{"vulnerability": "CVE-2022-3794", "sightings": [{"uuid": "c9964d3a-b725-4eeb-821e-ca14b61b63c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3794", "type": "seen", "source": "https://t.me/cibsecurity/55200", "content": "\u203c CVE-2022-3794 \u203c\n\nThe Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX actions in versions up to, and including, 2.5.6. Authenticated users can use an easily available nonce value to create header templates and make additional changes to the site, as the plugin does not use capability checks for this purpose.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T00:14:05.000000Z"}, {"uuid": "4e1e8ae5-e02f-4c18-89b0-659ba2f7da52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37940", "type": "seen", "source": "https://t.me/cibsecurity/60431", "content": "\u203c CVE-2022-37940 \u203c\n\nPotential security vulnerabilities have been identified in the HPE FlexFabric 5700 Switch Series. These vulnerabilities could be remotely exploited to allow host header injection and URL redirection. HPE has made the following software to resolve the vulnerability in HPE FlexFabric 5700 Switch Series version R2432P61 or later.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T11:48:12.000000Z"}]}