CVE-2026-42653

HIGH

7.1

CVSS Severity Score

EPSS Score0.1460%

EPSS Percentile4.85th

PublishedJun 11, 2026

Last ModifiedJun 12, 2026

Vulnerability Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://patchstack.com/database/wordpress/plugin/slicewp/vulnerability/wordpress-slicewp-plugin-1-2-6-cross-site-scripting-xss-vulnerability?_s_id=cve

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...