Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-26532
Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes Social Auto Poster plugin <= 2.1.4 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-11-22
CVE-2023-26535
Cross-Site Request Forgery (CSRF) vulnerability in WPPOOL Sheets To WP Table Live Sync plugin <= 2.12.15 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-11-22
CVE-2023-27442
Cross-Site Request Forgery (CSRF) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.29.2 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-11-22
CVE-2023-27444
Cross-Site Request Forgery (CSRF) vulnerability in Pierre Lannoy / PerfOps One DecaLog plugin <= 3.7.0 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-11-22
CVE-2023-27446
Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.1.4 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-11-22
CVE-2023-27451
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0.2 versions.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-11-22
CVE-2023-43081
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-11-22
CVE-2023-28749
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-11-22
CVE-2023-3103
Authentication bypass vulnerability, the exploitation of which could allow a local attacker to perform a Man-in-the-Middle (MITM) attack on the robot's camera video stream. In addition, if a MITM attack is carried out, it is possible to consume the robot's resources, which could lead to a denial-of-service (DOS) condition.
CVSS Score
8.0
EPSS Score
0.0
Published
2023-11-22
CVE-2023-3104
Lack of authentication vulnerability. An unauthenticated local user is able to see through the cameras using the web server due to the lack of any form of authentication.
CVSS Score
5.7
EPSS Score
0.002
Published
2023-11-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved