CVE-2026-40229 - Helpy 2.8.0 - Stored XSS in post author display via PostsHelper
CVE ID :CVE-2026-40229 Published : April 29, 2026, 4:16 p.m. | 22 minutes ago Description :Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbitrary HTML in their account name field and cause it to be rendered unescap
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Is this 'the largest breach in football history'? Hackers allegedly breach Cristiano Ronaldo's Saudi team and AFC governing body, leak passports, contracts, and emails online
- [CYBER] The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs
- [CYBER] AI security capabilities and the human side of vulnerability management
- [CYBER] 'This campaign works because it feels ordinary': Experts reveal how hackers use fake DHL messages to lure in victims
- [CYBER] The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs
- [CYBER] CVE-2026-7393 - SourceCodester Pizzafy Ecommerce System File Extension admin_class_novo.php save_menu unrestricted upload