{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-22210","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2026-01-06T16:47:17.187Z","datePublished":"2026-03-13T01:18:14.123Z","dateUpdated":"2026-03-13T14:14:59.813Z"},"containers":{"cna":{"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2026-03-13T01:18:14.123Z"},"datePublic":"2026-03-11T00:00:00.000Z","title":"wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Attachment URLs","descriptions":[{"lang":"en","value":"wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through unescaped attachment URLs in HTML output by exploiting the WpdiscuzHelperUpload class. Attackers can craft malicious attachment records or filter hooks to inject arbitrary JavaScript into img and anchor tag attributes, executing code in the context of WordPress users viewing comments."}],"problemTypes":[{"descriptions":[{"lang":"en","description":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","cweId":"CWE-79","type":"CWE"}]}],"affected":[{"vendor":"gVectors","product":"wpDiscuz","versions":[{"version":"0","status":"affected","lessThan":"7.6.47","versionType":"custom"},{"version":"7.6.47","status":"unaffected"}],"defaultStatus":"unaffected","packageURL":"pkg:wordpress-plugin/wpdiscuz"}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gvectors:wpdiscuz:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"7.6.47"}]}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"PRESENT","attackVector":"NETWORK","baseScore":2.1,"baseSeverity":"LOW","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","userInteraction":"PASSIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS"},{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N","version":"3.1"},"format":"CVSS"}],"references":[{"url":"https://wordpress.org/plugins/wpdiscuz/#developers","name":"wpDiscuz Changelog","tags":["patch"]},{"url":"https://wordpress.org/plugins/wpdiscuz/","name":"wpDiscuz","tags":["product"]},{"name":"VulnCheck Advisory: wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Attachment URLs","tags":["third-party-advisory"],"url":"https://www.vulncheck.com/advisories/wpdiscuz-before-cross-site-scripting-via-unescaped-attachment-urls"}],"x_generator":{"engine":"scooter"},"credits":[{"lang":"en","value":"Scott Moore - VulnCheck","type":"finder"}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-13T14:14:51.492020Z","id":"CVE-2026-22210","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-13T14:14:59.813Z"}}]}}