{"vulnerability": "CVE-2023-4560", "sightings": [{"uuid": "2dbb3440-6712-4d87-9ab4-83d14f5a4770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5423", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2023-45603 - Wordpress/plugin/user-submitted-posts < Unauthenticated Arbitrary File Upload/Exploit \nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-45603-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-15T02:07:21.000000Z"}, {"uuid": "d80cb44f-54d8-43db-b5da-dd72b6e3175e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "seen", "source": "https://t.me/arpsyndicate/2099", "content": "#ExploitObserverAlert\n\nCVE-2023-45603\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-45603. Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts \u2013 Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts \u2013 Enable Users to Submit Posts from the Front End: from n/a through 20230902.", "creation_timestamp": "2023-12-23T07:06:20.000000Z"}, {"uuid": "59ca326f-5cf7-4e24-8a5e-7c7a41568674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "published-proof-of-concept", "source": "Telegram/e1jBY8d-TZilbf704qwO1meu75u_SREecdwBEDG4-zk_cg", "content": "", "creation_timestamp": "2023-10-24T19:46:01.000000Z"}, {"uuid": "8119df77-1f92-4aa7-8496-f88a24ecde1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45602", "type": "seen", "source": "https://t.me/cibsecurity/72529", "content": "\u203c CVE-2023-45602 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <=\u00c2\u00a05.785 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T18:33:50.000000Z"}, {"uuid": "839c3a46-1c70-4be1-949b-338b9a855daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45604", "type": "seen", "source": "https://t.me/cibsecurity/72526", "content": "\u203c CVE-2023-45604 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Scott Reilly Get Custom Field Values plugin <=\u00c2\u00a04.0.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T18:33:46.000000Z"}, {"uuid": "2d6e44c2-1a10-4e00-8696-5d8c266bf4e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45607", "type": "seen", "source": "https://t.me/cibsecurity/72524", "content": "\u203c CVE-2023-45607 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Hector Cabrera WordPress Popular Posts plugin <=\u00c2\u00a06.3.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T18:33:43.000000Z"}, {"uuid": "1260bb3f-5283-42f0-ad3f-559865d3f125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45608", "type": "seen", "source": "https://t.me/cibsecurity/72522", "content": "\u203c CVE-2023-45608 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Nicola Modugno Smart Cookie Kit plugin <=\u00c2\u00a02.3.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T16:33:55.000000Z"}, {"uuid": "ab979d5d-7b05-4d62-8bb5-0a671f7b32ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1245", "content": "CVE-2023-45603 - Wordpress/plugin/user-submitted-posts \n    < Unauthenticated Arbitrary File Upload/Exploit \n     < Webshell Upload", "creation_timestamp": "2023-10-15T03:51:21.000000Z"}, {"uuid": "32488829-623c-4730-8f51-64d3cf6f0112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45600", "type": "seen", "source": "https://t.me/ctinow/200221", "content": "https://ift.tt/3kbPcZH\nCVE-2023-45600", "creation_timestamp": "2024-03-05T13:28:22.000000Z"}, {"uuid": "ddc31bec-18b1-4b5e-ae14-c2751d7ff53d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45609", "type": "seen", "source": "https://t.me/ctinow/157559", "content": "https://ift.tt/zeJ3r01\nCVE-2023-45609 | POWR Contact Form Plugin up to 2.1.0 on WordPress cross site scripting", "creation_timestamp": "2023-12-21T09:41:32.000000Z"}, {"uuid": "ea066423-5737-43ac-abb7-581059c3fa1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45601", "type": "seen", "source": "https://t.me/cibsecurity/71908", "content": "\u203c CVE-2023-45601 \u203c\n\nA vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T14:30:12.000000Z"}, {"uuid": "2bd3b56f-28e7-427d-90b0-5cfc15ead381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "seen", "source": "https://t.me/ctinow/157285", "content": "https://ift.tt/6R5coFf\nCVE-2023-45603", "creation_timestamp": "2023-12-20T20:29:20.000000Z"}, {"uuid": "923e744a-f73d-4ce6-9b15-00ee44c6aca5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "seen", "source": "https://t.me/ctinow/167897", "content": "https://ift.tt/YL5OCBI\nCVE-2023-45603 | Jeff Starr User Submitted Posts Plugin up to 20230902 on WordPress unrestricted upload", "creation_timestamp": "2024-01-13T19:26:47.000000Z"}, {"uuid": "2995de4f-a5bc-43e1-a4eb-89b3fcea18e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4560", "type": "seen", "source": "https://t.me/cibsecurity/69269", "content": "\u203c CVE-2023-4560 \u203c\n\nImproper Authorization of Index Containing Sensitive Information in GitHub repository omeka/omeka-s prior to 4.0.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T07:27:25.000000Z"}, {"uuid": "f16b3c9b-4f69-4867-bb9b-c902412cd590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9208", "content": "#exploit\n1. CVE-2023-2163:\nLinux Kernel: eBPF verifier bug\nhttps://github.com/google/security-research/security/advisories/GHSA-j87x-j6mh-mv8v\n\n2. CVE-2023-41993:\nApple WebKit Code Execution Vulnerability\nhttps://github.com/po6ix/POC-for-CVE-2023-41993\n\n3. CVE-2023-45603:\nWordpress Unauthenticated Arbitrary File Upload/Exploit\nhttps://github.com/codeb0ss/CVE-2023-45603-PoC", "creation_timestamp": "2023-10-16T12:20:37.000000Z"}, {"uuid": "d08df9bd-a67e-4223-b532-63c22b62ec56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45603", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1381", "content": "#exploit\n1. CVE-2023-2163:\nLinux Kernel: eBPF verifier bug\nhttps://github.com/google/security-research/security/advisories/GHSA-j87x-j6mh-mv8v\n\n2. CVE-2023-41993:\nApple WebKit Code Execution Vulnerability\nhttps://github.com/po6ix/POC-for-CVE-2023-41993\n\n3. CVE-2023-45603:\nWordpress Unauthenticated Arbitrary File Upload/Exploit\nhttps://github.com/codeb0ss/CVE-2023-45603-PoC", "creation_timestamp": "2024-08-16T08:33:57.000000Z"}]}