CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

Vulnrichment•added 2026/02/28 9:47 p.m.•3 views

CVE-2026-28560 wpForo Forum 2.4.14 Stored XSS via Unsafe JSON Encoding in Inline Script

wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injection via forum URL data output into an inline script block using jsonencode without the JSONHEXTAG flag. Attackers set a forum slug containing a closing script tag or unescaped single quote to break o...

5.5CVSS5.9AI score0.00043EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by