CVE-2026-1706 | All-in-One Video Gallery Plugin up to 4.7.1 on WordPress vi cross site scripting

Inserito da Angelo Barbosa | Mar 4, 2026 | CVE

A vulnerability classified as problematic has been found in All-in-One Video Gallery Plugin up to 4.7.1 on WordPress. Impacted is an unknown function. The manipulation of the argument vi leads to cross site scripting.

This vulnerability is listed as CVE-2026-1706. The attack may be initiated remotely. There is no available exploit.

CVE-2026-1706 | All-in-One Video Gallery Plugin up to 4.7.1 on WordPress vi cross site scripting

Post correlati

CVE-2024-3863 | Mozilla Firefox up to 124 xrm-ms File unknown vulnerability

CVE-2025-14187 | UGREEN DH2100+ up to 5.3.0.251125 nas_svr /v1/file/backup/create handler_file_backup_create path buffer overflow

CVE-2024-0626 | WooCommerce Clover Payment Gateway Plugin up to 1.3.1 on WordPress callback_handler authorization

CVE-2024-3097 | Gallery Plugin up to 3.59 on WordPress authorization