PatchSiren cyber security CVE debrief
CVE-2026-39451 jgwhite33 CVE debrief
CVE-2026-39451 is a MEDIUM severity Unauthenticated Cross Site Scripting (XSS) vulnerability in WP Google Review Slider plugin versions <= 18.0. The vulnerability has a CVSS score of 6.3 and was published on {cvePublishedAt}.
- Vendor
- jgwhite33
- Product
- WP Google Review Slider
- CVSS
- MEDIUM 6.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of WP Google Review Slider plugin versions <= 18.0 should apply patches or mitigations to prevent exploitation of this vulnerability.
Technical summary
CVE-2026-39451 is a Cross Site Scripting (XSS) vulnerability in WP Google Review Slider plugin. The vulnerability is unauthenticated and has a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates to WP Google Review Slider plugin to version > 18.0.
- Review and implement secure coding practices to prevent similar vulnerabilities.
Evidence notes
Evidence for this CVE comes from {ref-4}, a mitigation or vendor reference provided by Patchstack.
Official resources
-
CVE-2026-39451 CVE record
CVE.org
-
CVE-2026-39451 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-39451 was published on {cvePublishedAt} and last modified on {cveModifiedAt}.