4 matches found
CVE-2023-23891
creationtimestamp| type| source ---|---|--- 2023-04-06 18:27:08+00:00| seen| https://t.me/cibsecurity/61559...
CVE-2023-23891
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in OceanWP Ocean Extra plugin = 2.1.1 versions. Needs the OceanWP theme installed and activated...
CVE-2023-23891
The CVE-2023-23891 entry concerns the WordPress Ocean Extra plugin (OceanWP) with a Stored XSS vulnerability in versions ≤ 2.1.1 when the OceanWP theme is installed and activated. The root cause is an input handling/shortcode context that permits script injection by authenticated contributors. Af...
WordPress Ocean Extra Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)
Software Ocean Extra Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23891 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 64d559e2d891 Credits Rafshanzani Suhada Required...