CVE-2026-2382 | frankpw FPW Category Thumbnails Plugin up to 1.9.5 on WordPress Setting fpw_fs_get_file ID cross site scripting

A vulnerability described as problematic has been identified in frankpw FPW Category Thumbnails Plugin up to 1.9.5 on WordPress. The affected element is the function fpw_fs_get_file of the component Setting Handler. The manipulation of the argument ID results in cross site scripting.

This vulnerability is known as CVE-2026-2382. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More