CVE-2026-7014 - MaxSite CMS down_count Plugin cross site scripting
CVE ID :CVE-2026-7014 Published : April 26, 2026, 3:16 a.m. | 43 minutes ago Description :A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down_count Plugin. This manipulation of the argument f_file/f_prefix causes cross site scripting.
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Ukraine’s Cyber Division Infiltrates Russian Military Satellite Comms “Gonets” in Multi-Year Breach
- [CYBER] Video Shows Trump Event Shooter Charging Towards Press Dinner Venue
- [CYBER] CVE-2026-7015 - MaxSite CMS Guestbook Plugin cross site scripting
- [CYBER] CVE-2026-7013 - MaxSite CMS mail_send Plugin cross site scripting
- [CYBER] CVE-2026-42254 - Hickory DNS Zone Poisoning Vulnerability
- [CYBER] GHSA-C4QG-J8JG-42Q5: GHSA-C4QG-J8JG-42Q5: Server-Side Request Forgery in OpenClaw QQBot Extension