Description
The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linkgate' shortcode in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Published: 2026-03-21
Score: 6.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored Cross‑Site Scripting
Action: Patch
AI Analysis

Impact

The vulnerability resides in the 'linkgate' shortcode of the MinhNhut Link Gateway plugin for WordPress. Because the plugin fails to sanitize or escape attributes supplied by users, a malicious contributor or higher‑privileged user can embed arbitrary JavaScript into the shortcode. This stored XSS payload is served to any visitor of the affected page, allowing attackers to hijack sessions, deface content, or deliver phishing attacks. The weakness corresponds to CWE‑79 – Improper Neutralization of Input During Web Page Generation.

Affected Systems

WordPress sites running the MinhNhut Link Gateway plugin version 3.6.1 or earlier are affected. The plugin is distributed for the WordPress plugin ecosystem and may be present on any WordPress installation that has installed or updated it before or up to 3.6.1.

Risk and Exploitability

The CVSS score of 6.4 indicates medium severity; the vulnerability requires authenticated access with Contributor-level or higher privileges, so an attacker must first gain contributing authority to the WordPress site. No EPSS information is available, and the flaw is not listed in the CISA KEV catalog, suggesting it has not yet been widely exploited. However, the presence of the vulnerability in a user‑facing shortcode makes it exploitable on sites where contributors can add or edit content. If privileged users are compromised or malicious, the stored payload can affect all visitors of the page. The exploit is relatively straightforward once the attacker has authorisation, as it only involves inserting a malicious shortcode into a page or post.

Generated by OpenCVE AI on March 21, 2026 at 07:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest version of the MinhNhut Link Gateway plugin (v3.6.2 or later).
  • If an upgrade is not possible, disable or uninstall the plugin until a patch is available.
  • Restrict Contributor and higher‑level roles to trusted personnel only, or reclassify users who do not need content editing rights.
  • Verify that all existing pages or posts using the 'linkgate' shortcode have been audited for injected scripts and remove any suspicious content.

Generated by OpenCVE AI on March 21, 2026 at 07:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Minhnhut
Minhnhut minhnhut Link Gateway
Wordpress
Wordpress wordpress
Vendors & Products Minhnhut
Minhnhut minhnhut Link Gateway
Wordpress
Wordpress wordpress

Sat, 21 Mar 2026 05:30:00 +0000

Type Values Removed Values Added
Description The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linkgate' shortcode in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Title MinhNhut Link Gateway <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

Subscriptions

Minhnhut Minhnhut Link Gateway
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:09:19.521Z

Reserved: 2026-02-27T14:47:50.201Z

Link: CVE-2026-3333

cve-icon Vulnrichment

Updated: 2026-03-23T16:36:46.591Z

cve-icon NVD

Status : Deferred

Published: 2026-03-21T04:17:20.083

Modified: 2026-04-24T16:27:44.277

Link: CVE-2026-3333

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:41:54Z

Weaknesses