cleantalk
Vulnerabilities and Security Researches

Ocean Extra, CVE-2019-16250

CVE, Research URL

CVE-2019-16250

Home page URL

Security reports for Ocean Extra

Application

Ocean Extra

Published on
Sep 12, 2019
Research Description
includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.
Affected versions
Min -, max 1.5.9.
Status
vulnerable
Previous vulnerability researches
Ocean Extra (CVE-2025-3458) , Apr 29, 2025
Ocean Extra (CVE-2022-4974) , Nov 14, 2024
Ocean Extra (CVE-2025-3457) , Apr 29, 2025
Ocean Extra (CVE-2019-16250) , Jun 07, 2024
Ocean Extra (CVE-2021-25104) , Jun 07, 2024
New vulnerability
Chartify – WordPress Chart Plugin (CVE-2025-54673) , Aug 05, 2025
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction (CVE-2025-54017) , Aug 05, 2025
Motors – Car Dealer, Classifieds & Listing (CVE-2025-54691) , Aug 05, 2025
Ebook Store (CVE-2025-54702) , Aug 05, 2025
Connect to external APIs | Custom endpoints for WP (CVE-2025-54049) , Aug 05, 2025