CVE-2026-9269

UNKNOWN 0.0

Secure Copy Content Protection and Content Locking < 5.1.5 - Admin+ Stored XSS via ays_sccp_sub_icon_image Parameter

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Secure Copy Content Protection and Content Locking WordPress plugin before 5.1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Vendor	unknown
Product	secure copy content protection and content locking
Published	Jun 12, 2026

Stay Ahead of the Next One

Get instant alerts for unknown secure copy content protection and content locking

Be the first to know when new unknown vulnerabilities affecting unknown secure copy content protection and content locking are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Secure Copy Content Protection and Content Locking

0 < 5.1.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/61a3f41d-f031-4dba-b5cf-4ca3bce71b1b/

Credits

Luca Jungnickel WPScan