{"vulnerability": "cve-2023-4000", "sightings": [{"uuid": "210006ef-bd81-4657-8fe2-7de5802ecc9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "https://t.me/thehackernews/4607", "content": "Patch your LiteSpeed Cache plugin for WordPress against CVE-2023-40000. This flaw could lead to unauthorized site takeover. \n \nClick for details: https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html", "creation_timestamp": "2024-02-27T15:52:47.000000Z"}, {"uuid": "2efd6ad0-326c-4bb9-911a-d41cd9a06053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/S_E_Reborn/4739", "content": "WPScan \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u043d\u0430 \u0441\u0430\u0439\u0442\u044b WordPress \u0441 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 LiteSpeed Cache, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0435 \u0443\u0447\u0435\u0442\u043a\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u0445.\n\nLiteSpeed Cache (LS Cache) - \u044d\u0442\u043e \u043f\u043b\u0430\u0433\u0438\u043d \u043a\u0435\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043f\u043e\u0447\u0442\u0438 \u043d\u0430 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u0445 \u0441\u0430\u0439\u0442\u043e\u0438\u0445 WordPress, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u043a\u043e\u0440\u0435\u043d\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0432 \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0432\u044b\u0434\u0430\u0447\u0435 Google.\n\n\u0423\u0441\u0438\u043b\u0438\u0432\u0448\u0430\u044f\u0441\u044f \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0425SS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 CVSS: 8,8, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-40000.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0441\u0442\u0430\u0440\u0448\u0435 5.7.0.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 WPScan \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 1,2 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 \u043b\u0438\u0448\u044c \u0441 \u043e\u0434\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 94[.]102[.]51[.]144.\n\nWPScan \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 JavaScript, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u044b\u0439 \u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b WordPress \u0438\u043b\u0438 \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0441 \u0438\u043c\u0435\u043d\u0430\u043c\u0438 \u00abwpsupp\u2011user\u00bb \u0438\u043b\u0438 \u00abwp\u2011configuser\u00bb.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u043c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0441\u0442\u0440\u043e\u043a\u0438 eval(atob(Strings.fromCharCode \u0432 \u043e\u043f\u0446\u0438\u0438 litespeed.admin_display.messages \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 LiteSpeed Cache \u043f\u0435\u0440\u0435\u0448\u043b\u0430 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u0434\u043e 1 835 000 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e.", "creation_timestamp": "2024-05-08T18:51:37.000000Z"}, {"uuid": "ea15f539-b705-4f09-bdb8-065bd2d0039d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40001", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647227695335129", "content": "", "creation_timestamp": "2024-12-13T19:44:35.586896Z"}, {"uuid": "e0b9fa33-e6ca-46df-a301-5ebd25312f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40003", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647227709319267", "content": "", "creation_timestamp": "2024-12-13T19:44:35.785539Z"}, {"uuid": "76c52dc5-6530-4520-a51e-6efbaaa63612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40005", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647286707688052", "content": "", "creation_timestamp": "2024-12-13T19:59:38.243139Z"}, {"uuid": "deea5af8-dcb4-476d-94d4-e3dd3284864f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-40000.yaml", "content": "", "creation_timestamp": "2025-09-17T00:34:40.000000Z"}, {"uuid": "2e2d6440-51db-4bc1-9d7f-d57dd6e325bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "https://t.me/itsec_news/4145", "content": "\u200b\u26a1\ufe0fCVE-2023-40000: \u043f\u043b\u0430\u0433\u0438\u043d \u043a\u0430\u043a \u043f\u0443\u0442\u044c \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress\n\n\ud83d\udcac \u0412 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed \u200b\u200bCache \u0434\u043b\u044f WordPress \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438. \u041e\u0431 \u044d\u0442\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Patchstack \u0432 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Stored XSS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u044e\u0431\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 WordPress, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043e\u0434\u0438\u043d HTTP-\u0437\u0430\u043f\u0440\u043e\u0441. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-40000 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 5.7.0.1.\n\nLiteSpeed \u200b\u200bCache \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u0430\u0439\u0442\u0430 \u0438 \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 5 \u043c\u043b\u043d. \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u043f\u043b\u0430\u0433\u0438\u043d\u0430 6.1 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 5 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e CVE-2023-40000 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0432\u0432\u043e\u0434\u0430 \u0438 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u044b\u0432\u043e\u0434\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00abupdatecdnstatus()\u00bb \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0430 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 XSS \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0435\u0442\u0441\u044f \u0432 \u0432\u0438\u0434\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0430 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043b\u044e\u0431\u043e\u0439 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 \u00abwp-admin\u00bb, \u043e\u0448\u0438\u0431\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043b\u0435\u0433\u043a\u043e \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043b\u044e\u0431\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043d\u0435\u043b\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-28T10:05:39.000000Z"}, {"uuid": "3ac2b093-5f59-439e-ac08-4dfc04efba09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "Telegram/U4euC8avVGS0AyIm8AaThih2lp50kVu7kYZO8PhT3kOTWQ", "content": "", "creation_timestamp": "2024-02-27T17:35:44.000000Z"}, {"uuid": "ace013ed-58cf-49cb-9bda-ccecde6db778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "Telegram/H2Y_qN3Ps3EA0xQ0H0hqs4jWyZXGHWGiNMpTu5O4a1wUwA", "content": "", "creation_timestamp": "2024-05-08T11:50:29.000000Z"}, {"uuid": "b250d796-69c2-471e-9195-db1d29c4f9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/7144", "content": "The Hacker News\nHackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites\n\nA high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites.\nThe findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with the names wpsupp\u2011user ", "creation_timestamp": "2024-05-08T11:50:28.000000Z"}, {"uuid": "55400942-27d9-4d8a-85fe-ae1349b242a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "https://t.me/arpsyndicate/4716", "content": "#ExploitObserverAlert\n\nCVE-2023-40000\n\nDESCRIPTION: Exploit Observer has 16 entries in 4 file formats related to CVE-2023-40000. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.9040389", "creation_timestamp": "2024-04-18T07:12:34.000000Z"}, {"uuid": "6f99d824-a8e2-4809-981e-d8109d34403e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "Telegram/VE7aHK9P84ZEIIJpy72Ek8N3y-TUo7DIq9J7k6i9vPVOXQ", "content": "", "creation_timestamp": "2024-05-08T12:07:01.000000Z"}, {"uuid": "5a336c17-58f2-4996-a2cc-318082b010f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "Telegram/Gl8DkxBzDx13_jCAd1KOQDff27xgk7OvzgQUumKqJfz1gw", "content": "", "creation_timestamp": "2024-02-27T16:17:36.000000Z"}, {"uuid": "edd24287-4d20-4598-94dc-e094b2c8c02a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/1332", "content": "The Hacker News\nHackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites\n\nA high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites.\nThe findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with the names wpsupp\u2011user ", "creation_timestamp": "2024-05-08T11:50:28.000000Z"}, {"uuid": "4ddef747-61f1-487d-b394-ac635bfe74db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "https://t.me/KomunitiSiber/1555", "content": "WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk\nhttps://thehackernews.com/2024/02/wordpress-litespeed-plugin.html\n\nA security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges.\nTracked as\u00a0CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1.\n\"This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user", "creation_timestamp": "2024-02-27T17:17:50.000000Z"}, {"uuid": "cb08d27b-b2c4-4cc8-92c8-8143e25b9da9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/455346", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"CVE-2023-40000: \u043f\u043b\u0430\u0433\u0438\u043d \u043a\u0430\u043a \u043f\u0443\u0442\u044c \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"28 Feb 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-02-28T11:59:49.000000Z"}, {"uuid": "cbe039b7-c253-42db-b104-48f84d5e8711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40008", "type": "seen", "source": "https://t.me/cibsecurity/71706", "content": "\u203c CVE-2023-40008 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <=\u00c2\u00a02.3.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T16:23:31.000000Z"}, {"uuid": "8c1cacb3-9e07-47e3-ad0a-7e6ce1923fd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lz5apsdsw72d", "content": "", "creation_timestamp": "2025-09-18T21:02:26.811919Z"}, {"uuid": "1ed7fd7d-ca20-40a9-bcc8-c2bf56ede8fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "Telegram/jot1ndvT4ag7S7NsEuzdzlwgkmFTLkOG5AaSvTZswYbjfQ0", "content": "", "creation_timestamp": "2024-05-08T10:33:56.000000Z"}, {"uuid": "52506e93-1f64-4d0f-8b54-e9d9ab081644", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40007", "type": "seen", "source": "https://t.me/cibsecurity/69973", "content": "\u203c CVE-2023-40007 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ujwol Bastakoti CT Commerce plugin <=\u00c2\u00a02.0.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T12:17:58.000000Z"}, {"uuid": "dbf6ae5a-082a-45ae-be2a-3774cd5676ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/KomunitiSiber/1908", "content": "Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites\nhttps://thehackernews.com/2024/05/hackers-exploiting-litespeed-cache-bug.html\n\nA high-severity flaw impacting\u00a0the LiteSpeed Cache plugin for WordPress\u00a0is being actively exploited by threat actors\u00a0to create rogue admin accounts on susceptible websites.\nThe\u00a0findings\u00a0come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3)\u00a0has\u00a0been leveraged\u00a0to set up bogus admin users with the names\u00a0wpsupp\u2011user\u00a0", "creation_timestamp": "2024-05-08T10:40:26.000000Z"}, {"uuid": "5cef5830-6aef-4e88-bf6d-c513524433c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/true_secator/5717", "content": "WPScan \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u043d\u0430 \u0441\u0430\u0439\u0442\u044b WordPress \u0441 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 LiteSpeed Cache, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0435 \u0443\u0447\u0435\u0442\u043a\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u0445.\n\nLiteSpeed Cache (LS Cache) - \u044d\u0442\u043e \u043f\u043b\u0430\u0433\u0438\u043d \u043a\u0435\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043f\u043e\u0447\u0442\u0438 \u043d\u0430 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u0445 \u0441\u0430\u0439\u0442\u043e\u0438\u0445 WordPress, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u043a\u043e\u0440\u0435\u043d\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0432 \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0432\u044b\u0434\u0430\u0447\u0435 Google.\n\n\u0423\u0441\u0438\u043b\u0438\u0432\u0448\u0430\u044f\u0441\u044f \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0425SS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 CVSS: 8,8, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2023-40000.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0441\u0442\u0430\u0440\u0448\u0435 5.7.0.1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 WPScan \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 1,2 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 \u043b\u0438\u0448\u044c \u0441 \u043e\u0434\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 94[.]102[.]51[.]144.\n\nWPScan \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 JavaScript, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u044b\u0439 \u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b WordPress \u0438\u043b\u0438 \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0441 \u0438\u043c\u0435\u043d\u0430\u043c\u0438 \u00abwpsupp\u2011user\u00bb \u0438\u043b\u0438 \u00abwp\u2011configuser\u00bb.\n\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u043c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0441\u0442\u0440\u043e\u043a\u0438 eval(atob(Strings.fromCharCode \u0432 \u043e\u043f\u0446\u0438\u0438 litespeed.admin_display.messages \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 LiteSpeed Cache \u043f\u0435\u0440\u0435\u0448\u043b\u0430 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u0434\u043e 1 835 000 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e.", "creation_timestamp": "2024-05-08T17:39:07.000000Z"}, {"uuid": "e56e3eb4-97e1-4228-af45-fa852ab57a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "published-proof-of-concept", "source": "Telegram/SGal_yYcMWAdzGSTllDTrAI0mxDa_YY1b8y-pb58dw8u3QY", "content": "", "creation_timestamp": "2025-10-02T06:29:44.000000Z"}, {"uuid": "70a2dabd-6485-4fec-a862-77844b3a8bfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/EterSec/69602", "content": "Bom dia. Se voc\u00ea que acompanha nosso chat do canal do Telegram gere algum site institucional de servi\u00e7os essenciais usando WordPress e usar o plugin LiteSpeed Cache, atualize para a vers\u00e3o mais recente o mais r\u00e1pido poss\u00edvel para se proteger do exploit da\u00a0 https://nvd.nist.gov/vuln/detail/CVE-2023-40000\n\nA falha tem sido bastante explorada, e como sabemos que tem alguns lamens de primeira qualidade fingindo ser hackers para espalhar homofobia e \u00f3dio em atos de terrorismo estamos alertando.\n\nAnonymous apontando uma falha cr\u00edtica para as pessoas se protegerem? Sim. Anonymous n\u00e3o s\u00e3o terroristas e criminosos, somos ativistas e atuamos em nome do povo.\n\nCaso voc\u00ea que nos acompanha seja admin de algum sistema que foi comprometido por criminosos como os que citei, ou se ainda n\u00e3o foi alvo mas gostaria de saber se est\u00e1 protegido o suficiente, entre em contato conosco e podemos te ajudar. \nServi\u00e7os essenciais para o povo devem ser mantidos. \n\nN\u00f3s somos EterSec.\nN\u00f3s somos Anonymous. \nN\u00f3s somos uma legi\u00e3o. \nN\u00f3s n\u00e3o esquecemos. \nN\u00f3s n\u00e3o perdoamos. \nEsperem por n\u00f3s.", "creation_timestamp": "2024-05-08T11:06:10.000000Z"}, {"uuid": "8e2c31a9-de61-4c77-ad6d-0af132b22c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "exploited", "source": "https://t.me/EterSec/544", "content": "Bom dia. Se voc\u00ea que acompanha nosso chat do canal do Telegram gere algum site institucional de servi\u00e7os essenciais usando WordPress e usar o plugin LiteSpeed Cache, atualize para a vers\u00e3o mais recente o mais r\u00e1pido poss\u00edvel para se proteger do exploit da\u00a0 https://nvd.nist.gov/vuln/detail/CVE-2023-40000\n\nA falha tem sido bastante explorada, e como sabemos que tem alguns lamens de primeira qualidade fingindo ser hackers para espalhar homofobia e \u00f3dio em atos de terrorismo estamos alertando.\n\nAnonymous apontando uma falha cr\u00edtica para as pessoas se protegerem? Sim. Anonymous n\u00e3o s\u00e3o terroristas e criminosos, somos ativistas e atuamos em nome do povo.\n\nCaso voc\u00ea que nos acompanha seja admin de algum sistema que foi comprometido por criminosos como os que citei, ou se ainda n\u00e3o foi alvo mas gostaria de saber se est\u00e1 protegido o suficiente, entre em contato conosco e podemos te ajudar. \nServi\u00e7os essenciais para o povo devem ser mantidos. \n\nN\u00f3s somos EterSec.\nN\u00f3s somos Anonymous. \nN\u00f3s somos uma legi\u00e3o. \nN\u00f3s n\u00e3o esquecemos. \nN\u00f3s n\u00e3o perdoamos. \nEsperem por n\u00f3s.", "creation_timestamp": "2024-05-08T11:06:10.000000Z"}, {"uuid": "08a2d692-b335-4fa3-b73f-b47269892077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40000", "type": "seen", "source": "https://t.me/true_secator/5463", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Patchstack \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-40000, \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0434\u043b\u044f WordPress.\n\nLiteSpeed Cache - \u044d\u0442\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u043a\u0435\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 WordPress \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430\u043c\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a.\n\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 WordPress, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u0432\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u043e\u0434\u0438\u043d HTTP-\u0437\u0430\u043f\u0440\u043e\u0441.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e update_cdn_status \u0438 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0430 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u043a\u043e\u0434, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0435, \u043d\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043e\u0447\u0438\u0441\u0442\u043a\u0443 \u0438 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u044b\u0432\u043e\u0434\u0430, \u0447\u0442\u043e \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0447\u0435\u0442\u0430\u0435\u0442\u0441\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a REST API \u0438\u0437 \u043f\u043b\u0430\u0433\u0438\u043d\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f HTML \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438\u0437 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0442\u0435\u043b\u0430 POST \u0434\u043b\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u0440\u0435\u0448\u0438\u0442\u044c, \u043e\u0447\u0438\u0441\u0442\u0438\u0432 \u0432\u0432\u043e\u0434 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0440\u0435\u0437 esc_html \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u043c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0435.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043b \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 update_cdn_status, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0445\u0435\u0448\u0430, \u0447\u0442\u043e\u0431\u044b \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 5.7.0.1, \u043f\u0440\u0438 \u0442\u043e\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f 6.1 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 5 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2024 \u0433\u043e\u0434\u0430.", "creation_timestamp": "2024-02-28T13:10:05.000000Z"}, {"uuid": "d8299ee6-d5fb-4ab8-8e63-72fbaf93146c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4000", "type": "seen", "source": "https://t.me/cibsecurity/69526", "content": "\u203c CVE-2023-4000 \u203c\n\nThe Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to create and delete countdowns, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T12:13:05.000000Z"}]}