Vulnerabilities
Report: CVE-2026-22192 - WordPress Discuz Stored Cross-Site Scripting Vulnerability
CVE ID :CVE-2026-22192 Published : March 13, 2026, 6:19 a.m. | 1 hour, 58 minutes ago Description :wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by importing a crafted options file with unescaped customCss field values. Attackers can supply a malicious JSON import file containing script payloads in the customCss parameter that execute on every page when rendered through the options handler without proper sanitization. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...