{"vulnerability": "CVE-2023-3279", "sightings": [{"uuid": "e2ea001d-7261-4d0e-8752-ffa7f4fe19c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32798", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646460087658928", "content": "", "creation_timestamp": "2024-12-13T16:29:23.205970Z"}, {"uuid": "06db2fd2-1ef7-493d-804f-fc83a22ca1dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32795", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12347", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32795\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3.\n\n\n\ud83d\udccf Published: 2023-12-28T10:43:07.088Z\n\ud83d\udccf Modified: 2025-04-17T20:28:44.262Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/vulnerability/woocommerce-product-addons/wordpress-woocommerce-product-add-ons-plugin-6-1-3-authenticated-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-17T20:58:13.000000Z"}, {"uuid": "04d90363-4d6e-434f-8a00-279ff7041042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32792", "type": "seen", "source": "https://t.me/cibsecurity/71492", "content": "\u203c CVE-2023-32792 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T16:41:17.000000Z"}, {"uuid": "a7d715d2-e1d8-4d42-8fd3-35acb6544e61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3279", "type": "seen", "source": "https://t.me/cibsecurity/72352", "content": "\u203c CVE-2023-3279 \u203c\n\nThe WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T00:32:20.000000Z"}, {"uuid": "fda91686-e39e-41bf-8b6c-c64b70b1694f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32795", "type": "seen", "source": "https://t.me/ctinow/170583", "content": "https://ift.tt/SW3609Y\nCVE-2023-32795 | WooCommerce Product Add-Ons Plugin up to 6.1.3 on WordPress deserialization", "creation_timestamp": "2024-01-20T10:41:36.000000Z"}, {"uuid": "d51105e4-100a-459f-912c-841e51b93531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32795", "type": "seen", "source": "https://t.me/ctinow/160011", "content": "https://ift.tt/qSEXYoR\nCVE-2023-32795", "creation_timestamp": "2023-12-28T12:26:41.000000Z"}, {"uuid": "a6e3acf4-98ec-4f16-b86c-4cac22fd5ae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32793", "type": "seen", "source": "https://t.me/cibsecurity/69426", "content": "\u203c CVE-2023-32793 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin <=\u00c2\u00a02.0.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T16:12:27.000000Z"}]}