CVE-2026-27087: WordPress Wolverine Framework plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Q: What is the severity of CVE-2026-27087?

CVE-2026-27087 has a severity rating of high with a CVSS score of 7.1.

Q: How do I fix CVE-2026-27087?

To fix CVE-2026-27087, upgrade the G5Theme Wolverine Framework plugin to a version later than 1.9.

Q: What type of vulnerability is CVE-2026-27087?

CVE-2026-27087 is a reflected Cross-Site Scripting (XSS) vulnerability.

Q: Who is affected by CVE-2026-27087?

Any users of G5Theme Wolverine Framework version 1.9 or earlier are affected by CVE-2026-27087.

Q: What can attackers do with CVE-2026-27087?

Attackers can exploit CVE-2026-27087 to execute malicious scripts in the context of users' browsers.

Published Mar 25, 2026

Updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine Framework: from n/a through <= 1.9.

Affected Software

1 affected component

G5Theme Wolverine Framework<=1.9

Event History

Mar 25, 2026

CVE Published

via MITRE·04:14 PM

Data Sourced

via MITRE·04:14 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·05:16 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-27087?

CVE-2026-27087 has a severity rating of high with a CVSS score of 7.1.

How do I fix CVE-2026-27087?

To fix CVE-2026-27087, upgrade the G5Theme Wolverine Framework plugin to a version later than 1.9.

What type of vulnerability is CVE-2026-27087?

CVE-2026-27087 is a reflected Cross-Site Scripting (XSS) vulnerability.

Who is affected by CVE-2026-27087?

Any users of G5Theme Wolverine Framework version 1.9 or earlier are affected by CVE-2026-27087.

What can attackers do with CVE-2026-27087?