CVE-2026-4859 | softpulseinfotech SP Blog Designer Plugin up to 1.0.0 on WordPress Shortcode wpsbd_post_carousel design cross site scripting

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability labeled as problematic has been found in softpulseinfotech SP Blog Designer Plugin up to 1.0.0 on WordPress. Affected by this issue is the function wpsbd_post_carousel of the component Shortcode Handler. The manipulation of the argument design results in cross site scripting.

This vulnerability is identified as CVE-2026-4859. The attack can be executed remotely. There is not any exploit available.

CVE-2026-4859 | softpulseinfotech SP Blog Designer Plugin up to 1.0.0 on WordPress Shortcode wpsbd_post_carousel design cross site scripting

Post correlati

CVE-2024-20069 | MediaTek MT8797 Modem downgrade (MOLY01286330)

CVE-2024-7998 | Octopus Server prior 2024.1.12931/2024.2.9313 OIDC Cookie session expiration

CVE-2024-10865 | OpenText Advance Authentication up to 6.4 cross site scripting

CVE-2020-24681 | B&R Industrial Automation Studio/NET PVI prior 4.9.4 SP permission assignment