Medium severity4.3NVD Advisory· Published Sep 5, 2025· Updated Jun 17, 2026
CVE-2025-8944
CVE-2025-8944
Description
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- OceanWP/OceanWP WordPress themedescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/cf77b7f2-525b-4fe8-b612-185a1c18c197/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.