Skip to main content

Upsolution Core

1 CVEs product

Monthly

CVE-2026-24983 HIGH This Week

A Reflected Cross-Site Scripting (XSS) vulnerability exists in UpSolution Core plugin versions through 8.41, allowing attackers to inject malicious scripts into web pages viewed by other users. The vulnerability affects the UpSolution Core WordPress plugin (CPE: cpe:2.3:a:upsolution:upsolution_core), enabling attackers to steal session tokens, perform actions on behalf of users, or redirect users to malicious sites through crafted URLs. No CVSS score, EPSS probability, or KEV status is currently available, though Patchstack has confirmed and documented this as a reflected XSS vulnerability.

XSS Upsolution Core
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH This Week

A Reflected Cross-Site Scripting (XSS) vulnerability exists in UpSolution Core plugin versions through 8.41, allowing attackers to inject malicious scripts into web pages viewed by other users. The vulnerability affects the UpSolution Core WordPress plugin (CPE: cpe:2.3:a:upsolution:upsolution_core), enabling attackers to steal session tokens, perform actions on behalf of users, or redirect users to malicious sites through crafted URLs. No CVSS score, EPSS probability, or KEV status is currently available, though Patchstack has confirmed and documented this as a reflected XSS vulnerability.

XSS Upsolution Core
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy