Skip to main content

Wp Rest Cache

1 CVEs product

Monthly

CVE-2026-25347 HIGH This Week

A Stored Cross-Site Scripting (XSS) vulnerability exists in the Acato WP REST Cache WordPress plugin through version 2026.1.0, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of site administrators and users. This vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and affects all installations of WP REST Cache up to and including version 2026.1.0. An attacker with appropriate access could inject stored XSS payloads that compromise administrator sessions, steal credentials, or modify site content.

XSS Wp Rest Cache
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH This Week

A Stored Cross-Site Scripting (XSS) vulnerability exists in the Acato WP REST Cache WordPress plugin through version 2026.1.0, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of site administrators and users. This vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and affects all installations of WP REST Cache up to and including version 2026.1.0. An attacker with appropriate access could inject stored XSS payloads that compromise administrator sessions, steal credentials, or modify site content.

XSS Wp Rest Cache
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy