CVE Catalog

CVE-2026-56040

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Summary

The vulnerability allows an unauthenticated attacker to execute XSS scripts in the Gutenverse Form plugin up to version 2.4.7.

Risk Assessment

An attacker can inject malicious JavaScript code, leading to session theft, redirects, or website defacement.

Recommendation

Immediately update the Gutenverse Form plugin to version 2.4.8 or later.

Original NVD description (English source)

Unauthenticated Cross Site Scripting (XSS) in Gutenverse Form <= 2.4.7 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS