https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 14 Jun 2026 22:13:15 +0000 https://vulnerability.circl.lu/sighting/9d1f2bc6-ea69-45c5-abdf-af54d6b0a28b/export {"uuid": "9d1f2bc6-ea69-45c5-abdf-af54d6b0a28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5513", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mo6tilwrx22o", "content": "Visitors inject malicious scripts. Steal admin sessions. Compromise customer data. CVE-2026-5513 (CVSS 7.2) hits Bookly up to 27.2. No patch available. Disable it now. Scan your WordPress site: pulse-wp.com\n#WordPress #XSS #CyberSecurity", "creation_timestamp": "2026-06-13T18:01:43.229773Z"} {"uuid": "9d1f2bc6-ea69-45c5-abdf-af54d6b0a28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5513", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mo6tilwrx22o", "content": "Visitors inject malicious scripts. Steal admin sessions. Compromise customer data. CVE-2026-5513 (CVSS 7.2) hits Bookly up to 27.2. No patch available. Disable it now. Scan your WordPress site: pulse-wp.com\n#WordPress #XSS #CyberSecurity", "creation_timestamp": "2026-06-13T18:01:43.229773Z"} https://vulnerability.circl.lu/sighting/9d1f2bc6-ea69-45c5-abdf-af54d6b0a28b/export Sat, 13 Jun 2026 18:01:43 +0000 https://vulnerability.circl.lu/sighting/2ca9a05a-8425-442b-88bc-4fa9a4e5e0b9/export {"uuid": "2ca9a05a-8425-442b-88bc-4fa9a4e5e0b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5513", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116746932965862347", "content": "CVE-2026-5513: HIGH severity XSS in Bookly (<=27.2) via 'bookly-customer-full-name' cookie. Exploitable if 'Remember personal info in cookies' is enabled (disabled by default). No patch yet \u2014 disable vulnerable setting! https://radar.offseq.com/threat/cve-2026-5513-cwe-79-improper-neutralization-of-in-d213c0f7 #OffSeq #XSS #WordPress #Security", "creation_timestamp": "2026-06-14T06:01:57.464821Z"} {"uuid": "2ca9a05a-8425-442b-88bc-4fa9a4e5e0b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5513", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116746932965862347", "content": "CVE-2026-5513: HIGH severity XSS in Bookly (<=27.2) via 'bookly-customer-full-name' cookie. Exploitable if 'Remember personal info in cookies' is enabled (disabled by default). No patch yet \u2014 disable vulnerable setting! https://radar.offseq.com/threat/cve-2026-5513-cwe-79-improper-neutralization-of-in-d213c0f7 #OffSeq #XSS #WordPress #Security", "creation_timestamp": "2026-06-14T06:01:57.464821Z"} https://vulnerability.circl.lu/sighting/2ca9a05a-8425-442b-88bc-4fa9a4e5e0b9/export Sun, 14 Jun 2026 06:01:57 +0000 https://vulnerability.circl.lu/sighting/562a2618-1485-46ae-aa7d-b9638ee27024/export {"uuid": "562a2618-1485-46ae-aa7d-b9638ee27024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5513", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moa3qky2ho2l", "content": "Bookly plugin (<=27.2) hits HIGH XSS \u2014 unauthenticated attackers can inject scripts if 'Remember personal info in cookies' is ON. No fix yet: disable this setting to reduce risk. https://radar.offseq.com/threat/cve-2026-5513-cwe-79-improper-neutralization-of-in-d213c0f7 #OffSeq #WordPress #XSS", "creation_timestamp": "2026-06-14T06:02:36.156374Z"} {"uuid": "562a2618-1485-46ae-aa7d-b9638ee27024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-5513", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3moa3qky2ho2l", "content": "Bookly plugin (<=27.2) hits HIGH XSS \u2014 unauthenticated attackers can inject scripts if 'Remember personal info in cookies' is ON. No fix yet: disable this setting to reduce risk. https://radar.offseq.com/threat/cve-2026-5513-cwe-79-improper-neutralization-of-in-d213c0f7 #OffSeq #WordPress #XSS", "creation_timestamp": "2026-06-14T06:02:36.156374Z"} https://vulnerability.circl.lu/sighting/562a2618-1485-46ae-aa7d-b9638ee27024/export Sun, 14 Jun 2026 06:02:36 +0000 https://vulnerability.circl.lu/sighting/08a4b99a-0bc7-4031-a927-401879c8f752/export {"uuid": "08a4b99a-0bc7-4031-a927-401879c8f752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5513", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3moaop5bw442b", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-5513\n\nThe Online Scheduling and Appointment Booking System \u2013 Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-cus...", "creation_timestamp": "2026-06-14T11:39:38.968899Z"} {"uuid": "08a4b99a-0bc7-4031-a927-401879c8f752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5513", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3moaop5bw442b", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2026-5513\n\nThe Online Scheduling and Appointment Booking System \u2013 Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-cus...", "creation_timestamp": "2026-06-14T11:39:38.968899Z"} https://vulnerability.circl.lu/sighting/08a4b99a-0bc7-4031-a927-401879c8f752/export Sun, 14 Jun 2026 11:39:38 +0000