XSS in Alhadeff Writeprint Stylometry
CVE-2026-3512
The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjl…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.
Affected products
- Alhadeff Writeprint Stylometry — versions 0
Weakness classification (CWE)
References
- www.wordfence.com/threat-intel/vulnerabilities/id/5a614ce5-faa4-4b27-84bd-f15f8…
- plugins.trac.wordpress.org/browser/writeprint-stylometry/trunk/writeprint-stylo…
- plugins.trac.wordpress.org/browser/writeprint-stylometry/tags/0.1/writeprint-st…
- plugins.trac.wordpress.org/browser/writeprint-stylometry/trunk/writeprint-stylo…
- plugins.trac.wordpress.org/browser/writeprint-stylometry/tags/0.1/writeprint-st…
Frequently asked questions
- What is CVE-2026-3512?
- CVE-2026-3512 is a medium-severity vulnerability in Alhadeff Writeprint Stylometry, classified under Cross-site Scripting. CVSS score: 6.1/10. Published 2026-03-18.
- How severe is CVE-2026-3512?
- Medium severity. CVSS v3 base score is 6.1 out of 10.