Tiny Tinymce
4 CVEs affecting Tiny Tinymce. Latest disclosed: 2026-05-28. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-47762 | High | 8.7 | 2026-05-28 | TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via forged mce:protected comments. Allows at… |
CVE-2026-47761 | High | 8.7 | 2026-05-28 | TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability in the media plugin. Attackers can inject ma… |
CVE-2026-47760 | High | 8.7 | 2026-05-28 | TinyMCE is an open source rich text editor. From 6.8.0 to before 7.1.0, TinyMCE contains an XSS vulnerability caused by improper SVG namespace scope handling i… |
CVE-2026-47759 | High | 8.7 | 2026-05-28 | TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via unsanitized data-mce-* attributes (data-… |