Blog Filter

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-39517 MEDIUM This Month

DOM-Based Cross-Site Scripting (XSS) in A WP Life Blog Filter WordPress plugin versions 1.7.6 and earlier allows authenticated attackers with low privileges to inject malicious scripts that execute in victims' browsers when they interact with crafted web pages. The vulnerability stems from improper neutralization of user input during page generation and requires user interaction to trigger. No public exploit code or active exploitation has been identified at the time of analysis, with an EPSS score of 0.03% indicating low exploitation probability.

XSS Blog Filter

NVD

CVSS 3.1

6.5

EPSS

0.0%

CVE-2026-39517

EPSS 0% CVSS 6.5

MEDIUM This Month

DOM-Based Cross-Site Scripting (XSS) in A WP Life Blog Filter WordPress plugin versions 1.7.6 and earlier allows authenticated attackers with low privileges to inject malicious scripts that execute in victims' browsers when they interact with crafted web pages. The vulnerability stems from improper neutralization of user input during page generation and requires user interaction to trigger. No public exploit code or active exploitation has been identified at the time of analysis, with an EPSS score of 0.03% indicating low exploitation probability.

XSS Blog Filter

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy