CVE-2026-1953

HIGH

Nukegraphic CMS 3.1.2 - Authenticated Stored Cross-Site Scripting in User Profile Name Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-1953. PoCs published by XiaomingX, carlosbudiman.

AI-analyzed exploit summary This repository contains a functional SQL injection exploit for CVE-2025-10042, targeting WordPress Quiz Maker plugin versions <= 6.7.0.56. The exploit uses time-based blind SQLi to extract admin credentials and hashes.

Description

Nukegraphic CMS v3.1.2 contains a stored cross-site scripting (XSS) vulnerability in the user profile edit functionality at /ngc-cms/user-edit-profile.php. The application fails to properly sanitize user input in the name field before storing it in the database and rendering it across multiple CMS pages. An authenticated attacker with low privileges can inject malicious JavaScript payloads through the profile edit request, which are then executed site-wide whenever the affected user's name is displayed. This allows the attacker to execute arbitrary JavaScript in the context of other users' sessions, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of victims.

Exploits (2)

github WORKING POC 10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-1953

This repository contains a functional SQL injection exploit for CVE-2025-10042, targeting WordPress Quiz Maker plugin versions <= 6.7.0.56. The exploit uses time-based blind SQLi to extract admin credentials and hashes.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Quiz Maker <= 6.7.0.56
No auth needed
Prerequisites: Target WordPress URL · Path to quiz page · Vulnerable header for injection
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WRITEUP
by carlosbudiman · poc
https://github.com/carlosbudiman/CVE-2026-1953-Disclosure

This repository contains a writeup for CVE-2026-1953, a stored XSS vulnerability in Nukegraphic CMS v3.1.2. The vulnerability allows authenticated users to inject malicious JavaScript into the profile name field, which is executed whenever the name is rendered across the CMS.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Nukegraphic CMS v3.1.2
Auth required
Prerequisites: Valid user credentials · Access to the profile edit page
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v4 8.2
EPSS 0.0042
EPSS Percentile 33.5%
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
Nukegraphic CMS/Nukegraphic CMS 3.1.2
Published Feb 05, 2026
Tracked Since Feb 18, 2026