jQuery Hover Footnotes

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-10738	WordPress jQuery Hover Footnotes	Med	0.42	6.4	—		Jun 9, 2026	The jQuery Hover Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Footnote Qualifier ('{{...}}' Syntax) in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…
CVE-2026-10553	WordPress jQuery Hover Footnotes	Med	0.28	4.3	—		Jun 9, 2026	The jQuery Hover Footnotes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the jqFootnotes_options_subpanel function. This makes it possible for unauthenticated…

CVE-2026-10738MedJun 9, 2026
WordPress
jQuery Hover Footnotes
risk 0.42cvss 6.4epss —
The jQuery Hover Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Footnote Qualifier ('{{...}}' Syntax) in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…
CVE-2026-10553MedJun 9, 2026
WordPress
jQuery Hover Footnotes
risk 0.28cvss 4.3epss —
The jQuery Hover Footnotes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the jqFootnotes_options_subpanel function. This makes it possible for unauthenticated…