Cross-Site Scripting Vulnerability in SEO Friendly Images Plugin by Vladimir Prelovac
CVE-2026-39665
6.5MEDIUM
What is CVE-2026-39665?
The SEO Friendly Images plugin developed by Vladimir Prelovac contains a vulnerability that allows for DOM-Based Cross-Site Scripting. This arise from improper handling of user input during web page generation. When a malicious user injects harmful scripts, it can lead to unauthorized access and manipulation of user information. Affected versions include all releases up to version 3.0.5. Website owners utilizing this plugin should take immediate action to update and safeguard their platforms.
Affected Version(s)
SEO Friendly Images 0 <= 3.0.5