{"uuid": "7555472b-1f6f-41b0-9c88-da140869d05d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9253", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116890261952553944", "content": "CVE-2026-9253: WP Cost Estimation &amp; Payment Forms Builder \u226410.5.97 has a HIGH severity stored XSS via 'customerInfos'. Unauthenticated attackers can inject scripts. Patch status unconfirmed \u2014 restrict plugin use for now. https://radar.offseq.com/threat/cve-2026-9253-cwe-79-improper-neutralization-of-in-2f00c010407cb3e3 #OffSeq #WordPress #Vuln #XSS", "creation_timestamp": "2026-07-09T13:30:51.410977Z"}