Oceanwp: >> Oceanwp >> 1.2.6 Security Vulnerabilities
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-09-05