tagDiv Composer: Injecting Harmful Code into Web Pages

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

tagDiv Composer: Injecting Harmful Code into Web Pages

CVE-2026-39712

Summary

A security flaw in tagDiv Composer allows an attacker to inject malicious code into web pages. This could compromise the security of websites that use the software. Update to version 5.4.3 or later to fix the issue.

Original title

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a ...

Original description

Vulnerability type

CWE-80 Basic XSS

https://patchstack.com/database/Wordpress/Plugin/td-composer/vulnerability/wordp...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026