CVE-2026-6962 | wpcodefactory Cost of Goods Plugin up to 4.1.0 on WordPress Shortcode alg_wc_cog_product_cost cross site scripting

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in wpcodefactory Cost of Goods Plugin up to 4.1.0 on WordPress. Affected is the function alg_wc_cog_product_cost of the component Shortcode Handler. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-6962. The attack may be initiated remotely. There is no available exploit.

CVE-2026-6962 | wpcodefactory Cost of Goods Plugin up to 4.1.0 on WordPress Shortcode alg_wc_cog_product_cost cross site scripting

Post correlati

CVE-2023-6267 | Red Hat Quarkus JSON Payload deserialization

CVE-2025-13193 | libvirt default permission

CVE-2024-56714 | Linux Kernel up to 6.12.6 AER ionic_reset_prepare Privilege Escalation

CVE-2025-55135 | Agora fall23-Alpha1 Profile Picture userController.js unrestricted upload