CVE-2026-32491 Facebook — Exploit & Vulnerability Details MEDIUM

CVE-2026-32491

MEDIUM CVSS 3.1: 6.5 EPSS 0.03%

Parameter	Value
CVSS	6.5 (MEDIUM)
Type	CWE-79 (Cross-Site Scripting (XSS))
Vendor	Facebook
Public PoC	No

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through <= 13.9.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

Low

Partial data leak

Integrity

Low

Partial data modification

Availability

Low

Partial disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-79 Cross-Site Scripting (XSS)

References 1

https://patchstack.com/database/Wordpress/Plugin/wp-facebook-reviews/vulnerabil…

audit@patchstack.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-39328

Facebook

8.9

CVE-2026-35534

Facebook

7.6

CVE-2026-35179

Facebook

5.3

CVE-2026-32428

Facebook

5.3

CVE-2026-27379

Facebook

None

Menu

CVE-2026-32491

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-39328

CVE-2026-35534

CVE-2026-35179

CVE-2026-32428

CVE-2026-27379

CVE Details

Editor's Choice

Menu

CVE-2026-32491

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-39328

CVE-2026-35534

CVE-2026-35179

CVE-2026-32428

CVE-2026-27379

CVE Details

Editor's Choice

Stay informed on cybersecurity