CyberRota
← Ana sayfaya dön

CVE-2026-12869

UNKNOWN · CVSS N/A

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-16T07:16:47.300 · Çekilme zamanı: 2026-07-16T12:08:05.527401+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-12869
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress Java

Orijinal NVD Açıklaması

The Header Footer Builder for Elementor WordPress plugin before 1.2.1 does not require an administrative capability for its dashboard template-import action (it allows any edit_posts user), so a Contributor can import a template containing an Elementor HTML widget configured to display site-wide, injecting JavaScript that executes in the session of any visitor or administrator who loads the site.