ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Ocean Extra plugin <= 1.5.8 - Unauthenticated CSS injection vulnerability

Product
Ocean Extra
Description
Unauthenticated CSS injection vulnerability found by Jerome Bruandet in WordPress Ocean Extra plugin (versions <= 1.5.8).
Solution
Update the WordPress Ocean Extra plugin to the latest available version (at least 1.5.9).
Classification
Type Unknown
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.5.8
Fixed In 1.5.9
Disclosure date
2019-07-04
Credits
Jerome Bruandet
Submitter
ThreatPress