CVE-2026-15292
The Sudoku Shortcode plugin for WordPress is affected by CVE-2026-15292: Stored Cross-Site Scripting via the background parameter in the sudoku-sc shortcode, in all versions up to and including 1.0.0. Exploitation requires authenticated access at Contributor level or higher, enabling an attacker ...