": "a0b200c7-0ceb-40d9-9c3c-1443da7b4142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49471", "type": "seen", "source": "https://t.me/ctinow/165685", "content": "https://ift.tt/dwWLxEA\nCVE-2023-49471", "creation_timestamp": "2024-01-10T10:26:52.000000Z"}, {"uuid": "44b400fd-f5c8-46ec-803e-27fe0ac52237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4947", "type": "seen", "source": "Telegram/6h2VEdNibEtL-zZniEzsfhc-adMuJfmWe0RdPUcdrdz5Emmq", "content": "", "creation_timestamp": "2025-02-14T10:05:07.000000Z"}, {"uuid": "0654c616-d5e1-40d6-b967-66ebb570be28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49471", "type": "seen", "source": "https://t.me/ctinow/174876", "content": "https://ift.tt/4QuI1cf\nCVE-2023-49471 | karlomikus Bar Assistant up to 3.1.x Image::make server-side request forgery", "creation_timestamp": "2024-01-28T09:56:41.000000Z"}]}