CVE-2023-23700

Name of the Vulnerable Software and Affected Versions OceanWP versions 3.4.1 and earlier

Description The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, which allows PHP Local File Inclusion in OceanWP. This vulnerability exposes sites to local file inclusion via path traversal.

Recommendations For OceanWP versions 3.4.1 and earlier, update to a version later than 3.4.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.