{"vulnerability": "cve-2026-10104", "sightings": [{"uuid": "416cf794-c3c2-48eb-b7dc-0be43c59a140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpp2oayxuz2c", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-10104 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Product Video Gallery \u0434\u043b\u044f WooCommerce: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/EC326E63-EF69-46E0-AA9B-16FB76D13172", "creation_timestamp": "2026-07-02T22:16:22.218047Z"}, {"uuid": "ce32a200-c529-444c-b81d-4d858e2a153e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/116874542096751750", "content": "\ud83d\udea8 CVE-2026-10104 PoC published\nGitHub: https://github.com/Ravi-lk/CVE-2026-10104-POC\nA PoC is available for an authenticated stored XSS issue in Product Video Gallery for WooCommerce.\nThe flaw affects older versions of the WordPress plugin and can allow JavaScript execution on public product pages after a user with product-editing access injects the payload.\nFixed in 1.5.1.9.", "creation_timestamp": "2026-07-06T18:53:05.876622Z"}, {"uuid": "6e5e9987-813b-4f72-91d8-3dd8b63ad144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "https://t.me/GithubRedTeam/92052", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-10104-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Ravi-lk\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-05 14:49:11\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProduct Video Gallery for Woocommerce &lt;= 1.5.1.8 - Authenticated Stored Cross-Site Scripting Proof of Concept\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:12.351708Z"}, {"uuid": "6c6eed25-b09b-4581-a0fa-8e3763264244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "https://t.me/GithubRedTeam/92052", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-10104-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Ravi-lk\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-05 14:49:11\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProduct Video Gallery for Woocommerce &lt;= 1.5.1.8 - Authenticated Stored Cross-Site Scripting Proof of Concept\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:20.549759Z"}, {"uuid": "3533ba4d-905c-4f62-ae23-d0ba7b84a60b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/92052", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-10104-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Ravi-lk\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-05 14:49:11\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProduct Video Gallery for Woocommerce &lt;= 1.5.1.8 - Authenticated Stored Cross-Site Scripting Proof of Concept\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:29.669807Z"}, {"uuid": "a5a35425-d440-41a2-b8f7-6195e49529f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "Telegram/7rIIDruJxEl38qBzoHyGM9oWQAxjhN2Km_TAbaElw9hJXAI", "content": "", "creation_timestamp": "2026-07-16T19:00:21.222966Z"}, {"uuid": "7b4068be-5bc6-4ffe-b1c1-938ef15d07ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "Telegram/OhhX9i0X1ykgntk9NjydMWNwUPSzUxraU9z7IC-aBX2EpY0", "content": "", "creation_timestamp": "2026-07-16T19:00:21.502703Z"}, {"uuid": "57fc8bfd-f60c-4542-bc0e-d86c366582d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "Telegram/7rIIDruJxEl38qBzoHyGM9oWQAxjhN2Km_TAbaElw9hJXAI", "content": "", "creation_timestamp": "2026-07-17T00:00:37.641935Z"}, {"uuid": "9c7dcabf-2aa9-43e4-9d71-4149d5475f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-10104", "type": "seen", "source": "Telegram/OhhX9i0X1ykgntk9NjydMWNwUPSzUxraU9z7IC-aBX2EpY0", "content": "", "creation_timestamp": "2026-07-17T00:00:37.934700Z"}]}