What is CVE-2026-2214 — XSS in code-projects Plugin 1.0?

CVE-2026-2214 is a cross-site scripting (XSS) vulnerability in code-projects Plugin version 1.0, allowing attackers to inject malicious scripts via the txtalbum parameter.

Am I affected by CVE-2026-2214 in code-projects Plugin 1.0?

If you are using code-projects Plugin version 1.0, you are potentially affected. Upgrade to a patched version as soon as possible.

How do I fix CVE-2026-2214 in code-projects Plugin 1.0?

Upgrade to a patched version of the plugin. If a patch isn't available, implement input validation and output encoding on the txtalbum parameter.

Is CVE-2026-2214 being actively exploited?

A public proof-of-concept exploit exists, suggesting a potential for active exploitation.

Where can I find the official code-projects advisory for CVE-2026-2214?

Refer to the code-projects Plugin's official website or repository for the latest security advisories and updates.

CVE-2026-2214 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2026-2214 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• php / server:

grep -r "txtalbum = $_POST['txtalbum']" /var/www/html/code-projects/Plugin/

• generic web:

curl -I http://your-website.com/Administrator/PHP/AdminAddAlbum.php?txtalbum=<script>alert(1)</script>

code-projects para Plugin AdminAddAlbum.php cross site scripting

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2026-2214 — XSS in code-projects Plugin 1.0?

Am I affected by CVE-2026-2214 in code-projects Plugin 1.0?

How do I fix CVE-2026-2214 in code-projects Plugin 1.0?

Is CVE-2026-2214 being actively exploited?

Where can I find the official code-projects advisory for CVE-2026-2214?

Seu projeto está afetado?