[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"public-cve-CVE-2026-42653":3,"news-by-cve-CVE-2026-42653-10":60},{"cvss_severity":4,"nvd_cvss_severity":4,"tags":5,"references_preview":6,"source_identifier":10,"cvss_score":11,"has_workaround":12,"remediation_summary":13,"sources":15,"nvd_cvss_vector":17,"sectors":18,"vendor_context":20,"attack_techniques":27,"has_nuclei_templates":12,"in_kev":12,"attack_technique_count":42,"affected_products_preview":43,"has_ai_summary":12,"id":46,"state":47,"date_published":48,"kev_ransomware_use":12,"cvss_version":49,"nvd_cvss_score":11,"cvss_source":9,"has_exploit":12,"nuclei_template_count":50,"description":51,"weaknesses":52,"exploit_count":50,"reference_count":56,"assigner_org":55,"assigner_short_name":55,"cvss_vector":17,"attack_tactics":57,"has_attack_graph":14,"has_solution":14,"affected_product_count":56,"title":58,"date_updated":59},"HIGH",[],[7],{"url":8,"source":9},"https://patchstack.com/database/wordpress/plugin/slicewp/vulnerability/wordpress-slicewp-plugin-1-2-6-cross-site-scripting-xss-vulnerability?_s_id=cve","nvd","21595511-bba5-4825-b968-b78d1f9984a3",7.1,false,{"has_patch":14,"has_workaround":12},true,[16,9],"cvelist","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",[19],"web-cms-plugins",[21],{"vendor_type":22,"aliases":23,"sector":19,"vendor":26},"individual-dev",[24,25],"slicewp","social pug: author box","iova.mihai",[28,35],{"confidence":29,"technique_id":30,"technique_name":31,"tactic":32,"tactic_name":33,"url":34},"medium","T1059","Command and Scripting Interpreter","execution","Execution","https://attack.mitre.org/techniques/T1059/",{"technique_name":36,"tactic":37,"tactic_name":38,"url":39,"confidence":40,"technique_id":41},"Drive-by Compromise","initial-access","Initial Access","https://attack.mitre.org/techniques/T1189/","high","T1189",2,[44],{"product":45,"sector":19,"vendor":26},"SliceWP","CVE-2026-42653","PUBLISHED","2026-06-11T21:07:15Z","3.1",0,"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.Mihai SliceWP allows Stored XSS.\n\nThis issue affects SliceWP: from n/a through 1.2.6.",[53],{"cwe_id":54,"name":55},"CWE-79","",1,[33,38],"WordPress SliceWP plugin \u003C= 1.2.6 - Cross Site Scripting (XSS) vulnerability","2026-06-11T22:16:56Z",{"cve_id":46,"items":61,"total":50},[]]