CVE-2026-8885 | marcqueralt DeMomentSomTres Shortcodes Plugin up to 1.1.1 on WordPress Shortcode st_callout width/align cross site scripting

Inserito da Angelo Barbosa | Giu 2, 2026 | CVE

A vulnerability was found in marcqueralt DeMomentSomTres Shortcodes Plugin up to 1.1.1 on WordPress. It has been rated as problematic. This issue affects the function st_callout of the component Shortcode Handler. Performing a manipulation of the argument width/align results in cross site scripting.

This vulnerability is cataloged as CVE-2026-8885. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-8885 | marcqueralt DeMomentSomTres Shortcodes Plugin up to 1.1.1 on WordPress Shortcode st_callout width/align cross site scripting

Post correlati

CVE-2025-27497 | OpenIdentityPlatform OpenDJ up to 4.9.2 LDAP Request infinite loop (GHSA-93qr-h8pr-4593)

CVE-2025-54068 | Livewire up to 3.6.3 code injection

CVE-2023-43043 | IBM Maximo Application Suite 8.10/8.11 Maximo Mobile for EAM log file (XFDB-266875)

CVE-2025-46889 | Adobe Experience Manager up to 6.5.22 access control (apsb25-48)