CVE-2026-2512 | dartiss Code Embed Plugin up to 2.5.1 on WordPress AJAX Endpoint sec_check_post_fields cross site scripting

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability, which was classified as problematic, was found in dartiss Code Embed Plugin up to 2.5.1 on WordPress. This issue affects the function sec_check_post_fields of the component AJAX Endpoint. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-2512. The attack can be launched remotely. No exploit exists.

CVE-2026-2512 | dartiss Code Embed Plugin up to 2.5.1 on WordPress AJAX Endpoint sec_check_post_fields cross site scripting

Post correlati

CVE-2025-54528 | JetBrains TeamCity up to 2025.03.3 GitHub App Connection Flow cross-site request forgery

CVE-2025-9590 | Weaver E-Mobile Mobile Management Platform up to 20250813 gohome cross site scripting

CVE-2024-28730 | D-Link DWR 2000M 5G VPN Configuration Module cross site scripting

CVE-2026-2965 | 07FLYCMS/07FLY-CMS/07FlyCRM up to 1.2.9 System Extension edit.html Title cross site scripting