cleantalk
Vulnerabilities and Security Researches

WPCS – WordPress Currency Switcher Professional, CVE-2026-42733

CVE, Research URL

CVE-2026-42733

Home page URL

Security reports for WPCS – WordPress Currency Switcher Professional

Application

WPCS – WordPress Currency Switcher Professional

Published on
May 27, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through <= 1.3.1.
Affected versions
max 1.3.2.
Status
vulnerable
Previous vulnerability researches
Disable Comments for Any Post Types (Remove comments) (CVE-2026-42749) , May 29, 2026
New vulnerability
Breeze &#8211; WordPress Cache Plugin (CVE-2026-2128) , May 30, 2026
Frontend Admin by DynamiApps (CVE-2026-6226) , May 30, 2026
Frontend Admin by DynamiApps (CVE-2026-7802) , May 30, 2026
EventPress (CVE-2026-6268) , May 30, 2026
WPComplete (CVE-2026-42750) , May 30, 2026