Skip to main content

Armania

1 CVEs product

Monthly

CVE-2026-39626 MEDIUM This Month

Improper neutralization of script-related HTML tags in the Armania WordPress theme (versions up to 1.4.8) allows unauthenticated remote attackers to inject arbitrary code through unvalidated input, resulting in stored XSS and arbitrary shortcode execution. The vulnerability has a low CVSS severity (5.3) with EPSS exploitation probability of 0.03% (8th percentile), but enables integrity compromise through code injection that persists in the application.

XSS Armania
NVD
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper neutralization of script-related HTML tags in the Armania WordPress theme (versions up to 1.4.8) allows unauthenticated remote attackers to inject arbitrary code through unvalidated input, resulting in stored XSS and arbitrary shortcode execution. The vulnerability has a low CVSS severity (5.3) with EPSS exploitation probability of 0.03% (8th percentile), but enables integrity compromise through code injection that persists in the application.

XSS Armania
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy