{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39575", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-04-07T10:48:38.855Z", "datePublished": "2026-04-08T08:30:20.812Z", "dateUpdated": "2026-04-10T17:56:08.684Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "post-type-archive-mapping", "product": "Custom Query Blocks", "vendor": "Ronald Huereca", "versions": [{"changes": [{"at": "5.6.0", "status": "unaffected"}], "lessThanOrEqual": "5.5.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jitlada | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-08T10:28:54.363Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.<p>This issue affects Custom Query Blocks: from n/a through <= 5.5.0.</p>"}], "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through <= 5.5.0."}], "impacts": [{"capecId": "CAPEC-588", "descriptions": [{"lang": "en", "value": "DOM-Based XSS"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-08T08:30:20.812Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/post-type-archive-mapping/vulnerability/wordpress-custom-query-blocks-plugin-5-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "title": "WordPress Custom Query Blocks plugin <= 5.5.0 - Cross Site Scripting (XSS) vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T17:55:13.253973Z", "id": "CVE-2026-39575", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T17:56:08.684Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-39575", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T17:55:13.253973Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T17:55:04.971Z"}}], "cna": {"title": "WordPress Custom Query Blocks plugin <= 5.5.0 - Cross Site Scripting (XSS) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jitlada | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-588", "descriptions": [{"lang": "en", "value": "DOM-Based XSS"}]}], "affected": [{"vendor": "Ronald Huereca", "product": "Custom Query Blocks", "versions": [{"status": "affected", "changes": [{"at": "5.6.0", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "5.5.0"}], "packageName": "post-type-archive-mapping", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-08T10:28:54.363Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/post-type-archive-mapping/vulnerability/wordpress-custom-query-blocks-plugin-5-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through <= 5.5.0.", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.<p>This issue affects Custom Query Blocks: from n/a through <= 5.5.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-08T08:30:20.812Z"}}}, "cveMetadata": {"cveId": "CVE-2026-39575", "state": "PUBLISHED", "dateUpdated": "2026-04-10T17:56:08.684Z", "dateReserved": "2026-04-07T10:48:38.855Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-04-08T08:30:20.812Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ronald Huereca Custom Query Blocks post-type-archive-mapping allows DOM-Based XSS.This issue affects Custom Query Blocks: from n/a through <= 5.5.0."}], "id": "CVE-2026-39575", "lastModified": "2026-04-10T18:16:45.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 3.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-08T09:16:28.637", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/post-type-archive-mapping/vulnerability/wordpress-custom-query-blocks-plugin-5-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.5.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Custom Query Blocks", "source": "cna", "vendor": "Ronald Huereca"}, "product": "custom_query_blocks", "vendor": "ronald_huereca"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-08T10:36:07.327352+00:00", "value": {"mitigation_remediation": ["Upgrade the Custom Query Blocks plugin to a version newer than 5.5.0 once available.", "If an immediate upgrade is not possible, deactivate or uninstall the plugin to prevent the vulnerable block from rendering.", "Verify that no legacy post\u2011type\u2011archive\u2011mapping content remains on the site after deactivation.", "Consider implementing a strong Content Security Policy to reduce the impact of any remaining XSS vectors."], "summary": {"action": "Update Plugin", "impact": "DOM\u2011based cross\u2011site scripting"}, "threat_synthesis": {"affected_systems": "All installations of Ronald Huereca Custom Query Blocks with a version of 5.5.0 or earlier are affected. The flaw is located in the post\u2011type\u2011archive\u2011mapping block used to display posts of a specific type within WordPress sites.", "description_and_impact": "The vulnerability originates from improper neutralization of input during page generation in the Ronald Huereca Custom Query Blocks plugin. It allows a DOM\u2011based cross\u2011site scripting flaw that can inject arbitrary JavaScript into a rendered page. An attacker who can influence the content of a page using this plugin could execute code in the browsers of anyone who views the compromised page, potentially stealing credentials or defacing content.", "risk_and_exploitability": "CVSS details are not provided, but the flaw enables client\u2011side code execution without requiring elevated privileges. Exploitation requires a page that includes the vulnerable block to be viewed by a target browser. EPSS data is unavailable, and the weakness is not listed in the CISA KEV catalog. The attack vector is client\u2011side, allowing a wide audience of site visitors to be impacted if the malicious content is served."}}}}, "created": "2026-04-08T19:30:02.907507+00:00", "updated": "2026-04-08T19:42:22.509640+00:00", "vendors": ["ronald_huereca", "ronald_huereca$PRODUCT$custom_query_blocks", "wordpress", "wordpress$PRODUCT$wordpress"]}