Description
Voltronic Power SNMP Web Pro version 1.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to access privileged management functions by manipulating browser localStorage values. Attackers can modify client-side authentication state to bypass server-side access controls and gain unauthorized access to protected management functionality without valid credentials.
Published: 2026-03-13
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Stored Cross‑Site Scripting
Action: Patch
AI Analysis

Impact

wpDiscuz before version 7.6.47 includes a stored cross‑site scripting flaw that permits an authenticated user to inject malicious JavaScript. The attack works through the plugin’s options import feature, where a crafted JSON file containing script payloads in the customCss field is accepted without proper sanitization. Once imported, the malicious code is persisted and rendered on every page that references the options, allowing the attacker to execute arbitrary scripts in visitors’ browsers, hijack sessions, steal cookies or deliver malware. This weakness is classified as CWE‑79: Improper Neutralization of Input During Web Page Generation.

Affected Systems

Affected systems are installations of the wpDiscuz plugin from gVectors for WordPress. All releases prior to version 7.6.47 are potentially vulnerable. The defect is tied to the options import functionality, which is available to any user with write permissions to the plugin settings.

Risk and Exploitability

The CVSS score of 6.3 indicates medium severity, and the EPSS score of less than 1% suggests a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to be authenticated as an administrator or a user with permission to import options. Once the malicious JSON file is uploaded, the stored XSS is triggered whenever a page renders the options, making the attack relatively simple for an attacker who has the necessary privileges.

Generated by OpenCVE AI on March 17, 2026 at 21:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update wpDiscuz to version 7.6.47 or later
  • If an update is not immediately possible, restrict the options import capability to trusted administrators only or disable the import feature temporarily
  • Consider deploying a Web Application Firewall rule that blocks suspicious script content in the customCss parameter of JSON payloads
  • Verify that the site visitors cannot load unfiltered custom CSS by enabling additional content security policies (e.g., CSP)

Generated by OpenCVE AI on March 17, 2026 at 21:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-79
References

Wed, 22 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

 cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L'}

Wed, 22 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Description wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by importing a crafted options file with unescaped customCss field values. Attackers can supply a malicious JSON import file containing script payloads in the customCss parameter that execute on every page when rendered through the options handler without proper sanitization. Voltronic Power SNMP Web Pro version 1.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to access privileged management functions by manipulating browser localStorage values. Attackers can modify client-side authentication state to bypass server-side access controls and gain unauthorized access to protected management functionality without valid credentials.
Title wpDiscuz before 7.6.47 - Stored Cross-Site Scripting via Malicious Options Import Voltronic Power SNMP Web Pro 1.1 Authentication Bypass via localStorage
Weaknesses CWE-306
References
Metrics cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N'}

 cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N'}

Fri, 13 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 13 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Fri, 13 Mar 2026 02:00:00 +0000

Type Values Removed Values Added
Description wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by importing a crafted options file with unescaped customCss field values. Attackers can supply a malicious JSON import file containing script payloads in the customCss parameter that execute on every page when rendered through the options handler without proper sanitization.
Title wpDiscuz before 7.6.47 - Stored Cross-Site Scripting via Malicious Options Import
First Time appeared Gvectors
Gvectors wpdiscuz
Weaknesses CWE-79
CPEs cpe:2.3:a:gvectors:wpdiscuz:*:*:*:*:*:wordpress:*:*
Vendors & Products Gvectors
Gvectors wpdiscuz
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N'}

Subscriptions

Gvectors Wpdiscuz
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-22T18:34:51.911Z

Reserved: 2026-01-06T16:47:17.183Z

Link: CVE-2026-22192

cve-icon Vulnrichment

Updated: 2026-03-13T15:04:17.541Z

cve-icon NVD

Status : Modified

Published: 2026-03-13T19:54:09.507

Modified: 2026-04-22T19:17:00.303

Link: CVE-2026-22192

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T09:59:58Z

Weaknesses