CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Patchstack•added 2026/03/23 6:18 p.m.•3 views

WordPress Go Night Pro | WordPress Dark Mode Plugin plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'margin' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'margin' Shortcode Attribute vulnerability discovered by zaim in WordPress Plugin Go Night Pro versions = 1.1.0...

6.4CVSS5.8AI score0.00048EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/21 3:26 a.m.•25 views

CVE-2026-1886 Go Night Pro | WordPress Dark Mode Plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'margin' Shortcode Attribute

The Go Night Pro | WordPress Dark Mode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'go-night-pro-shortcode' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on the user-supplied 'margin'...

6.4CVSS0.00048EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by