Korea SNS allows hackers to inject malicious code into pages

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Korea SNS allows hackers to inject malicious code into pages

CVE-2026-39667

Summary

A security issue exists in Korea SNS version 1.7.0 and earlier, allowing hackers to inject malicious code into web pages. This could lead to unauthorized access to user data or actions. Update to the latest version of Korea SNS to fix this issue.

Original title

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jongmyoung Kim Korea SNS korea-sns allows DOM-Based XSS.This issue affects Korea SNS: from n/a ...

Original description

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://patchstack.com/database/Wordpress/Plugin/korea-sns/vulnerability/wordpre...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026