OceanWP

OceanWP

Developer

4.1.5

Latest version

500,000

Downloads

16/02/2026

Last updated

WordPress Theme

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

6 patched

2 Mitigation rules

Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
<= 3.6.0
31/12/2025
Subscriber+ Limited Option Update vulnerability
< 4.1.2
05/09/2025
WordPress OceanWP plugin <= 4.0.9 - 4.1.1 - Cross-Site Request Forgery to Ocean Extra Plugin Installation vulnerability
4.0.9 - 4.1.1
12/08/2025
Stored Cross-Site Scripting via Select HTML Tag vulnerability
<= 4.0.9
19/06/2025
Missing Authorization to Sensitive Information Exposure via Limited Local File Inclusion vulnerability
<= 3.5.4
29/03/2024
Authenticated Local File Inclusion vulnerability
<= 3.4.1
27/02/2023