Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:57 p.m.8 views

CVE-2022-3374

The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import intentionally or not a malicious Customizer Styling file and a suitable gadget chain is present on the blog...

7.2CVSS6.7AI score0.01126EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.8 views

CVE-2022-3374 Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection

The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import intentionally or not a malicious Customizer Styling file and a suitable gadget chain is present on the blog...

7AI score0.01126EPSS
Exploits2References1
CVE
CVE
added 2022/10/31 12:0 a.m.111 views

CVE-2022-3374

CVE-2022-3374 affects the WordPress Ocean Extra plugin prior to version 2.0.5. The issue is insecure deserialization: when importing a malicious Customizer Styling file, the plugin may unserialize the import content, potentially enabling PHP object injections if a high-privilege user imports such...

7.2CVSS6.9AI score0.01126EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/10/31 12:0 a.m.22 views

CVE-2022-3374 Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection

The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import intentionally or not a malicious Customizer Styling file and a suitable gadget chain is present on the blog...

7.1AI score0.01126EPSS
Exploits2References1
Rows per page
Query Builder