cleantalk
Vulnerabilities and Security Researches

Ocean Extra, CVE-2023-23891

CVE, Research URL

CVE-2023-23891

Home page URL

Security reports for Ocean Extra

Application

Ocean Extra

Published on
Apr 06, 2023
Research Description
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in OceanWP Ocean Extra plugin <= 2.1.1 versions. Needs the OceanWP theme installed and activated.
Affected versions
Min -, max 2.1.3.
Status
vulnerable
Previous vulnerability researches
Ocean Extra (CVE-2025-3458) , Apr 29, 2025
Ocean Extra (CVE-2022-4974) , Nov 14, 2024
Ocean Extra (CVE-2025-3457) , Apr 29, 2025
Ocean Extra (CVE-2019-16250) , Jun 07, 2024
Ocean Extra (CVE-2021-25104) , Jun 07, 2024
New vulnerability
Best Contact Management Software for WordPress (CVE-2025-8315) , Aug 06, 2025
oik (CVE-2025-54671) , Aug 06, 2025
StoreKeeper for WooCommerce (CVE-2025-48148) , Aug 06, 2025
Connector for Gravity Forms and Google Sheets (CVE-2025-54681) , Aug 06, 2025
AI Engine , Aug 06, 2025