{"vulnerability": "cve-2021-4387", "sightings": [{"uuid": "820d2ad8-75a1-4560-9ba4-a3c35911508e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4387", "type": "seen", "source": "https://t.me/cibsecurity/65846", "content": "\u203c CVE-2021-4387 \u203c\n\nThe Opal Estate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.11. This is due to missing or incorrect nonce validation on the opalestate_set_feature_property() and opalestate_remove_feature_property() functions. This makes it possible for unauthenticated attackers to set and remove featured properties via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T07:15:57.000000Z"}, {"uuid": "addc91b9-39c2-4f98-95ef-406704b10ead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43877", "type": "seen", "source": "https://t.me/cibsecurity/34011", "content": "\u203c CVE-2021-43877 \u203c\n\nASP.NET Core and Visual Studio Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-15T18:14:23.000000Z"}, {"uuid": "b7ae026d-60fe-4dc5-aab3-842e0b648125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43876", "type": "seen", "source": "https://t.me/cibsecurity/34749", "content": "\u203c CVE-2021-43876 \u203c\n\nMicrosoft SharePoint Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-30T02:45:51.000000Z"}]}