Skip to main content

Seo Friendly Images

1 CVEs product

Monthly

CVE-2026-39665 MEDIUM This Month

DOM-based cross-site scripting (XSS) in Vladimir Prelovac SEO Friendly Images WordPress plugin version 3.0.5 and earlier allows authenticated attackers with low privileges to execute arbitrary JavaScript in the context of other users' browsers. The vulnerability requires user interaction (UI:R) and affects the WordPress admin dashboard with cross-site scope, enabling session hijacking, credential theft, or malicious actions on behalf of compromised administrators. EPSS exploitation probability is minimal at 0.03%, indicating low real-world attack likelihood despite the moderate CVSS score.

XSS Seo Friendly Images
NVD
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 6.5
MEDIUM This Month

DOM-based cross-site scripting (XSS) in Vladimir Prelovac SEO Friendly Images WordPress plugin version 3.0.5 and earlier allows authenticated attackers with low privileges to execute arbitrary JavaScript in the context of other users' browsers. The vulnerability requires user interaction (UI:R) and affects the WordPress admin dashboard with cross-site scope, enabling session hijacking, credential theft, or malicious actions on behalf of compromised administrators. EPSS exploitation probability is minimal at 0.03%, indicating low real-world attack likelihood despite the moderate CVSS score.

XSS Seo Friendly Images
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy