CVE Catalog

CVE-2026-57763

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Summary

The Structured Content plugin version 1.7.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in the Contributor function. This allows an attacker to inject malicious JavaScript code into the page.

Risk Assessment

The risk involves potential session hijacking, redirects to malicious sites, or theft of sensitive data through script execution in the victim's browser.

Recommendation

It is recommended to immediately update the Structured Content plugin to a version newer than 1.7.0, which includes a fix for the XSS vulnerability.

Original NVD description (English source)

Contributor Cross Site Scripting (XSS) in Structured Content <= 1.7.0 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS