📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global data_breach Government HIGH 2h Global vulnerability Enterprise Software / ERP Systems CRITICAL 3h Global phishing Cross-sector HIGH 8h Global data_breach Energy CRITICAL 10h Global phishing Government/Multi-sector HIGH 11h Global apt Education CRITICAL 13h Global vulnerability Enterprise Software / ERP Systems CRITICAL 14h Global vulnerability IT Infrastructure CRITICAL 15h Global vulnerability Technology and Software Development HIGH 16h Global vulnerability Enterprise IT and Government CRITICAL 16h Global data_breach Government HIGH 2h Global vulnerability Enterprise Software / ERP Systems CRITICAL 3h Global phishing Cross-sector HIGH 8h Global data_breach Energy CRITICAL 10h Global phishing Government/Multi-sector HIGH 11h Global apt Education CRITICAL 13h Global vulnerability Enterprise Software / ERP Systems CRITICAL 14h Global vulnerability IT Infrastructure CRITICAL 15h Global vulnerability Technology and Software Development HIGH 16h Global vulnerability Enterprise IT and Government CRITICAL 16h Global data_breach Government HIGH 2h Global vulnerability Enterprise Software / ERP Systems CRITICAL 3h Global phishing Cross-sector HIGH 8h Global data_breach Energy CRITICAL 10h Global phishing Government/Multi-sector HIGH 11h Global apt Education CRITICAL 13h Global vulnerability Enterprise Software / ERP Systems CRITICAL 14h Global vulnerability IT Infrastructure CRITICAL 15h Global vulnerability Technology and Software Development HIGH 16h Global vulnerability Enterprise IT and Government CRITICAL 16h
Vulnerabilities

CVE-2026-4075

Medium
The BWL Advanced FAQ Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'baf_sbox' shortcode in all versions up to and including 1.1.1. This is due to insufficient
CWE-79 — Weakness Type
Published: Mar 26, 2026  ·  Modified: Mar 28, 2026  ·  Source: NVD
CVSS v3
6.4
🔗 NVD Official
📄 Description (English)

The BWL Advanced FAQ Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'baf_sbox' shortcode in all versions up to and including 1.1.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'sbox_id', 'sbox_class', 'placeholder', 'highlight_color', 'highlight_bg', and 'cont_ext_class'. These attributes are directly interpolated into HTML element attributes without any esc_attr() escaping in the baf_sbox() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

🤖 AI Executive Summary

The BWL Advanced FAQ Manager Lite WordPress plugin versions up to 1.1.1 contain a Stored Cross-Site Scripting vulnerability in the 'baf_sbox' shortcode due to insufficient input sanitization. Authenticated users with Contributor access can inject malicious scripts that execute when other users view affected pages.

📄 Description (Arabic)

تحتوي إضافة BWL Advanced FAQ Manager Lite للإصدارات حتى 1.1.1 على ثغرة XSS مخزنة في اختصار 'baf_sbox' حيث لا يتم تنظيف سمات المدخلات مثل 'sbox_id' و 'sbox_class' و 'placeholder' و 'highlight_color' و 'highlight_bg' و 'cont_ext_class' بشكل صحيح. يمكن للمستخدمين المصرح لهم بمستوى المساهم وما فوق حقن نصوص برمجية عشوائية تُنفذ عند وصول المستخدمين الآخرين إلى الصفحات المصابة.

🤖 ملخص تنفيذي (AI)

The BWL Advanced FAQ Manager Lite WordPress plugin versions up to 1.1.1 contain a Stored Cross-Site Scripting vulnerability in the 'baf_sbox' shortcode due to insufficient input sanitization. Authenticated users with Contributor access can inject malicious scripts that execute when other users view affected pages.

🤖 AI Intelligence Analysis Analyzed: May 14, 2026 07:22
🇸🇦 Saudi Arabia Impact Assessment
Saudi Relevance: high
🏢 Affected Saudi Sectors
government banking healthcare
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
6.0
/ 10.0
🔧 Remediation Steps (English)
Update the BWL Advanced FAQ Manager Lite plugin to version 1.1.2 or later immediately. Implement proper input sanitization using sanitize_text_field() and output escaping using esc_attr() for all shortcode attributes. Restrict Contributor-level permissions to trusted users only and monitor user activity for suspicious shortcode usage.
🔧 خطوات المعالجة (العربية)
قم بتحديث إضافة BWL Advanced FAQ Manager Lite إلى الإصدار 1.1.2 أو أحدث فوراً. طبق تنظيف المدخلات الصحيح باستخدام sanitize_text_field() وتجنب المخرجات باستخدام esc_attr() لجميع سمات الاختصار. قيد صلاحيات مستوى المساهم للمستخدمين الموثوقين فقط وراقب نشاط المستخدم للكشف عن استخدام اختصار مريب.
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
8.2.1 8.2.2 8.3.1
🔵 SAMA CSF
AC-2 AC-3 SI-10
🟡 ISO 27001:2022
A.9.2.1 A.9.2.5 A.14.2.1
📊 CVSS Score
6.4
/ 10.0 — Medium
📊 CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Attack VectorN — None / Network
Attack ComplexityL — Low / Local
Privileges RequiredL — Low / Local
User InteractionN — None / Network
ScopeC — Changed
ConfidentialityL — Low / Local
IntegrityL — Low / Local
AvailabilityN — None / Network
📋 Quick Facts
Severity Medium
CVSS Score6.4
CWECWE-79
EPSS0.05%
Exploit No
Patch ✗ No
Published 2026-03-26
Source Feed nvd
Views 4
🇸🇦 Saudi Risk Score
6.0
/ 10.0 — Saudi Risk
Priority: MEDIUM
🏷️ Tags
CWE-79
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.