cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2352,https://securityvulnerability.io/vulnerability/CVE-2023-2352,Cross-Site Request Forgery Vulnerability in CHP Ads Block Detector Plugin for WordPress,"The CHP Ads Block Detector plugin for WordPress has a vulnerability that allows unauthenticated attackers to exploit Cross-Site Request Forgery due to inadequate nonce validation in the chp_abd_action function. This flaw enables remote attackers to make unauthorized changes to plugin settings if they can convince an administrator to click a malicious link, compromising the integrity of the site.",Wordpress,CHP Ads Block Detector,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2023-08-31T06:15:00.000Z,0
CVE-2023-2353,https://securityvulnerability.io/vulnerability/CVE-2023-2353,Unauthorized Plugin Settings Update in CHP Ads Block Detector for WordPress,"The CHP Ads Block Detector plugin for WordPress has a security flaw that allows subscriber-level attackers to change or reset plugin settings due to a missing capability check in the chp_abd_action function, affecting versions up to and including 3.9.4. This flaw can lead to unauthorized alterations within the plugin, potentially compromising site integrity. A duplicate issue noted as CVE-2023-36509 further emphasizes the significance of this vulnerability.",Wordpress,CHP Ads Block Detector,4.3,MEDIUM,0.0007900000200606883,false,,false,false,false,,false,false,2023-08-31T06:15:00.000Z,0
CVE-2023-2354,https://securityvulnerability.io/vulnerability/CVE-2023-2354,Stored Cross-Site Scripting Vulnerability in CHP Ads Block Detector Plugin for WordPress,"The CHP Ads Block Detector plugin for WordPress has a vulnerability that allows authenticated users with subscriber-level permissions and above to exploit it via an AJAX action. This vulnerability arises from inadequate input sanitization and output escaping in the admin settings. As a result, attackers can inject arbitrary web scripts into pages which are executed whenever a user accesses those pages. Site administrators must ensure they update to the latest version to mitigate this risk.",Wordpress,CHP Ads Block Detector,4.9,MEDIUM,0.0006699999794363976,false,,false,false,false,,false,false,2023-08-31T06:15:00.000Z,0