<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 11 Jul 2026 12:53:29 +0000</lastBuildDate>
    <item>
      <title>b486ea21-3555-4b0c-b2b3-d74c54d7ebfa</title>
      <link>https://vulnerability.circl.lu/sighting/b486ea21-3555-4b0c-b2b3-d74c54d7ebfa/export</link>
      <description>{"uuid": "b486ea21-3555-4b0c-b2b3-d74c54d7ebfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9253", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq7ql2bxkr2d", "content": "WP Cost Estimation &amp;amp; Payment Forms Builder \u226410.5.97 hit by HIGH severity XSS (CVE-2026-9253). Unauthenticated attackers can inject scripts \u2014 patch status unknown. Restrict plugin use now. https://radar.offseq.com/threat/cve-2026-9253-cwe-79-improper-neutralization-of-in-2f00c010407cb3e3 #OffSeq #...", "creation_timestamp": "2026-07-09T13:30:53.610257Z"}</description>
      <content:encoded>{"uuid": "b486ea21-3555-4b0c-b2b3-d74c54d7ebfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9253", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq7ql2bxkr2d", "content": "WP Cost Estimation &amp;amp; Payment Forms Builder \u226410.5.97 hit by HIGH severity XSS (CVE-2026-9253). Unauthenticated attackers can inject scripts \u2014 patch status unknown. Restrict plugin use now. https://radar.offseq.com/threat/cve-2026-9253-cwe-79-improper-neutralization-of-in-2f00c010407cb3e3 #OffSeq #...", "creation_timestamp": "2026-07-09T13:30:53.610257Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b486ea21-3555-4b0c-b2b3-d74c54d7ebfa/export</guid>
      <pubDate>Thu, 09 Jul 2026 13:30:53 +0000</pubDate>
    </item>
    <item>
      <title>7555472b-1f6f-41b0-9c88-da140869d05d</title>
      <link>https://vulnerability.circl.lu/sighting/7555472b-1f6f-41b0-9c88-da140869d05d/export</link>
      <description>{"uuid": "7555472b-1f6f-41b0-9c88-da140869d05d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9253", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116890261952553944", "content": "CVE-2026-9253: WP Cost Estimation &amp;amp; Payment Forms Builder \u226410.5.97 has a HIGH severity stored XSS via 'customerInfos'. Unauthenticated attackers can inject scripts. Patch status unconfirmed \u2014 restrict plugin use for now. https://radar.offseq.com/threat/cve-2026-9253-cwe-79-improper-neutralization-of-in-2f00c010407cb3e3 #OffSeq #WordPress #Vuln #XSS", "creation_timestamp": "2026-07-09T13:30:51.410977Z"}</description>
      <content:encoded>{"uuid": "7555472b-1f6f-41b0-9c88-da140869d05d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9253", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116890261952553944", "content": "CVE-2026-9253: WP Cost Estimation &amp;amp; Payment Forms Builder \u226410.5.97 has a HIGH severity stored XSS via 'customerInfos'. Unauthenticated attackers can inject scripts. Patch status unconfirmed \u2014 restrict plugin use for now. https://radar.offseq.com/threat/cve-2026-9253-cwe-79-improper-neutralization-of-in-2f00c010407cb3e3 #OffSeq #WordPress #Vuln #XSS", "creation_timestamp": "2026-07-09T13:30:51.410977Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7555472b-1f6f-41b0-9c88-da140869d05d/export</guid>
      <pubDate>Thu, 09 Jul 2026 13:30:51 +0000</pubDate>
    </item>
    <item>
      <title>238806a6-fe02-43f0-bf7f-48ef8fd5eb72</title>
      <link>https://vulnerability.circl.lu/sighting/238806a6-fe02-43f0-bf7f-48ef8fd5eb72/export</link>
      <description>{"uuid": "238806a6-fe02-43f0-bf7f-48ef8fd5eb72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9253", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7l5x5fd325", "content": "CVE-2026-9253 - WP Cost Estimation &amp;amp; Payment Forms Builder (E&amp;amp;P Forms)\nCVE ID : CVE-2026-9253\n \n Published : July 9, 2026, 11:27 a.m. | 21\u00a0minutes ago\n \n Description : The WP Cost Estimation &amp;amp; Payment Forms Builder (E&amp;amp;P Forms) plugin for WordPress is vulnerable to Stor...", "creation_timestamp": "2026-07-09T11:54:07.037147Z"}</description>
      <content:encoded>{"uuid": "238806a6-fe02-43f0-bf7f-48ef8fd5eb72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9253", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq7l5x5fd325", "content": "CVE-2026-9253 - WP Cost Estimation &amp;amp; Payment Forms Builder (E&amp;amp;P Forms)\nCVE ID : CVE-2026-9253\n \n Published : July 9, 2026, 11:27 a.m. | 21\u00a0minutes ago\n \n Description : The WP Cost Estimation &amp;amp; Payment Forms Builder (E&amp;amp;P Forms) plugin for WordPress is vulnerable to Stor...", "creation_timestamp": "2026-07-09T11:54:07.037147Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/238806a6-fe02-43f0-bf7f-48ef8fd5eb72/export</guid>
      <pubDate>Thu, 09 Jul 2026 11:54:07 +0000</pubDate>
    </item>
  </channel>
</rss>
