Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.8 views

CVE-2023-0749

The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones...

6.5CVSS6.9AI score0.00654EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/03/15 12:0 a.m.9 views

WordPress Ocean Extra Plugin < 2.1.3 Authentication Bypass Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oceanwp:oceanextra"; ifdescription...

6.5CVSS6.6AI score0.00654EPSS
Exploits2References1
NVD
NVD
added 2023/03/13 5:15 p.m.23 views

CVE-2023-0749

The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones...

6.5CVSS6.5AI score0.00654EPSS
Exploits2References1
CVE
CVE
added 2023/03/13 4:3 p.m.74 views

CVE-2023-0749

The CVE-2023-0749 entry concerns the Ocean Extra WordPress plugin before version 2.1.3. The vulnerability arises because the plugin does not verify that a template loaded via a shortcode is actually a template, allowing any authenticated user (e.g., a subscriber) to retrieve content from arbitrar...

6.5CVSS6.4AI score0.00654EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/02/15 12:0 a.m.10 views

WordPress Ocean Extra Plugin < 2.1.3 is vulnerable to Sensitive Data Exposure

Software Ocean Extra Type Plugin Vulnerable versions 2.1.3 Fixed in 2.1.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0749 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 4139d2fa0b6a Credits Erwan LR WPScan Required...

6.5CVSS6.4AI score0.00654EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder