MEDIUM
Tangible
CVE published 2026-07-13
CVE-2026-57391
A Stored XSS vulnerability was discovered in the Tangible Loops & Logic plugin. This issue, tracked as CVE-2026-57391, allows attackers to inject malicious scripts into web pages. Users should update to a patched version to mitigate this risk. The vulnerability exists due to improper neutralization of input during web page generation. An attacker with low privileges can inject malicious scripts, which wil [truncated]