CVE Catalog
CVE-2026-57763
MediumCVSS 6.5Summary
The Structured Content plugin version 1.7.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in the Contributor function. This allows an attacker to inject malicious JavaScript code into the page.
Risk Assessment
The risk involves potential session hijacking, redirects to malicious sites, or theft of sensitive data through script execution in the victim's browser.
Recommendation
It is recommended to immediately update the Structured Content plugin to a version newer than 1.7.0, which includes a fix for the XSS vulnerability.
Original NVD description (English source)
Contributor Cross Site Scripting (XSS) in Structured Content <= 1.7.0 versions.

