Lucene search
PatchstackCVELIST:CVE-2023-23700HistoryMay 17, 2024 - 6:30 a.m.
CVE-2023-23700 WordPress OceanWP theme <= 3.4.1 - Authenticated Local File Inclusion vulnerability
2024-05-1706:30:56
CWE-22
Patchstack
www.cve.org
4
wordpress
oceanwp
authenticated
path traversal
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
EPSS
0
Percentile
10.5%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in OceanWP allows PHP Local File Inclusion.This issue affects OceanWP: from n/a through 3.4.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/themes/",
"defaultStatus": "unaffected",
"packageName": "oceanwp",
"product": "OceanWP",
"vendor": "OceanWP",
"versions": [
{
"changes": [
{
"at": "3.4.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.4.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-23700
2024-05-17 07:15:48
vulnrichment
vulnrichment
cve
cve
CVE-2023-23700
2024-05-17 07:15:48
wordfence
wordfence
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
EPSS
0
Percentile
10.5%
Related for CVELIST:CVE-2023-23700