CVE-2026-1055 | TalkJS Plugin up to 0.1.15 on WordPress Setting welcomeMessage cross site scripting

February 18, 2026 Yanac

A vulnerability, which was classified as problematic, was found in TalkJS Plugin up to 0.1.15 on WordPress. Affected is an unknown function of the component Setting Handler. Executing a manipulation of the argument welcomeMessage can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-1055. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More