LOW
WordPress.org
CVE published 2026-06-12
CVE-2026-9269
CVE-2026-9269 is a Stored Cross-Site Scripting (XSS) vulnerability in the Secure Copy Content Protection and Content Locking WordPress plugin before version 5.1.5. The plugin does not properly sanitize and escape some of its settings, potentially allowing high-privilege users, such as administrators, to perform Stored XSS attacks even when the unfiltered_html capability is disallowed (for example, in a mu [truncated]