cleantalk
Vulnerabilities and Security Researches

OceanWP, CVE-2023-23700

CVE, Research URL

CVE-2023-23700

Home page URL

Security reports for OceanWP

Application

OceanWP

Published on
May 17, 2024
Research Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OceanWP allows PHP Local File Inclusion.This issue affects OceanWP: from n/a through 3.4.1.
Affected versions
Min -, max 3.4.2.
Status
vulnerable
Previous vulnerability researches
OceanWP (CVE-2024-2476) , Jun 10, 2024
OceanWP (CVE-2023-23700) , Jun 10, 2024
OceanWP (CVE-2025-5524) , Jul 02, 2025
Oceanwp sticky header (CVE-2022-35730) , Jun 07, 2024
New vulnerability
Off-Canvas Sidebars & Menus (Slidebars) (CVE-2025-49290) , Jul 03, 2025
Accept Stripe Payments Using Contact Form 7 (CVE-2025-53309) , Jul 03, 2025
Opal Estate Pro – Property Management and Submission (CVE-2025-6934) , Jul 03, 2025
TM Replace Howdy (CVE-2025-49972) , Jul 03, 2025
VG WORT METIS (CVE-2025-50039) , Jul 03, 2025