Product

Custom Twitter Feeds Plugin <= 2.5.4

1 brief RSS

CVE-2026-6177 - Custom Twitter Feeds WordPress Plugin Stored XSS

The Custom Twitter Feeds plugin for WordPress is vulnerable to stored cross-site scripting (XSS) in versions up to and including 2.5.4 due to insufficient output escaping, allowing unauthenticated attackers to inject arbitrary web scripts.

Custom Twitter Feeds plugin <= 2.5.4 xss wordpress CVE-2026-6177

2r 1t 1c 2h ago