CVE-2026-3348 - Vulnerability Details

Description

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings (Description, Title, and other fields) in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the redirect page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Published: 2026-05-27

Score: 4.4 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The MinhNhut Link Gateway plugin for WordPress contains a stored cross‑site scripting flaw due to insufficient input sanitization and output escaping in its settings fields such as Description and Title. An attacker who has Administrator or higher privileges can insert arbitrary JavaScript into these fields, which is then served to all users who visit the plugin’s redirect page, causing the malicious script to execute in their browsers.

Affected Systems

All installations of MinhNhut Link Gateway version 3.6.1 or earlier are affected. The vulnerability only manifests on WordPress multi‑site networks where the unfiltered_html capability is disabled. Single‑site installations or those with unfiltered_html enabled are not impacted by this issue.

Risk and Exploitability

The CVSS score of 4.4 classifies this flaw as moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, indicating it is not known to have been exploited. Exploitation requires that the attacker already has Administrator or higher access to the WordPress network; once the malicious script is stored, it is automatically delivered to all users who view the redirect page, making the attack straightforward for any privileged user who changes the plugin’s settings.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

minhnhut

MinhNhut Link Gateway

unaffected

Version	Status	Constraints
`0`	affected	≤ 3.6.1

No data.

Vendor Product Confidence Versions

Minhnhut

Minhnhut Link Gateway

100%

Version	Status	Scheme	Platform
`[0,3.6.1]`	affected	semver	—

Wordpress

80%

Version	Status	Scheme	Platform
`—`	unaffected	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update MinhNhut Link Gateway to a version newer than 3.6.1 to eliminate the XSS vulnerability.
Ensure that every site in the multi‑site network has the updated plugin installed and no script‑containing data remains in the settings.
Manually review existing configuration values for the plugin’s settings and remove any embedded JavaScript before applying updates.

Generated by OpenCVE AI on May 27, 2026 at 12:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/minhnhut-link-gateway/trunk/classes.php#L100
https://plugins.trac.wordpress.org/browser/minhnhut-link-gateway/trunk/templates/default/index.php#L7
https://www.wordfence.com/threat-intel/vulnerabilities/id/b9458918-beaf-4bad-8abd-521547df9497?source=cve

History

Wed, 27 May 2026 11:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Minhnhut Minhnhut minhnhut Link Gateway Wordpress Wordpress wordpress
Vendors & Products		Minhnhut Minhnhut minhnhut Link Gateway Wordpress Wordpress wordpress

Wed, 27 May 2026 10:30:00 +0000

Type	Values Removed	Values Added
Description		The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings (Description, Title, and other fields) in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the redirect page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Title		MinhNhut Link Gateway <= 3.6.1 - Authenticated (Admin+) Stored Cross-Site Scripting via Plugin Settings
Weaknesses		CWE-79
References		https://plugins.trac.wordpress.org/browser/minhnhut-link-gateway/trunk/classes.php#L100 https://plugins.trac.wordpress.org/browser/minhnhut-link-gateway/trunk/templates/default/index.php#L7 https://www.wordfence.com/threat-intel/vulnerabilities/id/b9458918-beaf-4bad-8abd-521547df9497?source=cve
Metrics		cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N'}`

Subscriptions

Minhnhut Minhnhut Link Gateway

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2026-05-27T09:27:31.267Z

Updated: 2026-05-27T09:27:31.267Z

Reserved: 2026-02-27T16:24:16.566Z

Link: CVE-2026-3348

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-27T11:16:18.470

Modified: 2026-05-27T11:16:18.470

Link: CVE-2026-3348

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-27T12:30:25Z

Weaknesses

CWE-79

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object