2 matches found
CVE-2026-3878
The vulnerability affects the WordPress WP Docs plugin, with a Stored Cross-Site Scripting (XSS) flaw in the wpdocs_options[icon_size] parameter across all versions up to 2.2.9. The root cause is insufficient input sanitization and output escaping, allowing authenticated attackers with subscriber...
Magento cross-site scripting vulnerability (CNVD-2019-26233)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in Magento version 2.1.18 before version 2.1, version 2.2.9 before...