CVE-2026-8981 | Custom Block Builder Plugin up to 4.2.x on WordPress Installation cross site scripting

Inserito da Angelo Barbosa | Giu 9, 2026 | CVE

A vulnerability was found in Custom Block Builder Plugin up to 4.2.x on WordPress. It has been declared as problematic. The affected element is an unknown function of the component Installation Handler. Such manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-8981. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-8981 | Custom Block Builder Plugin up to 4.2.x on WordPress Installation cross site scripting

Post correlati

CVE-2025-10908 | WSO2 Identity Server Magic Link/Pass Key authorization

CVE-2024-13129 | Roxy-WI up to 8.1.3 roxy.py action_service action/service os command injection

CVE-2023-41474 | Ivanti Avalanche 6.3.4.153 web.xml loc path traversal

CVE-2023-6946 | Autotitle Plugin up to 1.0.3 on WordPress Setting cross-site request forgery