CVE-2026-3512: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in alhadeff Writeprint Stylometry
The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjl_wprintstylo_comments_nav() function. The function directly outputs the $_GET['p'] parameter into an HTML href attribute without any escaping. This makes it possible for authenticated attackers with Contributor-level permissions or higher to inject arbitrary web scripts in pages that execute if they can successfully trick another user into performing an action such as clicking on a link.
AI Analysis
Technical Summary
CVE-2026-3512 is a reflected XSS vulnerability in the Writeprint Stylometry WordPress plugin (version 0 and earlier). The issue arises from insufficient input sanitization and output escaping of the 'p' GET parameter in the bjl_wprintstylo_comments_nav() function. This parameter is directly embedded into an HTML href attribute, enabling authenticated attackers with Contributor or higher privileges to inject arbitrary JavaScript code. Successful exploitation requires social engineering to trick other users into clicking a malicious link, potentially leading to script execution in their browsers.
Potential Impact
An attacker with Contributor-level or higher permissions can inject malicious scripts that execute in the context of other users' browsers when they click a crafted link containing the vulnerable 'p' parameter. This can lead to limited confidentiality and integrity impacts, such as session hijacking or unauthorized actions performed on behalf of the victim user. The vulnerability does not affect availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
No official patch or fix is currently available for this vulnerability. Users should monitor the vendor's advisory channels for updates. Until a fix is released, restrict Contributor-level permissions to trusted users only and educate users to avoid clicking suspicious links. Consider applying manual input sanitization or output escaping as a temporary mitigation if feasible.
CVE-2026-3512: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in alhadeff Writeprint Stylometry
Description
The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sanitization and output escaping in the bjl_wprintstylo_comments_nav() function. The function directly outputs the $_GET['p'] parameter into an HTML href attribute without any escaping. This makes it possible for authenticated attackers with Contributor-level permissions or higher to inject arbitrary web scripts in pages that execute if they can successfully trick another user into performing an action such as clicking on a link.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-3512 is a reflected XSS vulnerability in the Writeprint Stylometry WordPress plugin (version 0 and earlier). The issue arises from insufficient input sanitization and output escaping of the 'p' GET parameter in the bjl_wprintstylo_comments_nav() function. This parameter is directly embedded into an HTML href attribute, enabling authenticated attackers with Contributor or higher privileges to inject arbitrary JavaScript code. Successful exploitation requires social engineering to trick other users into clicking a malicious link, potentially leading to script execution in their browsers.
Potential Impact
An attacker with Contributor-level or higher permissions can inject malicious scripts that execute in the context of other users' browsers when they click a crafted link containing the vulnerable 'p' parameter. This can lead to limited confidentiality and integrity impacts, such as session hijacking or unauthorized actions performed on behalf of the victim user. The vulnerability does not affect availability. There are no known exploits in the wild at this time.
Mitigation Recommendations
No official patch or fix is currently available for this vulnerability. Users should monitor the vendor's advisory channels for updates. Until a fix is released, restrict Contributor-level permissions to trusted users only and educate users to avoid clicking suspicious links. Consider applying manual input sanitization or output escaping as a temporary mitigation if feasible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2026-03-04T14:56:33.403Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69ba5091771bdb1749512c4a
Added to database: 3/18/2026, 7:13:21 AM
Last enriched: 4/9/2026, 6:48:11 PM
Last updated: 5/1/2026, 10:03:56 AM
Views: 54
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.