CVE-2026-3604
The CVE-2026-3604 entry concerns the WordPress plugin WP SEO Structured Data Schema (versions up to and including 2.8.1). The vulnerability is a Stored Cross‑Site Scripting (XSS) via the _kcseo_ative_tab parameter, caused by insufficient input sanitization and output escaping. Attackers with Cont...