Ocean Extra <= 1.5.8 - Unauthenticated Settings change and CSS injection

Affects Plugin

fixed in version 1.5.9

References

CVE 2019-16250
URL https://blog.nintechnet.com/settings-change-and-css-injection-in-wordpress-ocean-extra-plugin/

Classification

Type MULTI

Miscellaneous

Original Researcher Jerome Bruandet
Views 3708
Verified No
WPVDB ID 9422

Timeline

Publicly Published 2019-07-04 (4 months ago)
Added 2019-07-04 (4 months ago)
Last Updated 2019-09-12 (2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin