MEDIUM
manchumahara
CVE published 2026-05-22
CVE-2026-6864
CVE-2026-6864 is a reflected cross-site scripting issue in the CBX 5 Star Rating & Review WordPress plugin. The flaw is triggered through the page parameter and affects all versions up to and including 1.0.7. Because the attack is unauthenticated but requires an administrator to interact with a crafted link, the practical risk is strongest for WordPress sites where admins access plugin pages or review lin [truncated]