CVE-2026-39628

| EUVD-2026-20276
2026-04-08 Patchstack GHSA-36hh-hpjf-wc4x

Lifecycle Timeline

2
EUVD ID Assigned
Apr 08, 2026 - 08:45 euvd
EUVD-2026-20276
CVE Published
Apr 08, 2026 - 08:30 nvd
N/A

Tags

WordPress PHP XSS Dukamarket

Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through <= 1.3.0.

Analysis

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through <= 1.3.0.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

CVE-2026-39628 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy