PatchSiren

merkulove CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM merkulove CVE published 2026-07-13

CVE-2026-57783

A Stored XSS vulnerability was found in the Speaker plugin. This issue affects Speaker plugin versions from n/a through <= 4.1.13. The vulnerability has a CVSS score of 6.5 and a severity of MEDIUM. The vulnerability exists due to improper neutralization of input during web page generation, allowing an attacker with low privileges to exploit this vulnerability. Users of affected versions should review the [truncated]