CVE Catalog
CVE-2026-56044
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk0.18%
8th percentile — higher than 8% of all known CVEs
Summary
The vulnerability allows an unauthenticated attacker to perform XSS attacks in Blog2Social version 8.9.2 and earlier. The attack can be carried out without authentication, increasing the risk of exploitation.
Risk Assessment
An attacker can inject malicious JavaScript code that executes in the browsers of site visitors, leading to session theft, redirects, or data theft.
Recommendation
Immediately update the Blog2Social plugin to a version newer than 8.9.2, which includes a fix for the vulnerability.
Original NVD description (English source)
Unauthenticated Cross Site Scripting (XSS) in Blog2Social <= 8.9.2 versions.

