CVE-2026-8893 | payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress Shortcode register_shortcode Type cross site scripting

Inserito da Angelo Barbosa | Giu 6, 2026 | CVE

A vulnerability was found in payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress. It has been declared as problematic. Affected is the function register_shortcode of the component Shortcode Handler. The manipulation of the argument Type results in cross site scripting.

This vulnerability is known as CVE-2026-8893. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-8893 | payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress Shortcode register_shortcode Type cross site scripting

Post correlati

CVE-2025-27625 | Jenkins redirect

CVE-2024-12901 | FoxCMS up to 1.2 API Endpoint Site.php password improper authorization

CVE-2022-36029 | BigBlueButton Greenlight up to 2.12.x Login Page return_to redirect

CVE-2024-40618 | NAVER Whale Browser 1.10.6.2/3.0.1.2 Built-in Extension cross site scripting