CVE-2026-5341 | mirceatm NMR Strava Activities Plugin up to 1.0.14 on WordPress Shortcode strava_nmr_connect cross site scripting

A vulnerability marked as problematic has been reported in mirceatm NMR Strava Activities Plugin up to 1.0.14 on WordPress. This affects the function strava_nmr_connect of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2026-5341. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More