{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5070", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-03-27T23:07:19.115Z", "datePublished": "2026-04-16T03:36:36.878Z", "dateUpdated": "2026-04-16T14:16:34.761Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-16T03:36:36.878Z"}, "affected": [{"vendor": "siteorigin", "product": "Vantage", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.20.32", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Vantage <= 1.20.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Block Text Content", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb7d4eee-fd81-4d9d-8d8d-a56870b27874?source=cve"}, {"url": "https://themes.trac.wordpress.org/changeset/320834/vantage"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Osvaldo Noe Gonzalez Del Rio"}], "timeline": [{"time": "2026-03-31T15:57:24.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-04-15T14:58:27.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-16T14:13:48.181197Z", "id": "CVE-2026-5070", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T14:16:34.761Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5070", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-03-27T23:07:19.115Z", "datePublished": "2026-04-16T03:36:36.878Z", "dateUpdated": "2026-04-16T14:16:34.761Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-16T03:36:36.878Z"}, "affected": [{"vendor": "siteorigin", "product": "Vantage", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.20.32", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Vantage <= 1.20.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Block Text Content", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb7d4eee-fd81-4d9d-8d8d-a56870b27874?source=cve"}, {"url": "https://themes.trac.wordpress.org/changeset/320834/vantage"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Osvaldo Noe Gonzalez Del Rio"}], "timeline": [{"time": "2026-03-31T15:57:24.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-04-15T14:58:27.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5070", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-16T14:13:48.181197Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T14:16:26.306Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "id": "CVE-2026-5070", "lastModified": "2026-04-22T20:23:16.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2026-04-16T04:17:11.720", "references": [{"source": "security@wordfence.com", "url": "https://themes.trac.wordpress.org/changeset/320834/vantage"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb7d4eee-fd81-4d9d-8d8d-a56870b27874?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.20.32]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Vantage", "source": "cna", "vendor": "siteorigin"}, "product": "vantage", "vendor": "siteorigin"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T08:58:58.508979+00:00", "value": {"mitigation_remediation": ["Upgrade Vantage to the latest release (at least 1.20.33) which removes the unsafe output handling in the gallery template.", "If an immediate upgrade is not possible, restrict the Contributor role from editing gallery blocks, or block the gallery block entirely to prevent script injection.", "Enable or configure a content\u2011security\u2011policy and JavaScript sanitization plugin to mitigate any remaining XSS vectors, and monitor site traffic for anomalous script activity via tools such as Wordfence."], "summary": {"action": "Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "Vantage theme for WordPress by SiteOrigin, versions 1.20.32 and earlier. Any site using these releases and allowing contributors to edit gallery blocks is affected.", "description_and_impact": "The Vantage WordPress theme contains an insufficient output\u2011escaping flaw in the gallery block\u2019s text content. An attacker who can authenticate as a contributor or higher can inject arbitrary JavaScript that is stored and then executed on any page that includes the malicious gallery content. The impact is a classic stored XSS that can compromise user sessions, modify content, or perform drive\u2011by attacks while the visitor\u2019s browser processes the embedded scripts. The weakness is classified as CWE\u201179.", "risk_and_exploitability": "The CVSS score of 6.4 indicates a moderate severity. No EPSS score is currently available, so exploit probability is unknown. The vulnerability is not listed in CISA\u2019s KEV catalog, implying no known widespread exploitation. An attacker would need authenticated access with contributor role or higher, but once in, can target any visitor who loads the injected content. The flaw exploits a web application layer weakness rather than a network\u2011level or privilege\u2011escalation issue."}}}}, "created": "2026-04-16T09:00:05.298170+00:00", "updated": "2026-04-16T09:11:55.863450+00:00", "vendors": ["siteorigin", "siteorigin$PRODUCT$vantage", "wordpress", "wordpress$PRODUCT$wordpress"]}