Lucene search
K

4 matches found

Nuclei
Nuclei
added yesterday24 views

Ocean Extra <= 2.4.6 - Unauthenticated Shortcode Execution

The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to supply arbitrary shortcodes in the contentrechdata parameter that is then executed. This makes it possible for...

9.8CVSS7.3AI score0.01717EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/26 12:47 a.m.10 views

CVE-2025-3472

The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

9.8CVSS7.7AI score0.01717EPSS
Exploits0References1
Circl
Circl
added 2025/04/22 12:3 p.m.7 views

CVE-2025-3472

creationtimestamp| type| source ---|---|--- 2025-04-22 12:03:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12836 2025-04-22 15:05:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnfxbow6vu2y 2025-04-22 16:43:55+00:00| seen|...

9.8CVSS8.7AI score0.01717EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/22 11:12 a.m.15 views

CVE-2025-3472 Ocean Extra <= 2.4.6 - Unauthenticated Arbitrary Shortcode Execution

The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

6.5CVSS0.01717EPSS
Exploits0References3
Rows per page
Query Builder