CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

NVD•added 2026/06/18 2:17 p.m.•15 views

CVE-2026-56007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OceanWP Ocean Product Sharing allows Stored XSS. This issue affects Ocean Product Sharing: from n/a through 2.2.2...

5.9CVSS0.00143EPSS

Exploits0References1

Cvelist•added 2026/06/18 9:44 a.m.•18 views

CVE-2026-56007 WordPress Ocean Product Sharing plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00143EPSS

Exploits0References1

EUVD•added 2026/06/18 9:44 a.m.•10 views

EUVD-2026-37870

5.9CVSS5.2AI score0.00143EPSS

Exploits0References1

EUVD•added 2026/04/07 9:31 a.m.•3 views

EUVD-2026-19594

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS5.9AI score0.00293EPSS

Exploits0References2

NVD•added 2026/04/07 9:16 a.m.•3 views

CVE-2026-34903

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS0.00293EPSS

Exploits0References1

ATTACKERKB•added 2026/04/07 8:57 a.m.•2 views

CVE-2026-34903

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS5.9AI score0.00293EPSS

Exploits0References2

Patchstack•added 2025/12/31 12:0 a.m.•8 views

WordPress OceanWP theme <= 3.6.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Theme OceanWP versions = 3.6.0...

6.4CVSS5.3AI score0.00292EPSS

Exploits0References1Affected Software1

CNVD•added 2025/11/05 12:0 a.m.•3 views

WordPress Ohio Extra plugin cross-site scripting vulnerability

WordPress Ohio Extra plugin is a free WordPress plugin designed specifically for the OceanWP theme to enhance the theme functionality and improve the site building experience. WordPress Ohio Extra plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of...

6.5CVSS6.2AI score0.00134EPSS

Exploits0References1