Security Researchers Discover Critical XSS Vulnerabilities in Mintlify Platform Affecting Major Tech Companies
How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack - writeup.md
Read the full articleYou might also wanna read
CVE-2026-13234: CWE-79 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Drupal AI (Artificial Intelligence)
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AI (Artificial Intelligence) al
CVE-2026-26719: n/a
A Cross Site Scripting (XSS) vulnerability exists in xxl-job-admin version 3.0.0 that allows a remote attacker to execute arbitrary code via
CVE-2026-12141: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in leap13 Premium Addons for Elementor – Powerful Elementor Templates & Widgets
A stored cross-site scripting (XSS) vulnerability exists in the Premium Addons for Elementor – Powerful Elementor Templates & Widgets WordPr
CVE-2026-15532: Cross Site Scripting in SourceCodester Online Book Store System
SourceCodester Online Book Store System version 1.0 contains a cross-site scripting (XSS) vulnerability in its User Management Module. The v
CVE-2026-13005: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in mxchat MxChat – AI Chatbot & Content Generation for WordPress
MxChat – AI Chatbot & Content Generation for WordPress plugin versions up to and including 3.2.10 are vulnerable to stored Cross-Site Script
CVE-2026-15285: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in posimyththemes The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce
The Plus Addons for Elementor WordPress plugin contained a stored cross-site scripting (XSS) vulnerability in the Button widget's custom_att
Comments
Sign in to join the conversation.
No comments yet. Be the first.