CVE-2026-39667
DOM-Based XSS in Korea SNS β€ 1.7.0 Enables Script Injection
Publication date: 2026-04-08
Last updated on: 2026-04-13
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jongmyoung_kim | korea_sns | to 1.7.0 (inc) |
| korea_sns | korea_sns | to 1.7.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-39667 is a Cross Site Scripting (XSS) vulnerability affecting the WordPress Korea SNS Plugin versions up to and including 1.7.0.
This vulnerability allows attackers to inject malicious scriptsβsuch as redirects, advertisements, or other HTML payloadsβinto websites using the plugin. These scripts execute when visitors access the compromised site.
Exploitation requires a privileged user (such as an author or developer) to perform an action like clicking a malicious link, visiting a crafted page, or submitting a form, meaning user interaction is necessary for successful attack execution.
How can this vulnerability impact me? :
The vulnerability can lead to the execution of malicious scripts on your website, which may cause unwanted redirects, display of unauthorized advertisements, or other harmful HTML payloads.
Since the attack requires user interaction by a privileged user, it may be used in mass-exploit campaigns targeting many websites indiscriminately.
Although considered low priority with no impactful threat currently, it still poses a moderate risk (CVSS score of 5.9) and can compromise the integrity and user experience of your site.
Immediate mitigation involves updating the affected plugin if possible or seeking assistance from your hosting provider or web developer.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
CVE-2026-39667 is a DOM-Based Cross Site Scripting (XSS) vulnerability affecting the WordPress Korea SNS Plugin up to version 1.7.0. Detection typically involves identifying malicious script injections or unusual script executions on web pages using the plugin.
Since exploitation requires user interaction such as clicking a malicious link or submitting a form, monitoring web traffic for suspicious payloads or unexpected script injections can help detect attempts.
No specific detection commands are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating the affected Korea SNS plugin to a version beyond 1.7.0 if such an update is available.
If no official patch is available, users are advised to seek assistance from their hosting provider or web developer to implement protective measures.
Additionally, limiting privileged user actions and educating users about the risks of clicking suspicious links or submitting untrusted forms can reduce exploitation risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this Cross Site Scripting (XSS) vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.