π¨ CVE-2026-50260
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root.
π@cveNotify
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root.
π@cveNotify
π¨ CVE-2026-50261
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X server runs as root.
π@cveNotify
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X server runs as root.
π@cveNotify
π¨ CVE-2026-50262
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default.
π@cveNotify
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default.
π@cveNotify
π¨ CVE-2026-50263
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.
π@cveNotify
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.
π@cveNotify
π¨ CVE-2026-50264
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for privilege escalation if the X server runs as root.
π@cveNotify
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for privilege escalation if the X server runs as root.
π@cveNotify
π¨ CVE-2026-13150
Server-Side Request Forgery (SSRF) (CWE-918) in the PDF generation endpoint GET /api/reports/{id}/pdf (backend/main.py) in ccyl13 Pentestify 1.0.0 and lower allows remote attackers to make the server issue requests to arbitrary internal or external URLs, including cloud metadata services, and return the rendered content in the resulting PDF via a crafted Host header, because the target URL is built from request.base_url without validation.
π@cveNotify
Server-Side Request Forgery (SSRF) (CWE-918) in the PDF generation endpoint GET /api/reports/{id}/pdf (backend/main.py) in ccyl13 Pentestify 1.0.0 and lower allows remote attackers to make the server issue requests to arbitrary internal or external URLs, including cloud metadata services, and return the rendered content in the resulting PDF via a crafted Host header, because the target URL is built from request.base_url without validation.
π@cveNotify
GitHub
fix: validate image sources to prevent SSRF and stored XSS (v1.1.0) Β· ccyl13/Pentestify@a058a22
Client logos (client_logo) and finding evidence (images) accepted
arbitrary strings. A remote URL in those fields was fetched server-side
by the headless browser while generating the PDF (SSRF -&am...
arbitrary strings. A remote URL in those fields was fetched server-side
by the headless browser while generating the PDF (SSRF -&am...
π¨ CVE-2026-56274
Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions for chatflows, can configure a malicious MCP server to bypass the validateCommandFlags blocklist (for example, 'docker build' is not blocked, and 'npx --yes' is not blocked while only '-y' is) and the validateArgsForLocalFileAccess checks, resulting in execution of arbitrary commands on the Flowise host.
π@cveNotify
Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions for chatflows, can configure a malicious MCP server to bypass the validateCommandFlags blocklist (for example, 'docker build' is not blocked, and 'npx --yes' is not blocked while only '-y' is) and the validateArgsForLocalFileAccess checks, resulting in execution of arbitrary commands on the Flowise host.
π@cveNotify
GitHub
Flowise MCP Security Bypass Enables RCE
## Summary
There are three bypass methods for the security limitations of the Flowise MCP feature, and attackers can execute arbitrary commands by combining these three methods
## Details
...
There are three bypass methods for the security limitations of the Flowise MCP feature, and attackers can execute arbitrary commands by combining these three methods
## Details
...
π¨ CVE-2026-56762
Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() functions, allowing invalid characters such as control characters (e.g. \r or \n) when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie header values. In modern runtimes such as Node.js and Cloudflare Workers, such invalid header values are rejected and cause a runtime error before the response is sent, so header injection or response splitting could not be reproduced; the issue primarily affects correctness and robustness, resulting in runtime errors (availability) rather than confirmed header injection.
π@cveNotify
Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() functions, allowing invalid characters such as control characters (e.g. \r or \n) when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie header values. In modern runtimes such as Node.js and Cloudflare Workers, such invalid header values are rejected and cause a runtime error before the response is sent, so header injection or response splitting could not be reproduced; the issue primarily affects correctness and robustness, resulting in runtime errors (availability) rather than confirmed header injection.
π@cveNotify
GitHub
Missing validation of cookie name on write path in setCookie()
## Summary
Cookie names are not validated on the write path when using `setCookie()`, `serialize()`, or `serializeSigned()` to generate Set-Cookie headers.
While certain cookie attributes suc...
Cookie names are not validated on the write path when using `setCookie()`, `serialize()`, or `serializeSigned()` to generate Set-Cookie headers.
While certain cookie attributes suc...
π¨ CVE-2026-54762
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported nginx.ingress.kubernetes.io/auth-type and auth-secret annotations, but the referenced auth Secret cannot be resolved or parsed, Traefik logs the resolution error, skips installing the authentication middleware, and still emits a router to the backend service. A route that operators intended to protect is therefore published to the data plane without its authentication control, allowing unauthenticated access to the backend. The trigger is an invalid or unresolved auth dependency β a missing, malformed, unreadable, or policy-denied Secret β rather than an intentionally unprotected route. This vulnerability is fixed in 3.7.5.
π@cveNotify
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported nginx.ingress.kubernetes.io/auth-type and auth-secret annotations, but the referenced auth Secret cannot be resolved or parsed, Traefik logs the resolution error, skips installing the authentication middleware, and still emits a router to the backend service. A route that operators intended to protect is therefore published to the data plane without its authentication control, allowing unauthenticated access to the backend. The trigger is an invalid or unresolved auth dependency β a missing, malformed, unreadable, or policy-denied Secret β rather than an intentionally unprotected route. This vulnerability is fixed in 3.7.5.
π@cveNotify
GitHub
Release v3.7.5 Β· traefik/traefik
CVE fixed:
CVE-2026-54761 (Advisory GHSA-3g6v-2r68-prfc)
CVE-2026-54762 (Advisory GHSA-4mr2-fg2p-w63c)
Bug fixes:
[k8s/ingress-nginx] Skip ingress when auth-secret resolution fails (#13323 @gndz...
CVE-2026-54761 (Advisory GHSA-3g6v-2r68-prfc)
CVE-2026-54762 (Advisory GHSA-4mr2-fg2p-w63c)
Bug fixes:
[k8s/ingress-nginx] Skip ingress when auth-secret resolution fails (#13323 @gndz...
π¨ CVE-2026-11820
Module: plugins/modules/nexmo.py
CVSS 3.1: 6.5 MEDIUM β AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: api_key and api_secret are declared no_log=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all no_log protection.
Vulnerable Code (lines 82-93):
msg = {
"api_key": module.params.get("api_key"),
"api_secret": module.params.get("api_secret"),
"from": module.params.get("src"),
"text": module.params.get("msg"),
}
url = f"{NEXMO_API}?{urlencode(msg)}"
response, info = fetch_url(module, url, headers=headers)
Observed Output:
https://rest.nexmo.com/sms/json?api_key=a1b2c3d4&api_secret=MyS3cr3tK3y!!&from=AnsibleBot&to=15551234567&text=Hello
Exposure Vectors:
Ansible verbose output (-vvv) logs the full request URL
Vonage/Nexmo server access logs record credentials in query string
HTTP proxies, SIEM, and network inspection tools capture the full URL
AWX/Automation Controller network debug logs
Fix: Switch to POST with credentials in the request body:
data = urlencode({"api_key": api_key, "api_secret": api_secret,
"from": src, "to": number, "text": msg})
fetch_url(module, NEXMO_API, data=data, method="POST",
headers={"Content-Type": "application/x-www-form-urlencoded"})
π@cveNotify
Module: plugins/modules/nexmo.py
CVSS 3.1: 6.5 MEDIUM β AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Issue: api_key and api_secret are declared no_log=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all no_log protection.
Vulnerable Code (lines 82-93):
msg = {
"api_key": module.params.get("api_key"),
"api_secret": module.params.get("api_secret"),
"from": module.params.get("src"),
"text": module.params.get("msg"),
}
url = f"{NEXMO_API}?{urlencode(msg)}"
response, info = fetch_url(module, url, headers=headers)
Observed Output:
https://rest.nexmo.com/sms/json?api_key=a1b2c3d4&api_secret=MyS3cr3tK3y!!&from=AnsibleBot&to=15551234567&text=Hello
Exposure Vectors:
Ansible verbose output (-vvv) logs the full request URL
Vonage/Nexmo server access logs record credentials in query string
HTTP proxies, SIEM, and network inspection tools capture the full URL
AWX/Automation Controller network debug logs
Fix: Switch to POST with credentials in the request body:
data = urlencode({"api_key": api_key, "api_secret": api_secret,
"from": src, "to": number, "text": msg})
fetch_url(module, NEXMO_API, data=data, method="POST",
headers={"Content-Type": "application/x-www-form-urlencoded"})
π@cveNotify
π¨ CVE-2026-46548
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins (Slack, Discord, Mattermost, Teams) because httpAgent / httpsAgent were passed as part of the request body rather than the axios config. An authenticated user with hook-creation permission could direct outbound POST requests to arbitrary internal hosts. This vulnerability is fixed in 2026.04.1.
π@cveNotify
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the request-filtering-agent SSRF protection was non-functional in the four notification webhook plugins (Slack, Discord, Mattermost, Teams) because httpAgent / httpsAgent were passed as part of the request body rather than the axios config. An authenticated user with hook-creation permission could direct outbound POST requests to arbitrary internal hosts. This vulnerability is fixed in 2026.04.1.
π@cveNotify
GitHub
SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams)
### Summary
The `request-filtering-agent` SSRF protection was non-functional in the four notification webhook plugins (Slack, Discord, Mattermost, Teams) because `httpAgent` / `httpsAgent` were pa...
The `request-filtering-agent` SSRF protection was non-functional in the four notification webhook plugins (Slack, Discord, Mattermost, Teams) because `httpAgent` / `httpsAgent` were pa...
π¨ CVE-2026-46554
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache. The auth middleware therefore continued to accept the deleted token until the cache entry aged out, leaving a deletion-to-revocation window of up to three days. This vulnerability is fixed in 2026.04.4.
π@cveNotify
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache. The auth middleware therefore continued to accept the deleted token until the cache entry aged out, leaving a deletion-to-revocation window of up to three days. This vulnerability is fixed in 2026.04.4.
π@cveNotify
GitHub
Stale Auth Cache After API Token Deletion
### Summary
Deleted API tokens continued to authenticate requests until their cache entry expired,
because the auth cache was not invalidated by token value at deletion time.
### Details
The API t...
Deleted API tokens continued to authenticate requests until their cache entry expired,
because the auth cache was not invalidated by token value at deletion time.
### Details
The API t...
π¨ CVE-2026-47380
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, sign-in response timing differed between known and unknown email addresses because the unknown-user branch returned without performing a password hash comparison. This vulnerability is fixed in 2026.04.1.
π@cveNotify
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, sign-in response timing differed between known and unknown email addresses because the unknown-user branch returned without performing a password hash comparison. This vulnerability is fixed in 2026.04.1.
π@cveNotify
GitHub
User Enumeration via Sign-In Timing
### Summary
Sign-in response timing differed between known and unknown email addresses because
the unknown-user branch returned without performing a password hash comparison.
### Details
The unkno...
Sign-in response timing differed between known and unknown email addresses because
the unknown-user branch returned without performing a password hash comparison.
### Details
The unkno...
π¨ CVE-2026-47384
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific knex.raw() aggregations that interpolate the request's column_name directly into the SQL string. Column lookup in data-table.service.ts matches on both the sanitized column_name field and the free-text title, so a title containing a SQL fragment bypasses the public endpoint's existing column allowlist and reaches the query builder unescaped. This vulnerability is fixed in 2026.05.1.
π@cveNotify
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific knex.raw() aggregations that interpolate the request's column_name directly into the SQL string. Column lookup in data-table.service.ts matches on both the sanitized column_name field and the free-text title, so a title containing a SQL fragment bypasses the public endpoint's existing column allowlist and reaches the query builder unescaped. This vulnerability is fixed in 2026.05.1.
π@cveNotify
GitHub
SQL Injection via Column Title in Bulk GroupBy
### Summary
An authenticated user with column-create permission can inject SQL into the bulk groupBy
endpoint by setting a column's title to a SQL fragment.
### Details
The bulk groupBy path i...
An authenticated user with column-create permission can inject SQL into the bulk groupBy
endpoint by setting a column's title to a SQL fragment.
### Details
The bulk groupBy path i...
π¨ CVE-2026-53927
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint (axiosRequestMake) accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16, allowing the cloud-metadata endpoint to be reached with a crafted URL This vulnerability is fixed in 2026.05.1.
π@cveNotify
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint (axiosRequestMake) accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16, allowing the cloud-metadata endpoint to be reached with a crafted URL This vulnerability is fixed in 2026.05.1.
π@cveNotify
GitHub
Server-Side Request Forgery via Spreadsheet Fetch URL
### Summary
The spreadsheet-fetch endpoint (`axiosRequestMake`) accepted URLs whose path
contained a permitted extension anywhere in the string, and applied a hand-rolled
regex blocklist that om...
The spreadsheet-fetch endpoint (`axiosRequestMake`) accepted URLs whose path
contained a permitted extension anywhere in the string, and applied a hand-rolled
regex blocklist that om...
π¨ CVE-2026-54515
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual(), per-property @JsonIgnoreProperties exclusions are applied by _handleByNameInclusion(), producing a contextual deserializer whose BeanPropertyMap has the ignored properties removed. The subsequent per-property case-insensitivity block (triggered by @JsonFormat(ACCEPT_CASE_INSENSITIVE_PROPERTIES)) rebuilds from this._beanProperties (the original, unfiltered map) instead of contextual._beanProperties, then overwrites the filtered map β restoring every property _handleByNameInclusion had just removed. The ignored property becomes writable again. This vulnerability is fixed in 2.18.9, 2.21.5, and 3.1.4.
π@cveNotify
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual(), per-property @JsonIgnoreProperties exclusions are applied by _handleByNameInclusion(), producing a contextual deserializer whose BeanPropertyMap has the ignored properties removed. The subsequent per-property case-insensitivity block (triggered by @JsonFormat(ACCEPT_CASE_INSENSITIVE_PROPERTIES)) rebuilds from this._beanProperties (the original, unfiltered map) instead of contextual._beanProperties, then overwrites the filtered map β restoring every property _handleByNameInclusion had just removed. The ignored property becomes writable again. This vulnerability is fixed in 2.18.9, 2.21.5, and 3.1.4.
π@cveNotify
GitHub
Fix #5962: Case-insensitive deserialization may use wrong `@JsonIgnor⦠· FasterXML/jackson-databind@0e1b0b2
β¦eProperties` (#5964)
π¨ CVE-2026-11972
When using the "tarfile" module with a file opened in "streaming mode" (mode="r|") the tarfile module did not properly handle EOF, meaning an archive could be parsed in an infinite loop.
π@cveNotify
When using the "tarfile" module with a file opened in "streaming mode" (mode="r|") the tarfile module did not properly handle EOF, meaning an archive could be parsed in an infinite loop.
π@cveNotify
GitHub
[3.13] gh-151981: Make tarfile._Stream.seek break at EOF (GH-151982) β¦ Β· python/cpython@3f031d4
β¦(#151993)
(cherry picked from commit f50bf13566189c8d0ce5a814f33eff3d89951896)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Stan Ulbrych <stan@python.org>
(cherry picked from commit f50bf13566189c8d0ce5a814f33eff3d89951896)
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Stan Ulbrych <stan@python.org>
π¨ CVE-2026-54588
Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An unauthenticated attacker can poison the `redirect_uri` sent to the Identity Provider, causing the IdP to redirect the victim's authorization code to an attacker-controlled server - resulting in full account takeover with no credentials required. Versions 4.2.4 and 4.3.3 patch the issue.
π@cveNotify
Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An unauthenticated attacker can poison the `redirect_uri` sent to the Identity Provider, causing the IdP to redirect the victim's authorization code to an attacker-controlled server - resulting in full account takeover with no credentials required. Versions 4.2.4 and 4.3.3 patch the issue.
π@cveNotify
GitHub
Release v4.2.4 Β· poweradmin/poweradmin
β¨ Highlights
Patch release for the stable 4.2.x line. Focus is authentication callback-URL hardening, API-mode and permission scoping, and record, template and search fixes.
π Fixes
Authentication
...
Patch release for the stable 4.2.x line. Focus is authentication callback-URL hardening, API-mode and permission scoping, and record, template and search fixes.
π Fixes
Authentication
...
π¨ CVE-2026-9539
An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments (e.g., QEMU) allows a privileged guest VM attacker (root or CAP_NET_RAW) to leak gigabytes of sensitive host-process heap memory via sending crafted TCP segments with manipulated URG flags and urgent pointers (ti_urp).
π@cveNotify
An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments (e.g., QEMU) allows a privileged guest VM attacker (root or CAP_NET_RAW) to leak gigabytes of sensitive host-process heap memory via sending crafted TCP segments with manipulated URG flags and urgent pointers (ti_urp).
π@cveNotify
GitLab
oob: cap urgent data count to what is actually available (927bca73) Β· Commits Β· slirp / libslirp Β· GitLab
so_urgc is provided by the guest sender, so can arbitrary and beyond what we actually have. Worse, this can lead to an sb_cc integer underflow leading to leaking gigabytes of...
π¨ CVE-2026-10092
The Cincopa video and media plug-in plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cincopa Shortcode in Post Comments in all versions up to, and including, 1.163 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation is possible because the plugin processes the [cincopa] shortcode via a comment_text filter hook, allowing unauthenticated visitors who can post comments to supply a malicious shortcode argument that persists in the database.
π@cveNotify
The Cincopa video and media plug-in plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cincopa Shortcode in Post Comments in all versions up to, and including, 1.163 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation is possible because the plugin processes the [cincopa] shortcode via a comment_text filter hook, allowing unauthenticated visitors who can post comments to supply a malicious shortcode argument that persists in the database.
π@cveNotify
π¨ CVE-2026-10531
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks.
π@cveNotify
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks.
π@cveNotify
WPScan
AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute
See details on AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute CVE 2026-10531. View the latest Plugin Vulnerabilities on WPScan.