CVE-2026-42678

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
01/06/2026
Last modified:
01/06/2026

Description

Improper Neutralization of Input During Web Page Generation (&amp;#39;Cross-site Scripting&amp;#39;) vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS.<br /> <br /> This issue affects GiveWP: from n/a through 4.14.5.