Ocean Extra

Input validation vulnerability in Ocean Extra 2.2.9

A plugin called "Ocean Extra" for WordPress has a security issue that allows attackers to add harmful code to webpages. This can happen on versions up to 2.2.9, and can only be done by someone with s...

Input validation vulnerability in Ocean Extra 2.2.8

The Ocean Extra plugin for WordPress has a security issue called Stored Cross-Site Scripting. This happens when the Flickr widget is used in versions 2.2.8 and below because it doesn't properly clean...

Input validation vulnerability in Ocean Extra 2.2.6

The Ocean Extra plugin for WordPress has a security issue where attackers can insert harmful code into certain pages. This can happen if the attacker has contributor-level permissions or higher and t...

Input validation vulnerability in Ocean Extra 2.2.4

The plugin "Ocean Extra" for WordPress has a security issue. This can allow attackers, who have a certain level of access, to insert harmful code into web pages. This can happen in all versions up to...

Input validation vulnerability in Ocean Extra 2.2.2

The Ocean Extra plugin for WordPress is vulnerable to a type of security attack called Cross-Site Request Forgery. All versions of the plugin up to and including 2.2.2 have this vulnerability. This i...

Input validation vulnerability in Ocean Extra 1.6.6

The Ocean Extra plugin for WordPress has a security vulnerability in versions 1.6.5 and earlier. This vulnerability allows unauthenticated attackers to validate extension bundles through a fake reque...

Input validation vulnerability in Freemius SDK 2.5.9 (1072 components affected)

The Freemius SDK for WordPress is vulnerable to an attack known as Reflected Cross-Site Scripting. This attack is possible because of insufficient security measures in versions of the Freemius SDK up ...

Authentication vulnerability in Ocean Extra 1.5.8

The Ocean Extra plugin for WordPress

Input validation vulnerability in Ocean Extra 2.1.1

Output validation vulnerability in Ocean Extra 2.0.4

The Ocean Extra plugin for WordPress has a vulnerability that could let attackers with administrator-level access to inject a harmful object. This vulnerability affects all versions of the plugin up t...

Input validation vulnerability in Ocean Extra 1.9.5

Input validation vulnerability in Ocean Extra 2.1.2

The Ocean Extra plugin for WordPress has a security vulnerability that could allow malicious attackers with contributor level permissions or higher to inject harmful code into pages. This code will be...

Access violation vulnerability in Ocean Extra 2.1.2

The Ocean Extra plugin for WordPress has a security issue in versions up to 2.1.2. This means that people with certain permissions can see content from posts that are not yet published

Input validation vulnerability in 68 different plugins

Around 70 different plugins and themes had a security issue that could let someone else do something on the website without permission. The problem was that the system that was meant to stop this fro...

Access violation vulnerability in Freemius SDK (620 components affected)

Freemius, a software development kit used by hundreds of WordPress plugin and theme developers, had a security vulnerability in its older versions (up to and including 2.4.2). This vulnerability could...