CVE-2026-7596 | nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0 Slide Generator generate-slide.py data.get cross site scripting (Issue 247)

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability was found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. It has been declared as problematic. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py of the component Slide Generator. Such manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2026-7596. The attack may be performed from remote. In addition, an exploit is available.

The project was informed of the problem early through a pull request but has not reacted yet.

CVE-2026-7596 | nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0 Slide Generator generate-slide.py data.get cross site scripting (Issue 247)

Post correlati

CVE-2025-71087 | Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.3/6.19-rc3 iavf iavf_config_rss_reg out-of-bounds

CVE-2024-4521 | Campcodes Complete Web-Based School Management System 1.0 teacher_salary_details2.php index cross site scripting

CVE-2024-31031 | libcoap 4.3.4 coap_pdu.c integer overflow

CVE-2024-21752 | Ernest Marcinko Ajax Search Lite Plugin up to 4.11.4 on WordPress cross-site request forgery