CVE-2026-2602 | Twentig Supercharged Block Editor Plugin up to 1.9.7 on WordPress Parameter featuredImageSizeWidth cross site scripting

Inserito da Angelo Barbosa | Mar 29, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Twentig Supercharged Block Editor Plugin up to 1.9.7 on WordPress. This affects an unknown part of the component Parameter Handler. This manipulation of the argument featuredImageSizeWidth causes cross site scripting.

This vulnerability appears as CVE-2026-2602. The attack may be initiated remotely. There is no available exploit.

CVE-2026-2602 | Twentig Supercharged Block Editor Plugin up to 1.9.7 on WordPress Parameter featuredImageSizeWidth cross site scripting

Post correlati

CVE-2025-13361 | Web to SugarCRM Lead Plugin up to 1.0.0 on WordPress cross-site request forgery

CVE-2024-13148 | Yukseloglu Filter B2B Login Platform prior 16.01.2025 sql injection

CVE-2024-26196 | Microsoft Edge prior 122.0.2365.63 on Android information disclosure

CVE-2024-0946 | 60IndexPage up to 1.8.5 Parameter /apply/index.php url server-side request forgery