CyberRota
← Ana sayfaya dön

CVE-2026-12978

UNKNOWN · CVSS N/A

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-16T07:16:47.577 · Çekilme zamanı: 2026-07-16T12:08:05.632665+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-12978
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The FunnelKit WordPress plugin before 3.15.0.6 does not escape a user-supplied parameter before reflecting it into the HTML response of one of its page-builder AJAX actions, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting against logged-in users who open a crafted page. The affected action is only registered when the Divi /builder is active.