CVE-2026-5506
The CVE-2026-5506 entry concerns the WordPress Wavr plugin (versions up to 0.2.6). The vulnerability is a Stored Cross-Site Scripting flaw via the plugin’s wave shortcode attributes stemming from insufficient input sanitization and output escaping. The impact allows authenticated attackers with c...