CVE-2026-3228 | NextScripts Plugin up to 4.4.6 on WordPress Shortcode nxs_fbembed snapFB cross site scripting

Inserito da Angelo Barbosa | Mar 10, 2026 | CVE

A vulnerability classified as problematic was found in NextScripts Plugin up to 4.4.6 on WordPress. Affected by this issue is the function nxs_fbembed of the component Shortcode Handler. The manipulation of the argument snapFB results in cross site scripting.

This vulnerability is cataloged as CVE-2026-3228. The attack may be launched remotely. There is no exploit available.

CVE-2026-3228 | NextScripts Plugin up to 4.4.6 on WordPress Shortcode nxs_fbembed snapFB cross site scripting

Post correlati

CVE-2025-1748 | OpenCart up to 4.0.x /account/register name cross site scripting

CVE-2024-7660 | SourceCodester File Manager App 1.0 Add File File Title/Uploaded By cross site scripting

CVE-2023-26603 | JumpCloud Agent up to 1.177.x temp file

CVE-2024-13821 | wpdevelop WP Booking Calendar Plugin up to 10.10 on WordPress improper authorization