Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
CVE-2022-27861
Unauth. Open Redirect vulnerability in Arscode Ninja Popups plugin <= 4.7.5 versions.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-08-10
CVE-2022-44629
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin <= 2.0.0 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-08-10
CVE-2023-23826
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arsham Mirshah Add Posts to Pages plugin <= 1.4.1 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-10
CVE-2023-31209
Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.
CVSS Score
8.8
EPSS Score
0.006
Published
2023-08-10
CVE-2023-26309
A remote code execution vulnerability in the webview component of OnePlus Store app.
CVSS Score
7.4
EPSS Score
0.01
Published
2023-08-10
CVE-2023-4276
The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-08-10
CVE-2023-4277
The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-08-10
CVE-2023-30696
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-10
CVE-2023-30697
An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-10
CVE-2023-30698
Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved