Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2023
CVE-2023-30484
Cross-Site Request Forgery (CSRF) vulnerability in uPress Enable Accessibility plugin <= 1.4 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-25
CVE-2023-2882
Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-25
CVE-2023-2883
Authorization Bypass Through User-Controlled Key vulnerability in CBOT Chatbot allows Authentication Abuse, Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Score
8.8
EPSS Score
0.0
Published
2023-05-25
CVE-2023-2884
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-05-25
CVE-2023-2885
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-05-25
CVE-2023-2886
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-25
CVE-2023-2887
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
CVSS Score
9.8
EPSS Score
0.0
Published
2023-05-25
CVE-2022-46800
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.
CVSS Score
5.4
EPSS Score
0.0
Published
2023-05-25
CVE-2022-46812
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-25
CVE-2022-46865
Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Bulk Resize Media plugin <= 1.1 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved