CVE-2026-5506 | lucascaro Wavr Plugin up to 0.2.6 on WordPress Shortcode wave cross site scripting

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability classified as problematic has been found in lucascaro Wavr Plugin up to 0.2.6 on WordPress. The impacted element is the function wave of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2026-5506. The attack may be initiated remotely. There is no available exploit.

CVE-2026-5506 | lucascaro Wavr Plugin up to 0.2.6 on WordPress Shortcode wave cross site scripting

Post correlati

CVE-2025-66215 | OpenSC up to 0.26.x USB stack-based overflow

CVE-2024-0926 | Tenda AC10U 15.03.06.49_multi_TDE01 formWifiWpsOOB index stack-based overflow

CVE-2024-32254 | PHPGurukul Tourism Management System 2.0 create-package.php unrestricted upload

CVE-2023-6361 | Winhex 16.1 SR-1/20.4 Structured Exception filename memory corruption