AI-Powered CVE Analysis for WordPress Plugins
We use AI to automate the differential analysis between vulnerable and patched plugin versions to understand and interpret the security issues. What we share here is research-grade proof of concept demonstrations that are then fed back into our endpoint firewall service.
WordPress Proof of Concepts
AI-assisted vulnerability analysis with PoC demonstration
2026-02-13
CVE-2026-0753: Super Simple Contact Form <= 1.6.2 – Reflected Cross-Site Scripting via 'sscf_name' Parameter (super-simple-contact-form)
The Super Simple Contact Form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sscf_name' parameter in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick…
2026-02-13
CVE-2026-1901: QuestionPro Surveys <= 1.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes (questionpro-surveys)
The QuestionPro Surveys plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'questionpro' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages…
2026-02-13
CVE-2026-1939: Percent to Infograph <= 1.0 – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes (percent-to-infograph)
The Percent to Infograph plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `percent_to_graph` shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in…
2026-02-13
CVE-2026-1796: StyleBidet <= 1.0.0 – Reflected Cross-Site Scripting (stylebidet)
The StyleBidet plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into…
2026-02-13
CVE-2026-1795: Address Bar Ads <= 1.0.0 – Reflected Cross-Site Scripting (address-bar-ads)
The Address Bar Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL Path in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a…
2026-02-13
CVE-2026-1987: Scheduler Widget <= 0.1.6 – Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Event Modification (scheduler-widget)
The Scheduler Widget plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 0.1.6. This is due to the `scheduler_widget_ajax_save_event()` function lacking proper authorization checks and ownership verification when updating events. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify any event in…
2026-02-13
CVE-2026-0751: Payment Page | Payment Form for Stripe <= 1.4.6 – Authenticated (Author+) Stored Cross-Site Scripting via 'pricing_plan_select_text_font_family' Parameter (payment-page)
The Payment Page | Payment Form for Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pricing_plan_select_text_font_family' parameter in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in…
2026-02-13
CVE-2026-1303: MailChimp Campaigns <= 3.2.4 – Missing Authorization to Authenticated (Subscriber+) MailChimp App Disconnection (olalaweb-mailchimp-campaign-manager)
The MailChimp Campaigns plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 3.2.4. This is due to missing capability checks on the `mailchimp_campaigns_manager_disconnect_app` function that is hooked to the AJAX action of the same name. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect…
2026-02-13
CVE-2025-14852: MDirector Newsletter <= 4.5.8 – Cross-Site Request Forgery to Plugin Settings Update (mdirector-newsletter)
The MDirector Newsletter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.8. This is due to missing nonce verification on the mdirectorNewsletterSave function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into…
2026-02-13
CVE-2026-0735: User Language Switch <= 1.6.10 – Authenticated (Administrator+) Stored Cross-Site Scripting via 'tab_color_picker_language_switch' Parameter (user-language-switch)
The User Language Switch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tab_color_picker_language_switch' parameter in all versions up to, and including, 1.6.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute…
How Atomic Edge Works
Simple Setup. Powerful Security.
Atomic Edge acts as a security layer between your website & the internet — inspecting, filtering, and blocking malicious traffic before it ever reaches
your application.