CVE-2026-42733

Name of the Vulnerable Software and Affected Versions WPCS versions prior to 1.3.2

Description Improper neutralization of input during web page generation in the RealMag777 WPCS currency-switcher allows for DOM-Based Cross-site Scripting (XSS), a flaw where the application contains client-side JavaScript that processes data from an untrusted source in an unsafe way, typically by writing the data to a dangerous sink.

Recommendations Update to a version later than 1.3.1.