CVE-2026-1945 | WPBookit Plugin up to 1.0.8 on WordPress wpb_user_name/wpb_user_email cross site scripting

Inserito da Angelo Barbosa | Mar 3, 2026 | CVE

A vulnerability labeled as problematic has been found in WPBookit Plugin up to 1.0.8 on WordPress. Impacted is an unknown function. The manipulation of the argument wpb_user_name/wpb_user_email results in cross site scripting.

This vulnerability is known as CVE-2026-1945. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-1945 | WPBookit Plugin up to 1.0.8 on WordPress wpb_user_name/wpb_user_email cross site scripting

Post correlati

CVE-2024-35741 | Awesome Support Plugin up to 6.1.7 on WordPress authorization

CVE-2025-40024 | Linux Kernel up to 6.6.108/6.12.49/6.16.9 vhost_task_create privilege escalation

CVE-2025-59033 | Microsoft Windows up to Server 2025 WDAC Policy incomplete blacklist

CVE-2025-55018 | Fortinet FortiOS up to 6.4.16/7.0.19/7.2.13/7.4.9/7.6.0 HTTP Request request smuggling (FG-IR-25-667)