2 matches found
CVE-2026-2277
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2277
The rexCrawler WordPress plugin (up to version 1.0.15) is vulnerable to Reflected Cross-Site Scripting via the url and regex parameters on the search-pattern tester page. The issue arises from insufficient input sanitization and output escaping, allowing an unauthenticated attacker to inject scri...