{"vulnerability": "CVE-2023-4917", "sightings": [{"uuid": "199795af-1f42-425e-a1ec-a4334781016e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49172", "type": "seen", "source": "https://t.me/ctinow/166368", "content": "https://ift.tt/TEiUCqQ\nCVE-2023-49172 | BrainCert Plugin up to 1.30 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T08:56:58.000000Z"}, {"uuid": "0d11f3c4-aba0-4835-8813-2b5d859c896d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4917", "type": "seen", "source": "https://t.me/arpsyndicate/1710", "content": "#ExploitObserverAlert\n\nCVE-2023-4917\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4917. The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.3 via the 'leyka_ajax_get_env_and_options' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including Sberbank API key and password, PayPal Client Secret, and more keys and passwords.\n\nFIRST-EPSS: 0.000490000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T06:29:18.000000Z"}, {"uuid": "d382305c-a40d-4f2f-b5a6-d61e4cd291aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49171", "type": "seen", "source": "https://t.me/ctinow/166334", "content": "https://ift.tt/BcvEKIU\nCVE-2023-49171 | TheInnovs Innovs HR Plugin up to 1.0.3.4 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T07:51:21.000000Z"}, {"uuid": "eebcab04-2209-4efa-bc0d-37889b445ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49179", "type": "seen", "source": "https://t.me/ctinow/166537", "content": "https://ift.tt/xUzwLGA\nCVE-2023-49179 | N.O.U.S. Open Useful and Simple Event Post Plugin up to 5.8.6 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T14:27:35.000000Z"}, {"uuid": "8e0d70fe-9c42-40d3-ac2e-5de18b59c19f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49175", "type": "seen", "source": "https://t.me/ctinow/166518", "content": "https://ift.tt/YLHw7ZC\nCVE-2023-49175 | Kreativo Pro KP Fastest Tawk.to Chat Plugin up to 1.1.1 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T13:56:47.000000Z"}, {"uuid": "6235cfb5-5e90-4144-a57e-d88046764bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49170", "type": "seen", "source": "https://t.me/ctinow/166516", "content": "https://ift.tt/QKXnGo0\nCVE-2023-49170 | CaptainForm Form Builder Plugin up to 2.5.3 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T13:56:44.000000Z"}, {"uuid": "3c862ae5-7ecc-4ce3-8568-3f01c8ccc37f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49177", "type": "seen", "source": "https://t.me/ctinow/166534", "content": "https://ift.tt/Jr4PNh2\nCVE-2023-49177 | Gilles Dumas Which Template File Plugin up to 4.9.0 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T14:27:32.000000Z"}, {"uuid": "6279c628-e54b-47cc-824f-27f5127cd29d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49174", "type": "seen", "source": "https://t.me/ctinow/166532", "content": "https://ift.tt/2U3vZur\nCVE-2023-49174 | dFactory Responsive Lightbox & Gallery Plugin up to 2.4.5 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T14:27:29.000000Z"}, {"uuid": "44fabcfb-8bd8-4b28-9658-647442195dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49176", "type": "seen", "source": "https://t.me/ctinow/166530", "content": "https://ift.tt/IvikgHt\nCVE-2023-49176 | CodeRevolution WP Pocket URLs Plugin up to 1.0.2 on WordPress cross site scripting", "creation_timestamp": "2024-01-11T14:27:27.000000Z"}]}