Lucene search
WPScanCVELIST:CVE-2022-3374HistoryOct 31, 2022 - 12:00 a.m.
CVE-2022-3374 Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection
2022-10-3100:00:00
CWE-502
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
42.9%
The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import (intentionally or not) a malicious Customizer Styling file and a suitable gadget chain is present on the blog.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Ocean Extra",
"versions": [
{
"version": "2.0.5",
"status": "affected",
"lessThan": "2.0.5",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-3374
2022-10-31 16:15:11
wpexploit
wpexploit
Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection
2022-10-10 00:00:00
cve
cve
CVE-2022-3374
2022-10-31 16:15:11
openvas
openvas
WordPress Ocean Extra Plugin < 2.0.5 PHP Objection Injection Vulnerability
2022-11-07 00:00:00
Fedora: Security Advisory for xen (FEDORA-2022-c4ec706488)
2022-07-14 00:00:00
patchstack
patchstack
wpvulndb
wpvulndb
Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection
2022-10-10 00:00:00
prion
prion
Design/Logic Flaw
2022-10-31 16:15:00
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-5.fc36
2022-07-13 02:00:48
[SECURITY] Fedora 35 Update: xen-4.15.3-2.fc35
2022-07-23 02:27:29