CVE-2026-5425 | trustindex Widgets for Social Photo Feed Plugin up to 1.7.9 on WordPress feed_data cross site scripting

Inserito da Angelo Barbosa | Apr 4, 2026 | CVE

A vulnerability, which was classified as problematic, was found in trustindex Widgets for Social Photo Feed Plugin up to 1.7.9 on WordPress. This affects an unknown function. The manipulation of the argument feed_data results in cross site scripting.

This vulnerability was named CVE-2026-5425. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.

CVE-2026-5425 | trustindex Widgets for Social Photo Feed Plugin up to 1.7.9 on WordPress feed_data cross site scripting

Post correlati

CVE-2025-68144 | modelcontextprotocol servers up to 2025.12.16 git_diff argument injection

CVE-2024-6006 | ZKTeco ZKBio CVSecurity V5000 4.1.0 Summer Schedule Schedule Name cross site scripting

CVE-2024-13176 | OpenSSL up to 3.4.0 ECDSA Signature covert timing channel

CVE-2025-7783 | form-data up to 2.5.3/3.0.2/4.0.2 HTTP Parameter lib/form_data.Js random values