CVE-2026-7509 | helgatheviking KIA Subtitle Plugin up to 4.0.1 on WordPress Shortcode before cross site scripting

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability, which was classified as problematic, was found in helgatheviking KIA Subtitle Plugin up to 4.0.1 on WordPress. This affects the function before of the component Shortcode Handler. Executing a manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-7509. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.

CVE-2026-7509 | helgatheviking KIA Subtitle Plugin up to 4.0.1 on WordPress Shortcode before cross site scripting

Post correlati

CVE-2025-22624 | bradvin FooGallery 2.4.29 class-meta boxes.php cross site scripting

CVE-2025-22224 | VMware Workstation out-of-bounds write

CVE-2026-46529 | Xreader ev-application.c ev_spawn command injection

CVE-2024-3177 | Kubernetes kube-apiserver up to 1.27.12/1.28.8/1.29.3 Mountable Secrets Policy envFrom information disclosure