{"vulnerability": "cve-2023-4938", "sightings": [{"uuid": "85017e0e-359d-4133-b8d8-ff67b0ed7e80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49381", "type": "seen", "source": "https://t.me/ctinow/159023", "content": "https://ift.tt/Iq1tcXw\nCVE-2023-49381 | JFinalCMS 5.0.0 /admin/div/update cross-site request forgery", "creation_timestamp": "2023-12-24T14:31:36.000000Z"}, {"uuid": "5b5c2ad1-4af3-4f30-90fc-318cd423eb77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4938", "type": "seen", "source": "https://t.me/cibsecurity/72492", "content": "\u203c CVE-2023-4938 \u203c\n\nThe BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobe_bulkoperations_apply_default_combination function. This makes it possible for authenticated attackers (subscriber or higher) to manipulate products.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T12:46:46.000000Z"}, {"uuid": "36f5de5b-96fc-4137-9846-120bc01deab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49382", "type": "seen", "source": "https://t.me/ctinow/159020", "content": "https://ift.tt/6iRMIBe\nCVE-2023-49382 | JFinalCMS 5.0.0 /admin/div/delete cross-site request forgery", "creation_timestamp": "2023-12-24T13:41:30.000000Z"}, {"uuid": "af0952f5-7065-4087-8cbd-a43bb3e6daaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49383", "type": "seen", "source": "https://t.me/ctinow/159017", "content": "https://ift.tt/e3NBgXI\nCVE-2023-49383 | JFinalCMS 5.0.0 /admin/tag/save cross-site request forgery", "creation_timestamp": "2023-12-24T13:41:26.000000Z"}, {"uuid": "84d377d0-79af-4297-8098-5146617adcab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49380", "type": "seen", "source": "https://t.me/ctinow/159015", "content": "https://ift.tt/UKiIh0N\nCVE-2023-49380 | JFinalCMS 5.0.0 delete cross-site request forgery", "creation_timestamp": "2023-12-24T13:41:24.000000Z"}]}