CyberRota
← Ana sayfaya dön

CVE-2026-11570

MEDIUM · CVSS 4.2 EPSS %0.17

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-01T07:16:22.173 · Çekilme zamanı: 2026-07-01T18:36:35.786642+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-11570
Severity
MEDIUM
CVSS
4.2
EPSS
%0.17
WordPress

Orijinal NVD Açıklaması

The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display template, leading to a Stored Cross-Site Scripting that can be triggered by unauthenticated users when a non-default display option is enabled.