Skip to main content

Fsm Custom Featured Image Caption

1 CVEs product

Monthly

CVE-2026-39693 MEDIUM This Month

DOM-based cross-site scripting in fesomia FSM Custom Featured Image Caption WordPress plugin versions up to 1.25.1 allows authenticated administrators with high privileges to inject malicious scripts via improper input neutralization during featured image caption generation. The vulnerability requires user interaction (UI:R) and high administrator privileges (PR:H), limiting real-world risk despite the network-accessible attack vector. EPSS exploitation probability is very low at 0.03% percentile rank, and no public exploit code or active exploitation has been identified.

XSS Fsm Custom Featured Image Caption
NVD
CVSS 3.1
5.9
EPSS
0.0%
EPSS 0% CVSS 5.9
MEDIUM This Month

DOM-based cross-site scripting in fesomia FSM Custom Featured Image Caption WordPress plugin versions up to 1.25.1 allows authenticated administrators with high privileges to inject malicious scripts via improper input neutralization during featured image caption generation. The vulnerability requires user interaction (UI:R) and high administrator privileges (PR:H), limiting real-world risk despite the network-accessible attack vector. EPSS exploitation probability is very low at 0.03% percentile rank, and no public exploit code or active exploitation has been identified.

XSS Fsm Custom Featured Image Caption
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy