Uminex: Malicious Code Can Be Injected into Uminex Web Pages

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Uminex: Malicious Code Can Be Injected into Uminex Web Pages

CVE-2026-39629

Summary

A security weakness in Uminex allows hackers to inject malicious code into web pages, potentially compromising user data and security. This issue affects all versions of Uminex up to and including 1.0.9. To protect your site, update to a fixed version of Uminex as soon as possible.

Original title

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through <= 1.0.9.

Original description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through <= 1.0.9.

Vulnerability type

CWE-80 Basic XSS

https://patchstack.com/database/Wordpress/Theme/uminex/vulnerability/wordpress-u...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026