Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PSM Plugins SupportCandy supportcandy allows Stored XSS.This issue affects SupportCandy: from n/a through <= 3.4.8.
Metrics
Affected Vendors & Products
References
History
Mon, 13 Jul 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Psm Plugins
Psm Plugins supportcandy Wordpress Wordpress wordpress |
|
| Vendors & Products |
Psm Plugins
Psm Plugins supportcandy Wordpress Wordpress wordpress |
Mon, 13 Jul 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PSM Plugins SupportCandy supportcandy allows Stored XSS.This issue affects SupportCandy: from n/a through <= 3.4.8. | |
| Title | WordPress SupportCandy plugin <= 3.4.8 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-07-13T08:41:24.688Z
Reserved: 2026-06-25T08:04:04.790Z
Link: CVE-2026-57711
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-13T14:45:04Z