CVE-2026-5247 | publishpress Schedule Post Changes with PublishPress Future Plugin Shortcode esc_html cross site scripting

A vulnerability marked as problematic has been reported in publishpress Schedule Post Changes with PublishPress Future Plugin up to 4.10.0 on WordPress. Affected is the function esc_html of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2026-5247. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More