CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

6 matches found

RedhatCVE•added 2026/02/12 1:43 p.m.•3 views

CVE-2026-1827

The Flask Micro code-editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's codeflask shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00014EPSS

Exploits0References1

NVD•added 2026/02/11 9:15 a.m.•6 views

CVE-2026-1827

The Flask Micro code-editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's codeflask shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00014EPSS

Exploits0References3

ATTACKERKB•added 2026/02/11 8:26 a.m.•3 views

CVE-2026-1827

The Flask Micro code-editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's codeflask shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00014EPSS

Exploits0References4

CVE•added 2026/02/11 8:26 a.m.•12 views

CVE-2026-1827

CVE-2026-1827 — The IDE Micro code-editor WordPress plugin (flask-micro) versions ≤ 1.0.0 is vulnerable to Stored Cross-Site Scripting via the codeflask shortcode, due to insufficient input sanitization and output escaping on the shortcode attributes (notably the title attribute). Impact: authent...

6.4CVSS5.8AI score0.00014EPSS

Exploits0References3

Cvelist•added 2026/02/11 8:26 a.m.•17 views

CVE-2026-1827 IDE Micro code-editor <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute

The Flask Micro code-editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's codeflask shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00014EPSS

Exploits0References3

Positive Technologies•added 2026/02/11 12:0 a.m.•4 views

PT-2026-7503

The Flask Micro code-editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's codeflask shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00014EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by