Unrated severityNVD Advisory· Published Jun 24, 2026
AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute
CVE-2026-10531
Description
The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a page, allowing users with the Contributor role and above to perform Stored Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <2.0.4
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/ebc956c2-42f4-495f-a37e-f83ed156af08/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.