MEDIUM
OceanWP
CVE published 2026-06-18
CVE-2026-56007
CVE-2026-56007 is a Stored Cross-Site Scripting (XSS) vulnerability in the Ocean Product Sharing plugin for WordPress. The vulnerability exists from version n/a through 2.2.2. A medium-severity issue, with a CVSS score of 5.9, it requires high privileges to exploit but can lead to unauthorized code execution. Users interacting with the affected plugin could be tricked into executing malicious scripts. Thi [truncated]