CVE-2026-2431 | CM Custom Reports Plugin up to 1.2.7 on WordPress date_from/date_to cross site scripting

Inserito da Angelo Barbosa | Mar 6, 2026 | CVE

A vulnerability was found in CM Custom Reports Plugin up to 1.2.7 on WordPress. It has been classified as problematic. The affected element is an unknown function. The manipulation of the argument date_from/date_to leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-2431. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-2431 | CM Custom Reports Plugin up to 1.2.7 on WordPress date_from/date_to cross site scripting

Post correlati

CVE-2024-53311 | Immunity Debugger 1.85 Input stack-based overflow

CVE-2024-3289 | Tenable Nessus up to 10.7.2 on Windows permissions

CVE-2024-6167 | aprokopenko Just Custom Fields Plugin up to 3.3.2 on WordPress authorization

CVE-2024-35582 | SourceCodester Laboratory Management System 1.0 Department cross site scripting