Vulnerabilities

CVE-2025-8944

by Fred · 05/09/2025

The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting.

More information : https://wpscan.com/vulnerability/cf77b7f2-525b-4fe8-b612-185a1c18c197/

Similar

Tags: Cybersecurity Alert