{"vulnerability": "cve-2023-3798", "sightings": [{"uuid": "b35bc7ef-9f48-4e03-b24a-d2269d72ca72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "Telegram/M_5LD2ttx5rMY6ipbEbR_NSCvrDEss0d3-thqMCCSp2wHw", "content": "", "creation_timestamp": "2023-10-24T19:46:01.000000Z"}, {"uuid": "b8221e4f-7ee1-495c-8d10-4edf7a04b318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37986", "type": "seen", "source": "https://t.me/cibsecurity/69641", "content": "\u203c CVE-2023-37986 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange YourMembership Single Sign On \u00e2\u20ac\u201c YM SSO Login plugin &lt;=\u00c2\u00a01.1.3 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T16:15:00.000000Z"}, {"uuid": "10ba4ebf-88bc-454b-884c-5d6ce25eb94b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37985", "type": "seen", "source": "https://t.me/cibsecurity/66838", "content": "\u203c CVE-2023-37985 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin &lt;=\u00c2\u00a02.4.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-17T20:40:18.000000Z"}, {"uuid": "2f167f23-96fc-4e39-926c-11ab89eba107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "seen", "source": "https://t.me/cibsecurity/68180", "content": "\u203c CVE-2023-37988 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Creative Solutions Contact Form Generator plugin &lt;=\u00c2\u00a02.5.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T14:15:40.000000Z"}, {"uuid": "be96d599-d650-4581-8d35-821c961c35d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37983", "type": "seen", "source": "https://t.me/cibsecurity/68193", "content": "\u203c CVE-2023-37983 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in No\u00c3\u00abl Jackson Art Direction plugin &lt;=\u00c2\u00a00.2.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T16:15:45.000000Z"}, {"uuid": "761624f9-2e78-44ba-a0a8-44a2efea3563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwpcbpo3nm2c", "content": "", "creation_timestamp": "2025-08-18T21:02:50.437813Z"}, {"uuid": "8b76c557-5324-443e-a28e-e6edc173582b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1225", "content": "", "creation_timestamp": "2023-10-08T01:39:24.000000Z"}, {"uuid": "33aa15ce-c4dd-4081-8a8f-f83a2a8ae232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37980", "type": "seen", "source": "https://t.me/cibsecurity/67320", "content": "\u203c CVE-2023-37980 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Custom Field For WP Job Manager plugin &lt;=\u00c2\u00a01.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-29T00:48:31.000000Z"}, {"uuid": "70c56ed1-7f05-41c0-84de-de8a19675299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37981", "type": "seen", "source": "https://t.me/cibsecurity/67332", "content": "\u203c CVE-2023-37981 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPKube Authors List plugin &lt;=\u00c2\u00a02.0.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T15:31:54.000000Z"}, {"uuid": "cc934984-1357-4f8d-8215-65aa1c49233e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9164", "content": "#exploit\n1. Emulating and Exploiting UEFI Firmware\nhttps://margin.re/2023/09/emulating-and-exploiting-uefi-firmware\n\n2. Updated SMM backdoor for UEFI based platforms\nhttps://github.com/Cr4sh/SmmBackdoorNg\n\n3. CVE-2023-37988:\nWordpress/Plugin/Contact Form Generator - RXSS\nhttps://github.com/codeb0ss/CVE-2023-37988-PoC", "creation_timestamp": "2024-01-17T22:03:35.000000Z"}, {"uuid": "07e97061-fe2b-444d-84ac-dbaf76a5cee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5317", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-37988 - Wordpress/Plugin - Contact Form Generator &lt; Reflected Cross-Site Scripting [RXSS]\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-37988-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-07T23:43:05.000000Z"}, {"uuid": "a314752f-f7fe-4c88-aa93-687487024528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3364", "content": "#exploit\n1. Emulating and Exploiting UEFI Firmware\nhttps://margin.re/2023/09/emulating-and-exploiting-uefi-firmware\n\n2. Updated SMM backdoor for UEFI based platforms\nhttps://github.com/Cr4sh/SmmBackdoorNg\n\n3. CVE-2023-37988:\nWordpress/Plugin (Contact Form Generator) - RXSS\nhttps://github.com/codeb0ss/CVE-2023-37988-PoC", "creation_timestamp": "2024-02-24T16:46:06.000000Z"}, {"uuid": "d36a83b0-a152-4372-a9f1-4075c61aa7c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5573", "content": "CVE-2023-37988 - Wordpress/Plugin - Contact Form Generator [RXSS] \n\nGithub\n\n#CVE #Wordpress #RXSS \n \u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-10-10T12:31:40.000000Z"}, {"uuid": "0eec4291-3aec-452c-9941-4886bf4b2b9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37988", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1302", "content": "#exploit\n1. Emulating and Exploiting UEFI Firmware\nhttps://margin.re/2023/09/emulating-and-exploiting-uefi-firmware\n\n2. Updated SMM backdoor for UEFI based platforms\nhttps://github.com/Cr4sh/SmmBackdoorNg\n\n3. CVE-2023-37988:\nWordpress/Plugin/Contact Form Generator - RXSS\nhttps://github.com/codeb0ss/CVE-2023-37988-PoC", "creation_timestamp": "2024-08-16T08:32:35.000000Z"}, {"uuid": "ebfa5298-e677-43ed-af71-694e14174a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37984", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646991504685781", "content": "", "creation_timestamp": "2024-12-13T18:44:31.589649Z"}, {"uuid": "68bfaad5-e2e0-4db5-8046-f26faeba0742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37987", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646991518175919", "content": "", "creation_timestamp": "2024-12-13T18:44:32.747342Z"}, {"uuid": "70ca6073-f613-4a8d-b684-c611bc98f841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37989", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647050523741363", "content": "", "creation_timestamp": "2024-12-13T18:59:31.919059Z"}]}