Lucene search
PatchstackCVELIST:CVE-2023-23700HistoryMay 17, 2024 - 6:30 a.m.
CVE-2023-23700 WordPress OceanWP theme <= 3.4.1 - Authenticated Local File Inclusion vulnerability
2024-05-1706:30:56
CWE-22
Patchstack
www.cve.org
wordpress
oceanwp
authenticated
path traversal
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
0.0004 Low
EPSS
Percentile
10.5%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in OceanWP allows PHP Local File Inclusion.This issue affects OceanWP: from n/a through 3.4.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/themes/",
"defaultStatus": "unaffected",
"packageName": "oceanwp",
"product": "OceanWP",
"vendor": "OceanWP",
"versions": [
{
"changes": [
{
"at": "3.4.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.4.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-23700
2024-05-17 07:15:48
vulnrichment
vulnrichment
cve
cve
CVE-2023-23700
2024-05-17 07:15:48
wordfence
wordfence
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
0.0004 Low
EPSS
Percentile
10.5%
Related for CVELIST:CVE-2023-23700