PatchSiren

digiblogger CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM digiblogger CVE published 2026-07-10

CVE-2026-15301

The BuddyHolis TableSearch plugin for WordPress has a Stored Cross-Site Scripting vulnerability via the 'placeholder' parameter in all versions up to, and including, 1.1.0. This vulnerability allows authenticated attackers with Contributor-level access and above to inject web scripts that execute when a user accesses an injected page. The vulnerability has a CVSS score of 6.4 and is considered Medium prio [truncated]