CVE-2026-2502 | xmlrpc Attacks Blocker Plugin up to 1.0 on WordPress Header X-Forwarded-For cross site scripting

A vulnerability was found in xmlrpc Attacks Blocker Plugin up to 1.0 on WordPress. It has been declared as problematic. This affects an unknown function of the component Header Handler. Executing a manipulation of the argument X-Forwarded-For can lead to cross site scripting.

This vulnerability appears as CVE-2026-2502. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More