CVE-2026-1573

The OMIGO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's omigodonatebutton shortcode in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2026-1573

Summary: CVE-2026-1573 affects the WordPress OMIGO plugin (versions up to and including 3.3). Vulnerability: Stored Cross-Site Scripting via the plugin’s omigo_donate_button shortcode. Insufficient input sanitization and output escaping on user-supplied attributes. Impact: Authenticated attackers...

CVE-2026-1573 OMIGO <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The OMIGO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's omigodonatebutton shortcode in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2026-6890

Name of the Vulnerable Software and Affected Versions OMIGO plugin for WordPress versions up to and including 3.3 Description The OMIGO plugin for WordPress is susceptible to Stored Cross-Site Scripting through the omigo donate button shortcode. Insufficient input sanitization and output escaping...

WordPress OMIGO plugin <= 3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zaim in WordPress Plugin OMIGO versions = 3.3...