{"vulnerability": "cve-2023-2373", "sightings": [{"uuid": "ebd60859-1047-4f16-85b8-c0d35bc3b263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23737", "type": "seen", "source": "https://t.me/cibsecurity/72169", "content": "\u203c CVE-2023-23737 \u203c\n\nUnauth. SQL Injection (SQLi) vulnerability in MainWP MainWP Broken Links Checker Extension plugin &lt;=\u00c2\u00a04.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-12T16:23:10.000000Z"}, {"uuid": "fb400253-8b54-46e1-aaaf-6e261b6b157f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2373", "type": "seen", "source": "https://t.me/cibsecurity/63062", "content": "\u203c CVE-2023-2373 \u203c\n\nA vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227649 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T18:27:27.000000Z"}, {"uuid": "df8c5e73-be28-4d6e-9dd1-b8cc255f1e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23734", "type": "seen", "source": "https://t.me/cibsecurity/63585", "content": "\u203c CVE-2023-23734 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Voswinkel Userlike \u00e2\u20ac\u201c WordPress Live Chat plugin &lt;=\u00c2\u00a02.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T14:38:37.000000Z"}, {"uuid": "938febd6-bac8-443e-9dcc-b321a342b9a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23733", "type": "seen", "source": "https://t.me/cibsecurity/63582", "content": "\u203c CVE-2023-23733 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin &lt;=\u00c2\u00a02.0.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T14:38:32.000000Z"}, {"uuid": "6971a0ea-4c56-48ba-931b-6b823329c117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23732", "type": "seen", "source": "https://t.me/cibsecurity/63584", "content": "\u203c CVE-2023-23732 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Disqus Conditional Load plugin &lt;=\u00c2\u00a011.0.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T14:38:36.000000Z"}, {"uuid": "06266cc0-7eb3-4155-9c6c-c100a439b3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23731", "type": "seen", "source": "https://t.me/cibsecurity/66323", "content": "\u203c CVE-2023-23731 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in HasTheme WishSuite plugin &lt;=\u00c2\u00a01.3.3 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T12:39:41.000000Z"}]}