Skip to main content

Osiris Signature Banner CVE-2026-8905

| EUVDEUVD-2026-38655 MEDIUM
Cross-Site Request Forgery (CSRF) (CWE-352)
2026-06-24 Wordfence GHSA-p4m8-3gv5-584p
6.1
CVSS 3.1 · Vendor: Wordfence
Share

Severity by source

Vendor (Wordfence) PRIMARY
6.1 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
vuln.today AI
6.1 MEDIUM

Network-delivered CSRF requires no attacker privileges (PR:N) but mandates admin interaction (UI:R); scope change (S:C) reflects stored XSS executing in victim browsers beyond the vulnerable WordPress instance.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (Wordfence).

CVSS VectorVendor: Wordfence

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jun 24, 2026 - 07:00 vuln.today
CVE Published
Jun 24, 2026 - 05:33 cve.org
MEDIUM 6.1

DescriptionCVE.org

The Osiris Signature Banner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

AnalysisAI

Cross-Site Request Forgery in the Osiris Signature Banner WordPress plugin (all versions ≤ 0.5) enables unauthenticated attackers to update plugin settings and inject stored XSS payloads by tricking an authenticated administrator into triggering a forged request. Missing nonce validation across at least four functions (lines 107, 118, 139, and 189 of osiris-signature-banner.php) means any forged cross-origin form submission executed in an active admin session bypasses all server-side origin checks. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft forged CSRF form with XSS payload targeting plugin settings endpoint
Delivery
Deliver malicious link to WordPress site administrator via phishing
Exploit
Admin clicks link while holding active authenticated session
Execution
Browser submits forged request; server accepts without nonce validation
Persist
Attacker-controlled script stored in WordPress database via plugin settings
Impact
Stored XSS executes in browsers of subsequent visitors or admins

Vulnerability AssessmentAI

Exploitation Exploitation requires the Osiris Signature Banner plugin (version ≤ 0.5) to be installed and active on the target WordPress site. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 score of 6.1 (Medium) encodes meaningful signal: AV:N and AC:L confirm the attack is network-accessible with no special conditions, while PR:N establishes the attacker requires no prior credentials. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious webpage hosting a hidden HTML form that submits a settings-update POST request to the target WordPress site's admin endpoint for the Osiris Signature Banner plugin, embedding a JavaScript payload in a plugin settings field. The attacker distributes a link to this page via phishing email targeting a site administrator; when the admin clicks the link while holding an active WordPress session, the browser automatically submits the forged request with the admin's session cookie, the server accepts it without nonce verification, and the malicious script is stored. …
Remediation No vendor-released patch has been identified at time of analysis - the available references document version 0.5 as the current tagged release with no fixed version present in CPE data or references. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-8905 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy