CVE-2026-4267 | Query Monitor Plugin prior 3.20.4 on WordPress REQUEST_URI cross site scripting

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Query Monitor Plugin on WordPress. This vulnerability affects unknown code. This manipulation of the argument REQUEST_URI causes cross site scripting.

This vulnerability appears as CVE-2026-4267. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-4267 | Query Monitor Plugin prior 3.20.4 on WordPress REQUEST_URI cross site scripting

Post correlati

CVE-2024-7294 | Progress Telerik Report Server up to 10.2.24.709 HTTP resource consumption

CVE-2025-45010 | PHPGurukul Park Ticketing Management System 2.0 POST Parameter normal-bwdates-reports-details.php fromdate/todate cross site scripting

CVE-2023-7094 | Netentsec NS-ASG Application Security Gateway 6.3 /protocol/nsasg6.0.tgz information disclosure

CVE-2023-6988 | Colibri Page Builder Plugin up to 1.0.239 on WordPress Shortcode cross site scripting