Skip to main content

Proxy & VPN Blocker CVE-2026-57399

| EUVDEUVD-2026-43470 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-07-13 Patchstack
7.1
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
7.1 HIGH
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
vuln.today AI
6.5 MEDIUM

Stored XSS is network-reachable and low-complexity with a browser-context scope change and Low C/I/A; PR:L reflects that most Patchstack stored-XSS injection points require at least low-privileged access, though the input's PR:N is possible if truly unauthenticated.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

2
Analysis Generated
Jul 13, 2026 - 10:59 vuln.today
CVE Published
Jul 13, 2026 - 08:41 cve.org
HIGH 7.1

DescriptionCVE.org

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proxy &amp; VPN Blocker Proxy &amp; VPN Blocker proxy-vpn-blocker allows Stored XSS.This issue affects Proxy &amp; VPN Blocker: from n/a through <= 3.5.8.

AnalysisAI

Stored cross-site scripting in the WordPress plugin 'Proxy & VPN Blocker' (versions up to and including 3.5.8) lets attackers persist malicious JavaScript that executes in victims' browsers when an affected page is rendered. Reported by Patchstack and carrying a CVSS 3.1 score of 7.1 with a scope change, the flaw affects all releases from an unspecified initial version through 3.5.8. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Locate site running Proxy & VPN Blocker ≤3.5.8
Delivery
Submit crafted input with JavaScript payload
Exploit
Payload stored unsanitized in WordPress DB
Execution
Victim/admin loads affected page
Persist
Script executes in browser origin
Impact
Steal session or forge admin actions

Vulnerability AssessmentAI

Exploitation Exploitation requires that attacker-controlled data be stored via the Proxy & VPN Blocker plugin and then rendered to a victim, and it requires user interaction (UI:R) - a user or administrator must load the page containing the stored payload for the script to execute. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, score 7.1) indicates network-reachable, low-complexity exploitation with a scope change but requiring user interaction, and only Low confidentiality/integrity/availability impact - consistent with typical stored XSS. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker submits crafted input containing JavaScript to a field handled by the Proxy & VPN Blocker plugin; the payload is stored and later served unsanitized. When an administrator or other user opens the affected page, the script runs in their browser session in the site's origin, enabling session/cookie theft, admin-action forgery, or content injection. …
Remediation No vendor-released patch version is identified in the available data (the record states affected 'through <= 3.5.8' without naming a fixed release), so verify the current version at https://patchstack.com/database/Wordpress/Plugin/proxy-vpn-blocker/vulnerability/wordpress-proxy-vpn-blocker-plugin-3-5-8-cross-site-scripting-xss-vulnerability and upgrade to any release later than 3.5.8 once published. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Immediately disable the 'Proxy & VPN Blocker' plugin across all WordPress instances and audit your environment for installations running versions 3.5.8 and earlier. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57399 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy