CVE-2026-1047 | salavat Counter Plugin up to 0.9.5 on WordPress image_url cross site scripting

February 18, 2026 Yanac

A vulnerability marked as problematic has been reported in salavat Counter Plugin up to 0.9.5 on WordPress. This affects an unknown part. Performing a manipulation of the argument image_url results in cross site scripting.

This vulnerability was named CVE-2026-1047. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-13612 | Album and Image Gallery Plus Lightbox Plugin up to 2.1.7 on WordPress Shortcode aigpl-gallery-album cross site scripting
CVE-2025-13617 | Apollo13Themes Apollo13 Framework Extensions Plugin up to 1.9.8 on WordPress a13_alt_link cross site scripting