Ocean Extra

Ocean Extra Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-37489 | WordPress Plugin Vulnerability Report

By Your WP Guy / Jul 4, 2024

Plugin Name: Ocean Extra Key Information: Software Type: Plugin Software Slug: ocean-extra Software Status: Active Software Author: oceanwp Software Downloads: 21,640,506 Active Installs: 600,000 Last Updated: July 26, 2024 Patched Versions: 2.3.0 Affected Versions: <= 2.2.9 Vulnerability Details: Name: Ocean Extra <= 2.2.9 Type: Authenticated (Contributor+) Stored Cross-Site Scripting CVE: CVE-2024-37489 CVSS Score: 6.4 Publicly…

Read More

Ocean Extra Vulnerability- Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1277 | WordPress Plugin Vulnerability Report 

By Your WP Guy / Feb 16, 2024

Plugin Name: Ocean Extra Key Information: Software Type: Plugin Software Slug: ocean-extra Software Status: Active Software Author: oceanwp Software Downloads: 20,016,876 Active Installs: 700,000 Last Updated: February 27, 2024 Patched Versions: 2.2.5 Affected Versions: <= 2.2.4 Vulnerability Details: Name: Ocean Extra <= 2.2.4 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2024-1277 CVSS Score:…

Read More

WordPress Plugin Vulnerability Report – Ocean Extra – Cross-Site Request Forgery to Arbitrary Plugin Activation

By Your WP Guy / Nov 28, 2023

Plugin Name: Ocean Extra Key Information: Software Type: Plugin Software Slug: ocean-extra Software Status: Active Software Author: oceanwp Software Downloads: 19,047,434 Active Installs: 700,000 Last Updated: November 28, 2023 Patched Versions: 2.2.3 Affected Versions: <= 2.2.2 Vulnerability Details: Name: Ocean Extra <= 2.2.2 – Cross-Site Request Forgery to Arbitrary Plugin Activation Title: Cross-Site Request Forgery to Arbitrary Plugin Activation Type: Cross-Site Request Forgery (CSRF) CVSS Score: 4.3 (Medium)…

Read More