<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 18 Jul 2026 18:21:47 +0000</lastBuildDate>
    <item>
      <title>24e04943-8ecb-439c-a28f-2da47a7da8ed</title>
      <link>https://vulnerability.circl.lu/sighting/24e04943-8ecb-439c-a28f-2da47a7da8ed/export</link>
      <description>{"uuid": "24e04943-8ecb-439c-a28f-2da47a7da8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/cyberwarehouse/251", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2026-07-18T00:00:29.143204Z"}</description>
      <content:encoded>{"uuid": "24e04943-8ecb-439c-a28f-2da47a7da8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/cyberwarehouse/251", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2026-07-18T00:00:29.143204Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/24e04943-8ecb-439c-a28f-2da47a7da8ed/export</guid>
      <pubDate>Sat, 18 Jul 2026 00:00:29 +0000</pubDate>
    </item>
    <item>
      <title>4b4d04a2-6b34-4e36-aa01-593d8213b5ba</title>
      <link>https://vulnerability.circl.lu/sighting/4b4d04a2-6b34-4e36-aa01-593d8213b5ba/export</link>
      <description>{"uuid": "4b4d04a2-6b34-4e36-aa01-593d8213b5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "seen", "source": "https://t.me/cyberwarehouse/251", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2026-07-17T12:00:07.806170Z"}</description>
      <content:encoded>{"uuid": "4b4d04a2-6b34-4e36-aa01-593d8213b5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "seen", "source": "https://t.me/cyberwarehouse/251", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2026-07-17T12:00:07.806170Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/4b4d04a2-6b34-4e36-aa01-593d8213b5ba/export</guid>
      <pubDate>Fri, 17 Jul 2026 12:00:07 +0000</pubDate>
    </item>
    <item>
      <title>aff189c5-f01e-49f8-b107-b5833cd9d10f</title>
      <link>https://vulnerability.circl.lu/sighting/aff189c5-f01e-49f8-b107-b5833cd9d10f/export</link>
      <description>{"uuid": "aff189c5-f01e-49f8-b107-b5833cd9d10f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2389", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2024-08-16T08:59:48.000000Z"}</description>
      <content:encoded>{"uuid": "aff189c5-f01e-49f8-b107-b5833cd9d10f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2389", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2024-08-16T08:59:48.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aff189c5-f01e-49f8-b107-b5833cd9d10f/export</guid>
      <pubDate>Fri, 16 Aug 2024 08:59:48 +0000</pubDate>
    </item>
    <item>
      <title>68957dda-98b6-4974-aba6-c738b8800ed0</title>
      <link>https://vulnerability.circl.lu/sighting/68957dda-98b6-4974-aba6-c738b8800ed0/export</link>
      <description>{"uuid": "68957dda-98b6-4974-aba6-c738b8800ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9698", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2024-01-01T18:14:00.000000Z"}</description>
      <content:encoded>{"uuid": "68957dda-98b6-4974-aba6-c738b8800ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9698", "content": "#exploit\n1. CVE-2023-2744:\nWP Plugins WP ERP &amp;lt;=1.12.2 - SQL Injection\nhttps://github.com/pashayogi/CVE-2023-2744\n\n2. CVE-2023-35813:\nRCE in Multiple Sitecore products\nhttps://github.com/lexy-1/CVE-2023-35813", "creation_timestamp": "2024-01-01T18:14:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/68957dda-98b6-4974-aba6-c738b8800ed0/export</guid>
      <pubDate>Mon, 01 Jan 2024 18:14:00 +0000</pubDate>
    </item>
    <item>
      <title>6bd09de3-83bb-48fb-b53a-1a0f5accc39e</title>
      <link>https://vulnerability.circl.lu/sighting/6bd09de3-83bb-48fb-b53a-1a0f5accc39e/export</link>
      <description>{"uuid": "6bd09de3-83bb-48fb-b53a-1a0f5accc39e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "seen", "source": "https://t.me/arpsyndicate/2301", "content": "#ExploitObserverAlert\n\nCVE-2023-2744\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2744. The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.\n\nFIRST-EPSS: 0.000790000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2024-01-01T05:59:02.000000Z"}</description>
      <content:encoded>{"uuid": "6bd09de3-83bb-48fb-b53a-1a0f5accc39e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "seen", "source": "https://t.me/arpsyndicate/2301", "content": "#ExploitObserverAlert\n\nCVE-2023-2744\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2744. The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.\n\nFIRST-EPSS: 0.000790000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2024-01-01T05:59:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6bd09de3-83bb-48fb-b53a-1a0f5accc39e/export</guid>
      <pubDate>Mon, 01 Jan 2024 05:59:02 +0000</pubDate>
    </item>
    <item>
      <title>d6347c5f-729a-40d2-a2dc-cbffdcb98c21</title>
      <link>https://vulnerability.circl.lu/sighting/d6347c5f-729a-40d2-a2dc-cbffdcb98c21/export</link>
      <description>{"uuid": "d6347c5f-729a-40d2-a2dc-cbffdcb98c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6345", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass CVE-2023-2744\nURL\uff1ahttps://github.com/pashayogi/CVE-2023-2744\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-31T07:29:21.000000Z"}</description>
      <content:encoded>{"uuid": "d6347c5f-729a-40d2-a2dc-cbffdcb98c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6345", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass CVE-2023-2744\nURL\uff1ahttps://github.com/pashayogi/CVE-2023-2744\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-31T07:29:21.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d6347c5f-729a-40d2-a2dc-cbffdcb98c21/export</guid>
      <pubDate>Sun, 31 Dec 2023 07:29:21 +0000</pubDate>
    </item>
    <item>
      <title>7161e2be-08e6-49de-9920-1278a29de9f6</title>
      <link>https://vulnerability.circl.lu/sighting/7161e2be-08e6-49de-9920-1278a29de9f6/export</link>
      <description>{"uuid": "7161e2be-08e6-49de-9920-1278a29de9f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27447", "type": "seen", "source": "https://t.me/ctinow/160009", "content": "https://ift.tt/AeNOREz\nCVE-2023-27447", "creation_timestamp": "2023-12-28T12:26:39.000000Z"}</description>
      <content:encoded>{"uuid": "7161e2be-08e6-49de-9920-1278a29de9f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27447", "type": "seen", "source": "https://t.me/ctinow/160009", "content": "https://ift.tt/AeNOREz\nCVE-2023-27447", "creation_timestamp": "2023-12-28T12:26:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7161e2be-08e6-49de-9920-1278a29de9f6/export</guid>
      <pubDate>Thu, 28 Dec 2023 12:26:39 +0000</pubDate>
    </item>
    <item>
      <title>41dc131a-3cd6-4d67-bd84-cd3d436afcac</title>
      <link>https://vulnerability.circl.lu/sighting/41dc131a-3cd6-4d67-bd84-cd3d436afcac/export</link>
      <description>{"uuid": "41dc131a-3cd6-4d67-bd84-cd3d436afcac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27448", "type": "seen", "source": "https://t.me/cibsecurity/71707", "content": "\u203c CVE-2023-27448 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin &amp;lt;=\u00c2\u00a02.8.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T16:26:32.000000Z"}</description>
      <content:encoded>{"uuid": "41dc131a-3cd6-4d67-bd84-cd3d436afcac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27448", "type": "seen", "source": "https://t.me/cibsecurity/71707", "content": "\u203c CVE-2023-27448 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin &amp;lt;=\u00c2\u00a02.8.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T16:26:32.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/41dc131a-3cd6-4d67-bd84-cd3d436afcac/export</guid>
      <pubDate>Fri, 06 Oct 2023 16:26:32 +0000</pubDate>
    </item>
    <item>
      <title>6061d491-6653-42e4-9ed7-ee591138919b</title>
      <link>https://vulnerability.circl.lu/sighting/6061d491-6653-42e4-9ed7-ee591138919b/export</link>
      <description>{"uuid": "6061d491-6653-42e4-9ed7-ee591138919b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27443", "type": "seen", "source": "https://t.me/cibsecurity/65384", "content": "\u203c CVE-2023-27443 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin &amp;lt;=\u00c2\u00a02.9.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-21T16:26:17.000000Z"}</description>
      <content:encoded>{"uuid": "6061d491-6653-42e4-9ed7-ee591138919b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27443", "type": "seen", "source": "https://t.me/cibsecurity/65384", "content": "\u203c CVE-2023-27443 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Grant Kimball Simple Vimeo Shortcode plugin &amp;lt;=\u00c2\u00a02.9.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-21T16:26:17.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6061d491-6653-42e4-9ed7-ee591138919b/export</guid>
      <pubDate>Wed, 21 Jun 2023 16:26:17 +0000</pubDate>
    </item>
  </channel>
</rss>
