CVE-2026-6268 | EventPress Plugin up to 22.1 on WordPress AJAX eventpress_customizer_notify_dismiss_action ID cross site scripting

May 27, 2026 Yanac

A vulnerability was found in EventPress Plugin up to 22.1 on WordPress. It has been rated as problematic. Affected by this issue is the function eventpress_customizer_notify_dismiss_action of the component AJAX Handler. Performing a manipulation of the argument ID results in cross site scripting.

This vulnerability was named CVE-2026-6268. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More