PatchSiren cyber security CVE debrief
CVE-2026-52702 wp-buy CVE debrief
CVE-2026-52702 is a high-severity Unauthenticated Cross Site Scripting (XSS) vulnerability affecting SEO Redirection plugin versions <= 9.17. The vulnerability has a CVSS score of 7.1 and is considered HIGH severity. It was published on [cvePublishedAt] and last modified on [cveModifiedAt].
- Vendor
- wp-buy
- Product
- SEO Redirection
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of SEO Redirection plugin versions <= 9.17 should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is an Unauthenticated Cross Site Scripting (XSS) issue in the SEO Redirection plugin. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L.
Defensive priority
HIGH
Recommended defensive actions
- Update SEO Redirection plugin to a version greater than 9.17.
- Refer to [ref-4] for mitigation or vendor reference.
Evidence notes
The vulnerability was reported by [email protected] and is listed in the NVD database.
Official resources
-
CVE-2026-52702 CVE record
CVE.org
-
CVE-2026-52702 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-52702 was published on 2026-06-15T21:17:24.733Z and last modified on 2026-06-15T21:24:32.790Z.