PT-2026-31092 · WordPress · Pinterest Site Verification Plugin Using Meta Tag Plugin For Wordpress

Nabil Irawan

Published

2026-04-08

Updated

2026-04-13

CVE-2026-3142

CVSS v3.1

6.4

Medium

AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Pinterest Site Verification plugin using Meta Tag plugin for WordPress versions up to and including 1.8

Description The Pinterest Site Verification plugin using Meta Tag plugin for WordPress is susceptible to Stored Cross-Site Scripting through the post var parameter due to inadequate input sanitization and output escaping. Authenticated attackers with subscriber-level access or higher can inject malicious web scripts into pages, which will execute when a user views the compromised page.

Recommendations Update the Pinterest Site Verification plugin using Meta Tag plugin for WordPress to a version newer than 1.8.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-3142

Affected Products

Pinterest Site Verification Plugin Using Meta Tag Plugin For Wordpress

CVE-2026-3142

Weakness Enumeration

Related Identifiers

Affected Products

References · 11