CVE-2026-3572
The CVE-2026-3572 entry concerns the iTracker360 WordPress plugin (versions up to 2.2.0). It describes a vulnerability where Cross-Site Request Forgery can lead to Stored Cross-Site Scripting via the itracker_license settings field. Root cause is missing nonce verification on settings form submis...