Vulners
Lucene search
2 matches found
CVE-2026-1071
The Carta Online plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.13.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...
4.4CVSS5.9AI score0.00193EPSS
Exploits0References1
CVE-2026-1071
creationtimestamp| type| source ---|---|--- 2026-03-07 09:53:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mghkmpxojd27...
4.4CVSS5.8AI score0.00193EPSS
Exploits0References1
20