CVE-2026-6252 | mr2p Meta Field Block Plugin up to 1.5.2 on WordPress Block Attribute tagName cross site scripting

Inserito da Angelo Barbosa | Mag 14, 2026 | CVE

A vulnerability classified as problematic was found in mr2p Meta Field Block Plugin up to 1.5.2 on WordPress. Affected is an unknown function of the component Block Attribute Handler. The manipulation of the argument tagName results in cross site scripting.

This vulnerability is identified as CVE-2026-6252. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-6252 | mr2p Meta Field Block Plugin up to 1.5.2 on WordPress Block Attribute tagName cross site scripting

Post correlati

CVE-2025-20033 | Mattermost up to 9.11.5/10.0.3/10.1.3/10.2.0/10.3.0 improper validation of specified type of input

CVE-2025-4268 | TOTOLINK A720R 4.1.5cu.374 /cgi-bin/cstecgi.cgi topicurl missing authentication

CVE-2024-11354 | codelizarplugs Ultimate YouTube Video & Shorts Player with Vimeo Plugin del_ytsingvid authorization

CVE-2024-21855 | GoCast 1.1.3 HTTP API missing authentication (TALOS-2024-1962)