CVE-2024-3167
published 2024-04-09CVE-2024-3167: The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and including, 2.2.6…
PriorityP430medium6.4CVSS 3.1
AVNACLPRLUINSCCLILAN
EPSS
0.51%
39.5th percentile
The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oceanwp | ocean_extra | < 2.2.7 | 2.2.7 |
| oceanwp | ocean_extra | <= 2.2.6 | — |
CVSS provenance
nvdv3.16.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8673-r45m-47g8: The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and includin
ghsa_unreviewed·2024-04-09
CVE-2024-3167 [MEDIUM] CWE-79 GHSA-8673-r45m-47g8: The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and includin
The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘twitter_username’ parameter in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Red Hat
kernel: f2fs: fix to don't panic system for no free segment fault injection
vendor_redhat·2024-10-21·CVSS 5.5
CVE-2024-49887 [MEDIUM] CWE-755 kernel: f2fs: fix to don't panic system for no free segment fault injection
kernel: f2fs: fix to don't panic system for no free segment fault injection
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to don't panic system for no free segment fault injection
f2fs: fix to don't panic system for no free segment fault injection
syzbot reports a f2fs bug as below:
F2FS-fs (loop0): inject no free segment in get_new_segment of __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167
F2FS-fs (loop0): Stopped filesystem due to reason: 7
------------[ cut here ]------------
kernel BUG at fs/f2fs/segment.c:2748!
CPU: 0 UID: 0 PID: 5109 Comm: syz-executor304 Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0
RIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline]
RIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836
Call Trace:
__all
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/browser/ocean-extra/tags/2.2.6/includes/widgets/social-share.php#L269https://plugins.trac.wordpress.org/changeset/3066649/https://www.wordfence.com/threat-intel/vulnerabilities/id/a292579c-9755-4bd4-996c-23d19ca1c197?source=cvehttps://plugins.trac.wordpress.org/browser/ocean-extra/tags/2.2.6/includes/widgets/social-share.php#L269https://plugins.trac.wordpress.org/changeset/3066649/https://www.wordfence.com/threat-intel/vulnerabilities/id/a292579c-9755-4bd4-996c-23d19ca1c197?source=cve
2024-04-09
Published