CVE-2026-6495 AKAOMA CVE VULNERABILITIES / 16h The Ajax Load More WordPress plugin before 7.8.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Source: cve.akaoma.com
Published:
<p>7.1 /10 Very High Risk Highly exploitable, CVE-2026-6495 poses a critical security risk that could lead to severe breaches.</p> <p>Highly exploitable, CVE-2026-6495 poses a critical security risk that could lead to severe breaches.</p>