Lucene search
HistoryMar 30, 2023 - 12:15 p.m.
CVE-2023-24399
cve-2023-24399
oceanwp
ocean extra
xss
vulnerability
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
0.001 Low
EPSS
Percentile
21.2%
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in OceanWP Ocean Extra plugin <=Β 2.1.2 versions.
Affected configurations
Node
oceanwpocean_extraRangeβ€2.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oceanwp | ocean_extra | * | cpe:2.3:a:oceanwp:ocean_extra:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ocean-extra",
"product": "Ocean Extra",
"vendor": "OceanWP",
"versions": [
{
"changes": [
{
"at": "2.1.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.1.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-24399
2023-03-30 12:15:07
prion
prion
Cross site scripting
2023-03-30 12:15:00
cvelist
cvelist
wordfence
wordfence
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
0.001 Low
EPSS
Percentile
21.2%
Related for CVE-2023-24399