CVE-2026-2489 | TP2WP Importer Plugin up to 1.1 on WordPress implode Watched domains cross site scripting

Inserito da Angelo Barbosa | Feb 25, 2026 | CVE

A vulnerability labeled as problematic has been found in TP2WP Importer Plugin up to 1.1 on WordPress. Impacted is the function implode. Executing a manipulation of the argument Watched domains can lead to cross site scripting.

This vulnerability is registered as CVE-2026-2489. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-2489 | TP2WP Importer Plugin up to 1.1 on WordPress implode Watched domains cross site scripting

Post correlati

CVE-2024-32804 | Martin Gibson WP GoToWebinar Plugin up to 14.46 on WordPress authorization

CVE-2025-9706 | SourceCodester Water Billing System 1.0 /edit.php ID sql injection

CVE-2026-22444 | Apache Solr up to 9.10.0 privilege escalation

CVE-2024-29066 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 Distributed File System toctou