WordPress Ocean Extra plugin <= 2.4.6 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Ocean Extra versions = 2.4.6...

WordPress Ocean Extra Plugin <= 2.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5531 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3783e8eb79e7 Credits wesley wcraft Required...

WordPress Ocean Extra Plugin <= 2.2.6 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.6 Fixed in 2.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3167 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d97829d0efb6 Credits wesley wcraft Required...

WordPress Ocean Extra Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1277 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8ae0faeadd73 Credits Webbernaut Required privileg...

WordPress Ocean Extra Plugin <= 2.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.2 Fixed in 2.2.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49164 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b19c0811bb18 Credits Dave Jong Patchstack...

WordPress Ocean Extra Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 792bbca27504 Credits Rafie Muhammad Patchstack Required...

WordPress Ocean Extra Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23891 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID 64d559e2d891 Credits Rafshanzani Suhada Required...