2 matches found
CVE-2026-2602
creationtimestamp| type| source ---|---|--- 2026-03-30 01:09:34+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116315453803152963 2026-03-31 21:56:04+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mif66ct5rl2j...
CVE-2026-2602
The CVE-2026-2602 entry concerns the Twentig WordPress plugin. A stored XSS flaw exists in the featuredImageSizeWidth parameter for versions up to 1.9.7 due to insufficient input sanitization and output escaping. Authenticated users with Contributor-level access or higher can inject arbitrary scr...