CVE-2026-28558 | gVectors wpForo Forum up to 2.4.15 SVG File Parser cross site scripting

Inserito da Angelo Barbosa | Mar 1, 2026 | CVE

A vulnerability categorized as problematic has been discovered in gVectors wpForo Forum up to 2.4.15. This issue affects some unknown processing of the component SVG File Parser. Executing a manipulation can lead to cross site scripting.

This vulnerability is handled as CVE-2026-28558. The attack can be executed remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-28558 | gVectors wpForo Forum up to 2.4.15 SVG File Parser cross site scripting

Post correlati

CVE-2025-47154 | Ladybird LibJS arguments_list missing synchronization

UserPro Plugin userpro_save_userdata cross-site request forgery

CVE-2020-11847 | OpenText Privileged Access Manager up to 3.7.0.0 PAM Server os command injection

CVE-2023-52913 | Linux Kernel up to 6.1.6 drm gem_context_register use after free (b696c627b3f5/afce71ff6daa)