WordPress Ocean Modal Window plugin < 2.3.3 - Editor+ Remote Code Execution vulnerability

Editor+ Remote Code Execution vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin Ocean Modal Window versions 2.3.3...

EUVD-2025-204450

The Ocean Modal Window WordPress plugin before 2.3.3 is vulnerable to Remote Code Execution via the modal display logic. These modals can be displayed under user-controlled conditions that Editors and Administrators can set editpages capability. The conditions are then executed as part of an eval...

CVE-2025-13307 Ocean Modal Window < 2.3.3 - Editor+ Remote Code Execution via Modal Conditions

The Ocean Modal Window WordPress plugin before 2.3.3 is vulnerable to Remote Code Execution via the modal display logic. These modals can be displayed under user-controlled conditions that Editors and Administrators can set editpages capability. The conditions are then executed as part of an eval...

CVE-2025-13307 Ocean Modal Window < 2.3.3 - Editor+ Remote Code Execution via Modal Conditions

The Ocean Modal Window WordPress plugin before 2.3.3 is vulnerable to Remote Code Execution via the modal display logic. These modals can be displayed under user-controlled conditions that Editors and Administrators can set editpages capability. The conditions are then executed as part of an eval...

CVE-2025-13307

CVE-2025-13307 affects the Ocean Modal Window WordPress plugin (versions before 2.3.3). The vulnerability arises from modal display logic that can be triggered by user-controlled conditions set by Editors/Administrators (edit_pages capability). These conditions are evaluated in an eval statement ...

PT-2025-52413

Name of the Vulnerable Software and Affected Versions Ocean Modal Window WordPress plugin versions prior to 2.3.3 Description The Ocean Modal Window WordPress plugin is affected by a Remote Code Execution issue. The issue is related to the modal display logic, where user-controlled conditions set...

WordPress plugin Ocean Modal Window 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...