Wp Rest Cache
Monthly
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Acato WP REST Cache WordPress plugin through version 2026.1.0, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of site administrators and users. This vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and affects all installations of WP REST Cache up to and including version 2026.1.0. An attacker with appropriate access could inject stored XSS payloads that compromise administrator sessions, steal credentials, or modify site content.
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Acato WP REST Cache WordPress plugin through version 2026.1.0, allowing attackers to inject and persist malicious JavaScript code that executes in the browsers of site administrators and users. This vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation) and affects all installations of WP REST Cache up to and including version 2026.1.0. An attacker with appropriate access could inject stored XSS payloads that compromise administrator sessions, steal credentials, or modify site content.