EIP-2026-114151
PRE-CVEWordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114151. PoCs published by waraxe.
AI-analyzed exploit summary The exploit demonstrates multiple reflected XSS vulnerabilities in the Uploadify Integration plugin for WordPress by injecting script tags into various parameters. The PoC uses simple JavaScript alerts to confirm the vulnerability.
Description
WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by waraxe · textwebappsphp
https://www.exploit-db.com/exploits/37070
The exploit demonstrates multiple reflected XSS vulnerabilities in the Uploadify Integration plugin for WordPress by injecting script tags into various parameters. The PoC uses simple JavaScript alerts to confirm the vulnerability.
Classification
Working Poc 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Uploadify Integration plugin for WordPress 0.9.6
No auth needed
Prerequisites:
Access to the vulnerable WordPress plugin endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026