Medium CVE-2026-2827 The Open User Map PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'oum_location_notification' parameter in versions up to, and including, 1.4.31 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-2827 – The Open User Map PRO plugin for WordPress is vulnerable to Stored Cross-Site Sc...

VERWANDTEARTIKEL

Microsoft Patches Exploited Exchange Server Vulnerability

CVE-2026-41700 - Cross-Site WebSocket Hijacking in Spring for GraphQL

CVE-2026-41699 - Unsafe Deserialization in Spring GraphQL

CVE-2026-40999 - Spring WS SSRF via unvalidated WS-Addressing reply destinations

CVE-2026-40998 - Jaxp13 XPath XXE via StreamSource and SAXSource

CVE-2026-40994 - Wss4jSecurityInterceptor disables WS-I BSP validation by default