WordPress Webling plugin <= 3.9.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'title' Parameter vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via 'title' Parameter vulnerability discovered by Kate Kligman in WordPress Plugin Webling versions = 3.9.0...

CVE-2026-1263

The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'weblingadminsaveform' and 'weblingadminsavememberlist' functions...

CVE-2026-1263 Webling <= 3.9.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'title' Parameter

The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'weblingadminsaveform' and 'weblingadminsavememberlist' functions...

EUVD-2026-21248

The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'weblingadminsaveform' and 'weblingadminsavememberlist' functions...

CVE-2026-1263 Webling <= 3.9.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'title' Parameter

The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'weblingadminsaveform' and 'weblingadminsavememberlist' functions...

CVE-2026-1263

CVE-2026-1263 affects the Webling WordPress plugin up to version 3.9.0. The vulnerability is a Stored Cross-Site Scripting in the title parameter via the functions webling_admin_save_form and webling_admin_save_memberlist . It enables authenticated users with Subscriber-level access and above to ...

CVE-2026-1263

The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and missing capabilities checks in the 'weblingadminsaveform' and 'weblingadminsavememberlist' functions...

PT-2026-31842

Name of the Vulnerable Software and Affected Versions Webling plugin for WordPress versions prior to 3.9.1 Description The Webling plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization, insufficient output escaping, and missing capabilities chec...

WordPress plugin Webling 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

WordPress Webling Plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Webling versions = 3.9.0...

CVE-2025-31806 WordPress Webling plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through = 3.9.0...

CVE-2025-31806 WordPress Webling plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through = 3.9.0...

WordPress plugin Webling 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...