PatchSiren

RexTheme CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH RexTheme CVE published 2026-07-13

CVE-2026-57417

CVE-2026-57417 is a Stored XSS vulnerability in Cart Lift plugin, affecting versions up to 3.1.57. The issue allows attackers to inject malicious scripts, potentially leading to unauthorized actions and data breaches. This vulnerability has been publicly disclosed and has a CVSS score of 7.1, indicating a high severity. Users of the Cart Lift plugin, especially those with untrusted user input, should prio [truncated]