{"vulnerability": "CVE-2022-4016", "sightings": [{"uuid": "29cc762c-41a6-41f6-8ec1-9d4a6d92c03a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4016", "type": "seen", "source": "https://t.me/cibsecurity/54346", "content": "\u203c CVE-2022-4016 \u203c\n\nThe Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins create and delete arbitrary custom roles via CSRF attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T20:21:10.000000Z"}, {"uuid": "1987d823-d42b-443f-885e-0bc48dbaaec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40161", "type": "seen", "source": "https://t.me/cibsecurity/50929", "content": "\u203c CVE-2022-40161 \u203c\n\nThose using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:23:07.000000Z"}, {"uuid": "147e906d-2e0a-488c-80b8-4861d22ad8d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40160", "type": "seen", "source": "https://t.me/cibsecurity/50897", "content": "\u203c CVE-2022-40160 \u203c\n\nThose using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:16:47.000000Z"}]}