CVE-2026-22209 | gVectors wpDiscuz up to 7.6.46 CSS Setting customCss cross site scripting

Inserito da Angelo Barbosa | Mar 13, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in gVectors wpDiscuz up to 7.6.46. Affected by this issue is some unknown functionality of the component CSS Setting Handler. The manipulation of the argument customCss leads to cross site scripting.

This vulnerability is listed as CVE-2026-22209. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-22209 | gVectors wpDiscuz up to 7.6.46 CSS Setting customCss cross site scripting

Post correlati

CVE-2026-1586 | Open5GS up to 2.7.5 SGWC /sgwc/s11-handler.c ogs_gtp2_f_teid_to_ip denial of service (Issue 4273)

CVE-2025-13841 | Smart App Banners Plugin up to 1.2 on WordPress Shortcode size/verticalalign cross site scripting

CVE-2024-24743 | SAP NetWeaver AS Java 7.50 Guided Procedures xml external entity reference

CVE-2025-62948 | Konstantin Pankratov Date Counter Plugin up to 2.0.3 on WordPress cross site scripting