Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:37 p.m.11 views

CVE-2020-36760

The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to missing or incorrect nonce validation on the addcoreextensionsbundlevalidation function. This makes it possible for unauthenticated attackers to validate...

4.3CVSS6.5AI score0.005EPSS
Exploits1References1
Circl
Circl
added 2023/07/12 12:35 p.m.8 views

CVE-2020-36760

creationtimestamp| type| source ---|---|--- 2023-07-12 12:35:47+00:00| seen| https://t.me/cibsecurity/66479...

4.3CVSS4.7AI score0.005EPSS
Exploits1References1
CVE
CVE
added 2023/07/12 7:21 a.m.33 views

CVE-2020-36760

CVE-2020-36760 affects the Ocean Extra plugin for WordPress (versions up to 1.6.5). The root cause is missing or incorrect nonce validation in the add_core_extensions_bundle_validation() function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to validate extension bun...

4.3CVSS4.2AI score0.005EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2023/07/12 7:21 a.m.20 views

CVE-2020-36760 Ocean Extra <=1.6.5 - Cross-Site Request Forgery Bypass

The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.5. This is due to missing or incorrect nonce validation on the addcoreextensionsbundlevalidation function. This makes it possible for unauthenticated attackers to validate...

4.3CVSS4.3AI score0.005EPSS
Exploits1References9
Rows per page
Query Builder