Lucene search
+L

5 matches found

NVD
NVD
added 2026/07/10 5:16 a.m.11 views

CVE-2026-15298

The TelSender plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting in all versions up to, and including, 1.14.14. This is due to insufficient input sanitization when processing Telegram API responses containing attacker-controlled chat titles. This makes it possible for...

7.2CVSS0.00314EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/10 4:31 a.m.7 views

EUVD-2026-42805

The TelSender plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting in all versions up to, and including, 1.14.14. This is due to insufficient input sanitization when processing Telegram API responses containing attacker-controlled chat titles. This makes it possible for...

7.2CVSS6AI score0.00314EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/10 4:31 a.m.30 views

CVE-2026-15298 TelSender <= 1.14.14 - Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title

The TelSender plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting in all versions up to, and including, 1.14.14. This is due to insufficient input sanitization when processing Telegram API responses containing attacker-controlled chat titles. This makes it possible for...

7.2CVSS0.00314EPSS
Exploits0References8
CVE
CVE
added 2026/07/10 4:31 a.m.13 views

CVE-2026-15298

The TelSender WordPress plugin (

7.2CVSS6AI score0.00314EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:31 a.m.9 views

CVE-2026-15298

The TelSender plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting in all versions up to, and including, 1.14.14. This is due to insufficient input sanitization when processing Telegram API responses containing attacker-controlled chat titles. This makes it possible for...

7.2CVSS6AI score0.00314EPSS
Exploits0References9
Rows per page
Query Builder