CVE-2026-1074

CVE-2026-1074 concerns the WP App Bar WordPress plugin. It describes a stored cross-site scripting (XSS) vulnerability via the app-bar-features parameter in all versions up to and including 1.5, caused by insufficient input sanitization and output escaping plus a missing authorization check in th...

WordPress plugin WP App Bar 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2025-68891

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Sutana WP App Bar wp-app-bar allows Reflected XSS.This issue affects WP App Bar: from n/a through = 1.5...

CVE-2025-68891

CVE-2025-68891 concerns WP App Bar (App Bar) with a Reflected XSS vulnerability in versions up to 1.5. The issue is exploitable via crafted input included in a web page’s response, with CVSS 3.1 metrics indicating Network access, no privileges required, UI interaction required, and impact on conf...

CVE-2025-68891 WordPress WP App Bar plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ryan Sutana WP App Bar wp-app-bar allows Reflected XSS.This issue affects WP App Bar: from n/a through = 1.5...

PT-2026-1929

Name of the Vulnerable Software and Affected Versions Ryan Sutana WP App Bar versions through 1.5 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting XSS issue. This allows for the injection of...

WordPress WP App Bar plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP App Bar versions = 1.5...