Vulnerability in Shariff For Wordpress
CVE-2026-9677
The Shariff for WordPress Shariff for WordPress plugin through 1.0.11 does not sanitize or escape the shariff_infourl setting before outputting it in the frontend HTML via the generateshariff() function, which could allow high privilege us…
EPSS: 0.002 (4.8th percentile) — read the EPSS interpretation.
Affected products
- Unknown Shariff For Wordpress — versions 0
References
- contact@wpscan.com (technical-description, exploit, vdb-entry)