{"uuid": "ce32a200-c529-444c-b81d-4d858e2a153e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/116874542096751750", "content": "\ud83d\udea8 CVE-2026-10104 PoC published\nGitHub: https://github.com/Ravi-lk/CVE-2026-10104-POC\nA PoC is available for an authenticated stored XSS issue in Product Video Gallery for WooCommerce.\nThe flaw affects older versions of the WordPress plugin and can allow JavaScript execution on public product pages after a user with product-editing access injects the payload.\nFixed in 1.5.1.9.", "creation_timestamp": "2026-07-06T18:53:05.876622Z"}