CVE-2026-48885 WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in HollerBox = 2.3.10.1 versions...

CVE-2026-48885

CVE-2026-48885 concerns a Cross-Site Scripting (XSS) vulnerability in the WordPress HollerBox plugin for versions ≤ 2.3.10.1. The issue is described as unauthenticated XSS. The PatchStack entry assigns a CVSS v3.1 base score of 7.1 (HIGH), with network attack vector, no privileges required, user ...