Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2026/03/26 3:10 p.m.4 views

CVE-2026-1278

The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS5.9AI score0.00195EPSS
Exploits0References1
patchstack
patchstack
added 2026/03/23 7:34 p.m.10 views

WordPress Mandatory Field plugin <= 1.6.8 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Fields vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Settings Fields vulnerability discovered by 0x34rth in WordPress Plugin Mandatory Field versions = 1.6.8...

4.4CVSS5.8AI score0.00195EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2026/03/21 6:30 a.m.4 views

EUVD-2026-14155

The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS5.9AI score0.00195EPSS
Exploits0References6
nvd
nvd
added 2026/03/21 4:16 a.m.5 views

CVE-2026-1278

The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS0.00195EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/03/21 3:27 a.m.2 views

CVE-2026-1278 Mandatory Field <= 1.6.8 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings Fields

The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS5.9AI score0.00195EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/03/21 3:27 a.m.3 views

CVE-2026-1278

The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS5.9AI score0.00195EPSS
Exploits0References6
cve
cve
added 2026/03/21 3:27 a.m.11 views

CVE-2026-1278

The CVE-2026-1278 entry concerns the Mandatory Field plugin for WordPress. A stored cross-site scripting vulnerability exists in admin settings for all versions up to and including 1.6.8, caused by insufficient input sanitization and output escaping. Authenticated attackers with administrator-lev...

4.4CVSS5.9AI score0.00195EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/03/21 12:0 a.m.9 views

WordPress plugin Mandatory Field 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.4CVSS5.7AI score0.00195EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/03/21 12:0 a.m.9 views

PT-2026-26804

The Mandatory Field plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions...

4.4CVSS5.9AI score0.00195EPSS
Exploits0References6
Rows per page
Query Builder