CVE-2026-28127 | e-plugins Lawyer Directory Plugin up to 1.3.2 on WordPress cross site scripting

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability categorized as problematic has been discovered in e-plugins Lawyer Directory Plugin up to 1.3.2 on WordPress. The affected element is an unknown function. Executing a manipulation can lead to cross site scripting.

This vulnerability appears as CVE-2026-28127. The attack may be performed from remote. There is no available exploit.

CVE-2026-28127 | e-plugins Lawyer Directory Plugin up to 1.3.2 on WordPress cross site scripting

Post correlati

CVE-2024-10586 | Debug Tool Plugin up to 2.2 on WordPress File access control

CVE-2025-7759 | thinkgem JeeSite up to 5.12.0 UEditor Image Grabber ActionEnter.java Source server-side request forgery (Issue 27)

CVE-2024-57962 | Huawei HarmonyOS 5.0.0 VPN Service Module denial of service

CVE-2023-46048 | tex-live 944e257 Config File cmr10.pfb null pointer dereference