PatchSiren

Cozmoslabs CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Cozmoslabs CVE published 2026-06-15

CVE-2026-39514

CVE-2026-39514 is a HIGH severity Unauthenticated Cross Site Scripting (XSS) vulnerability affecting Paid Member Subscriptions plugin versions <= 2.17.3. The vulnerability has a CVSS score of 7.1 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-39514). The vulnerability was reported by Patchstack.