CVE-2025-49068Cross-site Scripting in Ocean Extra

CWE-79Cross-site Scripting3 documents3 sources
Severity
N/A
No vector
EPSS
0.2%
top 60.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oceanwp Ocean Extra
Timeline
PublishedJun 6

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oceanwp Ocean Extra ocean-extra allows Stored XSS.This issue affects Ocean Extra: from n/a through <= 2.4.8.

Affected Packages1 packages

CVEListV5oceanwp/ocean_extra2.4.8

🔴Vulnerability Details

2
GHSA
GHSA-432v-2h2g-hp33: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OceanWP Ocean Extra allows Stored XSS2025-06-06
CVEList
WordPress Ocean Extra plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability2025-06-06
CVE-2025-49068 — Cross-site Scripting in Ocean Extra | cvebase