CVE-2019-16250

Publication date

2019-09-11 22:55:49

Family

mitre

State

PUBLISHED

Description

includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for WordPress allows unauthenticated options changes and injection of a Cascading Style Sheets (CSS) token sequence.