<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-18T18:21:45.432613+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/24e04943-8ecb-439c-a28f-2da47a7da8ed/export</id>
    <title>24e04943-8ecb-439c-a28f-2da47a7da8ed</title>
    <updated>2026-07-18T18:21:45.455095+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "24e04943-8ecb-439c-a28f-2da47a7da8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/cyberwarehouse/251", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2026-07-18T00:00:29.143204Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/24e04943-8ecb-439c-a28f-2da47a7da8ed/export"/>
    <published>2026-07-18T00:00:29.143204+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4b4d04a2-6b34-4e36-aa01-593d8213b5ba/export</id>
    <title>4b4d04a2-6b34-4e36-aa01-593d8213b5ba</title>
    <updated>2026-07-18T18:21:45.457121+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4b4d04a2-6b34-4e36-aa01-593d8213b5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "seen", "source": "https://t.me/cyberwarehouse/251", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2026-07-17T12:00:07.806170Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4b4d04a2-6b34-4e36-aa01-593d8213b5ba/export"/>
    <published>2026-07-17T12:00:07.806170+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/aff189c5-f01e-49f8-b107-b5833cd9d10f/export</id>
    <title>aff189c5-f01e-49f8-b107-b5833cd9d10f</title>
    <updated>2026-07-18T18:21:45.457281+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "aff189c5-f01e-49f8-b107-b5833cd9d10f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2389", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2024-08-16T08:59:48.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/aff189c5-f01e-49f8-b107-b5833cd9d10f/export"/>
    <published>2024-08-16T08:59:48+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/68957dda-98b6-4974-aba6-c738b8800ed0/export</id>
    <title>68957dda-98b6-4974-aba6-c738b8800ed0</title>
    <updated>2026-07-18T18:21:45.457418+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "68957dda-98b6-4974-aba6-c738b8800ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9698", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2024-01-01T18:14:00.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/68957dda-98b6-4974-aba6-c738b8800ed0/export"/>
    <published>2024-01-01T18:14:00+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6bd09de3-83bb-48fb-b53a-1a0f5accc39e/export</id>
    <title>6bd09de3-83bb-48fb-b53a-1a0f5accc39e</title>
    <updated>2026-07-18T18:21:45.457547+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6bd09de3-83bb-48fb-b53a-1a0f5accc39e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "seen", "source": "https://t.me/arpsyndicate/2301", "content": "#ExploitObserverAlert\n\nCVE-2023-2744\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2744. The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.\n\nFIRST-EPSS: 0.000790000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2024-01-01T05:59:02.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6bd09de3-83bb-48fb-b53a-1a0f5accc39e/export"/>
    <published>2024-01-01T05:59:02+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d6347c5f-729a-40d2-a2dc-cbffdcb98c21/export</id>
    <title>d6347c5f-729a-40d2-a2dc-cbffdcb98c21</title>
    <updated>2026-07-18T18:21:45.457675+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d6347c5f-729a-40d2-a2dc-cbffdcb98c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6345", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass CVE-2023-2744\nURL\uff1ahttps://github.com/pashayogi/CVE-2023-2744\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-31T07:29:21.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d6347c5f-729a-40d2-a2dc-cbffdcb98c21/export"/>
    <published>2023-12-31T07:29:21+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7161e2be-08e6-49de-9920-1278a29de9f6/export</id>
    <title>7161e2be-08e6-49de-9920-1278a29de9f6</title>
    <updated>2026-07-18T18:21:45.457810+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7161e2be-08e6-49de-9920-1278a29de9f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27447", "type": "seen", "source": "https://t.me/ctinow/160009", "content": "https://ift.tt/AeNOREz\nCVE-2023-27447", "creation_timestamp": "2023-12-28T12:26:39.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7161e2be-08e6-49de-9920-1278a29de9f6/export"/>
    <published>2023-12-28T12:26:39+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/41dc131a-3cd6-4d67-bd84-cd3d436afcac/export</id>
    <title>41dc131a-3cd6-4d67-bd84-cd3d436afcac</title>
    <updated>2026-07-18T18:21:45.457929+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "41dc131a-3cd6-4d67-bd84-cd3d436afcac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27448", "type": "seen", "source": "https://t.me/cibsecurity/71707", "content": "\u203c CVE-2023-27448 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin &amp;lt;=\u00c2\u00a02.8.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T16:26:32.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/41dc131a-3cd6-4d67-bd84-cd3d436afcac/export"/>
    <published>2023-10-06T16:26:32+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6061d491-6653-42e4-9ed7-ee591138919b/export</id>
    <title>6061d491-6653-42e4-9ed7-ee591138919b</title>
    <updated>2026-07-18T18:21:45.458053+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6061d491-6653-42e4-9ed7-ee591138919b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27443", "type": "seen", "source": "https://t.me/cibsecurity/65384", "content": "\u203c CVE-2023-27443 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin &amp;lt;=\u00c2\u00a02.9.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-21T16:26:17.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6061d491-6653-42e4-9ed7-ee591138919b/export"/>
    <published>2023-06-21T16:26:17+00:00</published>
  </entry>
</feed>
