CVE-2026-10077 | WordPress yootheme Plugin up to 5.0.34 on WordPress HTML Attribute wp_kses_post HTML injection
A vulnerability identified as problematic has been detected in WordPress yootheme Plugin up to 5.0.34 on WordPress. This issue affects the function wp_kses_post of the component HTML Attribute Handler. The manipulation leads to HTML injection.
This vulnerability is uniquely identified as CVE-2026-10077. The attack is possible to be carried out remotely. No exploit exists.
You should upgrade the affected component.VulDB Recent EntriesRead More