Skip to main content

Mybooktable Bookstore

1 CVEs product

Monthly

CVE-2026-39604 MEDIUM This Month

MyBookTable Bookstore WordPress plugin versions 3.6.0 and earlier allow authenticated high-privilege users to inject malicious scripts that are stored and executed in the browsers of other users, enabling stored cross-site scripting (XSS) attacks. The vulnerability requires admin-level authentication and user interaction from victims to trigger, limiting real-world exploitation scope despite network accessibility. EPSS probability is exceptionally low at 0.03%, reflecting the authentication and interaction barriers.

XSS Mybooktable Bookstore Okta
NVD
CVSS 3.1
5.9
EPSS
0.0%
EPSS 0% CVSS 5.9
MEDIUM This Month

MyBookTable Bookstore WordPress plugin versions 3.6.0 and earlier allow authenticated high-privilege users to inject malicious scripts that are stored and executed in the browsers of other users, enabling stored cross-site scripting (XSS) attacks. The vulnerability requires admin-level authentication and user interaction from victims to trigger, limiting real-world exploitation scope despite network accessibility. EPSS probability is exceptionally low at 0.03%, reflecting the authentication and interaction barriers.

XSS Mybooktable Bookstore Okta
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy