CVE-2026-27074

Name of the Vulnerable Software and Affected Versions vaakash Shortcoder versions through 6.5.1

Description The software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting (XSS). This means that malicious scripts can be stored on the server and executed by other users when they view the affected web page. The vulnerability exists due to insufficient sanitization of user-supplied input.

Recommendations Update vaakash Shortcoder to a version later than 6.5.1.