CVE-2026-4267
The CVE-2026-4267 issue affects the WordPress Query Monitor plugin (versions up to 3.20.3). It allows Reflected Cross-Site Scripting via the $_SERVER['REQUEST_URI'] parameter due to insufficient input sanitization and output escaping, enabling unauthenticated attackers to inject scripts that exec...