Lucene search
+L

737 matches found

nuclei
nuclei
added yesterday73 views

WordPress Ocean Extra <1.9.5 - Cross-Site Scripting

WordPress Ocean Extra plugin before 1.9.5 contains a cross-site scripting vulnerability. The plugin does not escape generated links which are then used when the OceanWP theme is active. id: CVE-2021-25104 info: name: WordPress Ocean Extra 1.9.5 - Cross-Site Scripting author: Akincibor severity:...

6.1CVSS6.4AI score0.01388EPSS
Exploits2References5
nuclei
nuclei
added yesterday24 views

Ocean Extra <= 2.4.6 - Unauthenticated Shortcode Execution

The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to supply arbitrary shortcodes in the contentrechdata parameter that is then executed. This makes it possible for...

9.8CVSS7.3AI score0.01852EPSS
Exploits0References4
nvd
nvd
added 2026/06/18 2:17 p.m.18 views

CVE-2026-56007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2...

5.9CVSS0.00143EPSS
Exploits0References1
euvd
euvd
added 2026/06/18 9:44 a.m.12 views

EUVD-2026-37870

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2...

5.9CVSS5.2AI score0.00143EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/18 9:44 a.m.21 views

CVE-2026-56007 WordPress Ocean Product Sharing plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2...

5.9CVSS0.00143EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/18 9:44 a.m.7 views

CVE-2026-56007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2...

5.9CVSS5.2AI score0.00143EPSS
Exploits0References2
cve
cve
added 2026/06/18 9:44 a.m.20 views

CVE-2026-56007

CVE-2026-56007 affects WordPress Ocean Product Sharing plugin versions up to and including 2.2.2. The issue is a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation in OceanWP Ocean Product Sharing. The vulnerability impact is limi...

5.9CVSS5.2AI score0.00143EPSS
Exploits0References1
patchstack
patchstack
added 2026/06/18 9:43 a.m.11 views

WordPress Ocean Product Sharing plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Ocean Product Sharing versions = 2.2.2...

5.9CVSS5.2AI score0.00143EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34903

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS5.4AI score0.00293EPSS
Exploits0References1
nessus
nessus
added 2026/05/06 12:0 a.m.15 views

RHCOS 4 : OpenShift Container Platform 4.6.1 (RHSA-2020:4297)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4297 advisory. - jenkins-jira-plugin: plugin information disclosure CVE-2019-16541 - jenkins-2-plugins/mailer: Missing hostname validation in Maile...

9.9CVSS7.4AI score0.0473EPSS
Exploits0References20
patchstack
patchstack
added 2026/05/01 9:31 a.m.9 views

WordPress Ocean Extra plugin <= 2.4.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Ocean Extra versions = 2.4.2...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
vulnersosv
vulnersosv
added 2026/04/29 3:30 p.m.9 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), io.jenkins.blueocean:blueocean (>=1.27.17 <=1.27.25) +8 more potentially affected by CVE-2026-42524 via org.jenkins-ci.plugins:htmlpublisher (>=1.0 <=1.6)

org.jenkins-ci.plugins:htmlpublisher MAVEN version =1.0, =1.9.2-beta, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.0.0, =1.0.18 Source cves: CVE-2026-42524 Source advisory: OSV:GHSA-F8H4-46XV-H7JJ...

8CVSS6AI score0.00281EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/04/29 3:30 p.m.7 views

io.jenkins.blueocean:blueocean (>=1.27.17 <=1.27.25), io.jenkins.blueocean:blueocean-bitbucket-pipeline (>=1.27.17 <=1.27.25) +10 more potentially affected by CVE-2026-42522 via org.jenkins-ci.plugins:github-branch-source (>=1793.v1831e9c68d77 <=1967.vdea_d580c1a_b_a_)

org.jenkins-ci.plugins:github-branch-source MAVEN version =1793.v1831e9c68d77, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =634.v371dc6d978a3, =1.83.v5bff0e55cd2d, =4.204.vf74143795d5f, =611.v70d151e60ec4, =685.v53b070455063 - org.jenkins-ci.plugins:pipeline-github...

4.3CVSS5.4AI score0.00184EPSS
Exploits0
fedora
fedora
added 2026/04/16 11:42 p.m.8 views

[SECURITY] Fedora 44 Update: ocean-sound-theme-6.6.4-1.fc44

Ocean Sound Theme for Plasma...

5.8AI score
Exploits0
euvd
euvd
added 2026/04/07 9:31 a.m.5 views

EUVD-2026-19594

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS5.9AI score0.00293EPSS
Exploits0References2
nvd
nvd
added 2026/04/07 9:16 a.m.5 views

CVE-2026-34903

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS0.00293EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/07 8:57 a.m.2 views

CVE-2026-34903

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS5.9AI score0.00293EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/07 8:57 a.m.22 views

CVE-2026-34903 WordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS0.00293EPSS
Exploits0References1
cve
cve
added 2026/04/07 8:57 a.m.14 views

CVE-2026-34903

The CVE-2026-34903 entry describes a Missing Authorization vulnerability in OceanWP Ocean Extra, affecting Ocean Extra up to version 2.5.3. The issue is categorized as a Broken Access Control with CVSS 3.1 base score 5.4 (Network, Low Privileges Required, No User Interaction, Confidentiality None...

5.4CVSS5.9AI score0.00293EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/04/07 8:57 a.m.2 views

CVE-2026-34903 WordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS5.9AI score0.00293EPSS
Exploits0References1
Rows per page
Query Builder