PatchSiren

iova.mihai CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH iova.mihai CVE published 2026-06-11

CVE-2026-42653

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the SliceWP WordPress plugin. This issue, tracked as CVE-2026-42653, allows an attacker to inject malicious scripts into web pages, potentially leading to unauthorized actions or data theft. The vulnerability has a CVSS score of 7.1 and is classified as HIGH severity.