PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-15301 digiblogger CVE debrief

The BuddyHolis TableSearch plugin for WordPress has a Stored Cross-Site Scripting vulnerability via the 'placeholder' parameter in all versions up to, and including, 1.1.0. This vulnerability allows authenticated attackers with Contributor-level access and above to inject web scripts that execute when a user accesses an injected page. The vulnerability has a CVSS score of 6.4 and is considered Medium priority. Users of the plugin, especially those with Contributor-level access and above, should be aware of this vulnerability and take necessary actions to protect their sites.

Vendor
digiblogger
Product
BuddyHolis TableSearch
CVSS
MEDIUM 6.4
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-10
Original CVE updated
2026-07-10
Advisory published
2026-07-10
Advisory updated
2026-07-10

Who should care

Users of BuddyHolis TableSearch plugin for WordPress, especially those with Contributor-level access and above, should be aware of this vulnerability and take necessary actions to protect their sites. This includes updating the plugin to a version that fixes the vulnerability, restricting access to the plugin's settings and functionality, and monitoring for suspicious activity.

Technical summary

The BuddyHolis TableSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'placeholder' parameter in all versions up to, and including, 1.1.0. This is due to insufficient input sanitization and output escaping. An authenticated attacker with Contributor-level access and above can inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability has a CVSS score of 6.4 and is considered Medium priority.

Defensive priority

Medium priority due to the CVSS score of 6.4 and the potential for authenticated attackers to inject malicious scripts.

Recommended defensive actions

  • Update the BuddyHolis TableSearch plugin to a version that fixes the vulnerability, if available.
  • Restrict access to the plugin's settings and functionality to trusted users only.
  • Monitor for suspicious activity and injected scripts on the site.
  • Consider implementing additional security measures such as Web Application Firewall (WAF) rules to detect and prevent similar attacks.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.

Evidence notes

The CVE record was published on 2026-07-10T05:16:33.537Z and last modified on 2026-07-10T19:17:20.713Z. The NVD entry is currently Deferred. Evidence is limited to public CVE and NVD information. Defenders should verify affected deployments, review official advisories, and monitor for suspicious activity.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T05:16:33.537Z and has not been modified since then. The NVD entry is currently Deferred.