CVE-2026-0556 | XO Event Calendar Plugin up to 3.2.10 on WordPress Shortcode xo_event_field cross site scripting

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability was found in XO Event Calendar Plugin up to 3.2.10 on WordPress and classified as problematic. Affected by this issue is the function xo_event_field of the component Shortcode Handler. The manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2026-0556. The attack may be launched remotely. There is no exploit available.

CVE-2026-0556 | XO Event Calendar Plugin up to 3.2.10 on WordPress Shortcode xo_event_field cross site scripting

Post correlati

CVE-2025-64256 | PressTigers Simple Folio Plugin up to 1.1.0 on WordPress cross-site request forgery

CVE-2024-3595 | Pure Chat Plugin up to 2.22 on WordPress cross site scripting

CVE-2025-27598 | SixLabors ImageSharp up to 2.1.9/3.1.6 GIF Decoder out-of-bounds write (ID 2859)

CVE-2023-51416 | EnvialoSimple EnvíaloSimple Plugin up to 2.3 on WordPress cross-site request forgery