Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Mervin Praison | Featured Image | unaffected |
|
No data.
No data.
No data available yet.
Vendor Solution
Update the WordPress Featured Image Plugin to the latest available version (at least 2.2).
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 29 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 26 Jun 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions. | |
| Title | WordPress Featured Image plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-29T14:43:54.189Z
Reserved: 2026-06-24T12:46:44.605Z
Link: CVE-2026-57431
Vulnrichment
Updated: 2026-06-29T14:43:48.923Z
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-26T17:00:04Z