CVE-2026-1304 | Membership Plugin up to 3.2.18 on WordPress Invoice Setting cross site scripting

Inserito da Angelo Barbosa | Feb 17, 2026 | CVE

A vulnerability was found in Membership Plugin up to 3.2.18 on WordPress and classified as problematic. This issue affects some unknown processing of the component Invoice Setting Handler. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-1304. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-1304 | Membership Plugin up to 3.2.18 on WordPress Invoice Setting cross site scripting

Post correlati

CVE-2024-3251 | SourceCodester Computer Laboratory Management System 1.0 id sql injection

CVE-2024-57921 | Linux Kernel up to 6.12.9/6.13-rc6 AMD GPU race condition

CVE-2025-9778 | Tenda W12 up to 3.0.0.6(3948) Administrative Interface /etc_ro/shadow hard-coded credentials

CVE-2024-26677 | Linux Kernel up to 6.6.16/6.7.4 rxrpc information disclosure (200cb50b9e15/63719f490e6a/e7870cf13d20)