CyberRota
← Ana sayfaya dön

CVE-2026-8981

LOW · CVSS 3.5 EPSS %0.14

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-09T06:16:54.067 · Çekilme zamanı: 2026-06-30T18:15:15.639636+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-8981
Severity
LOW
CVSS
3.5
EPSS
%0.14
WordPress Java

Orijinal NVD Açıklaması

The Custom Block Builder WordPress plugin before 4.3.0 does not consistently check the unfiltered_html capability across all paths that write to its block template code fields, allowing administrators on multisite installations (or single-site installs with DISALLOW_UNFILTERED_HTML defined) to inject arbitrary JavaScript that executes for any visitor of pages embedding the affected block.