High severity7.5NVD Advisory· Published Sep 11, 2019· Updated Jun 17, 2026
CVE-2019-16250
CVE-2019-16250
Description
includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.
Affected products
2- WordPress/Ocean Extra plugindescription
Patches
Vulnerability mechanics
References
1- blog.nintechnet.com/settings-change-and-css-injection-in-wordpress-ocean-extra-plugin/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.