CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Cvelist•added 2026/04/07 8:57 a.m.•18 views

CVE-2026-34903 WordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ocean Extra: from n/a through 2.5.3...

5.4CVSS0.00015EPSS

Exploits0References1

CNNVD•added 2025/08/30 12:0 a.m.•1 views

WordPress plugin Ocean Extra 跨站脚本漏洞

WordPress Ocean Extra plugin is a free plugin for the WordPress platform, designed for the OceanWP theme, aiming to enhance the website building experience by adding extra functionality and flexibility. A cross-site scripting vulnerability exists in the WordPress Ocean Extra plugin, which stems...

6.4CVSS6AI score0.00066EPSS

Exploits0References6

Cvelist•added 2025/06/06 11:32 a.m.•11 views

CVE-2025-49068 WordPress Ocean Extra plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oceanwp Ocean Extra ocean-extra allows Stored XSS.This issue affects Ocean Extra: from n/a through = 2.4.8...

6.5CVSS0.00143EPSS

Exploits0References1

Patchstack•added 2025/04/22 2:5 a.m.•8 views

WordPress Ocean Extra plugin <= 2.4.6 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Ocean Extra versions = 2.4.6...

9.8CVSS8.4AI score0.13741EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/06/11 12:0 a.m.•10 views

WordPress Ocean Extra Plugin <= 2.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5531 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3783e8eb79e7 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.0031EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/04/09 2:48 a.m.•2 views

WordPress Ocean Extra plugin <= 2.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Ocean Extra versions = 2.2.6...

6.4CVSS5.7AI score0.00256EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/04/09 12:0 a.m.•10 views

WordPress Ocean Extra Plugin <= 2.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.6 Fixed in 2.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3167 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d97829d0efb6 Credits wesley wcraft Required...

6.4CVSS5.7AI score0.00256EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/02/19 12:0 a.m.•12 views

WordPress Ocean Extra Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8ae0faeadd73 Credits Webbernaut Required privileg...

6.4CVSS6AI score0.00196EPSS

Exploits0References3Affected Software1

OpenVAS•added 2023/12/21 12:0 a.m.•11 views

WordPress Ocean Extra Plugin < 2.2.3 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oceanwp:oceanextra"; if description...

8.8CVSS7AI score0.00059EPSS

Exploits0References1

Patchstack•added 2023/11/29 12:0 a.m.•10 views

WordPress Ocean Extra Plugin <= 2.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49164 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b19c0811bb18 Credits Dave Jong Patchstack...

8.8CVSS6.6AI score0.00059EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/07/18 12:0 a.m.•4 views

WordPress Ocean Extra Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 792bbca27504 Credits Rafie Muhammad Patchstack Required...

6.8AI score

Exploits0References3Affected Software1

CNNVD•added 2023/03/13 12:0 a.m.•2 views

WordPress Plugin Ocean Extra 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.5CVSS7AI score0.00426EPSS

Exploits2References2

Patchstack•added 2023/02/02 12:0 a.m.•7 views

WordPress Ocean Extra Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23891 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 64d559e2d891 Credits Rafshanzani Suhada Required...

5.5CVSS6AI score0.00181EPSS

Exploits1References2Affected Software1

Patchstack•added 2022/02/28 12:0 a.m.•10 views

WordPress Ocean Extra plugin < 1.9.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Ocean Extra plugin versions 1.9.4. Solution Update the WordPress Ocean Extra plugin to the latest available version at least 1.9.4...

4.1AI score

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by