CVE-2026-27088: WordPress Darna Framework plugin <= 2.9 - Reflected Cross Site Scripting (XSS) vulnerability

Q: What is the severity of CVE-2026-27088?

CVE-2026-27088 has a severity rating of high with a CVSS score of 7.1.

Q: What does CVE-2026-27088 affect?

CVE-2026-27088 affects the G5Theme Darna Framework plugin versions from n/a through 2.9.

Q: What type of vulnerability is CVE-2026-27088?

CVE-2026-27088 is a Reflected Cross-Site Scripting (XSS) vulnerability.

Q: How can I fix CVE-2026-27088?

To fix CVE-2026-27088, update the G5Theme Darna Framework plugin to the latest version.

Q: What is the potential impact of CVE-2026-27088?

CVE-2026-27088 allows attackers to execute arbitrary scripts in the context of the user's browser.

Published Mar 25, 2026

Updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through <= 2.9.

Affected Software

1 affected component

G5Theme Darna Framework<=2.9

Event History

Mar 25, 2026

CVE Published

via MITRE·04:14 PM

Data Sourced

via MITRE·04:14 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·05:16 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-27088?

CVE-2026-27088 has a severity rating of high with a CVSS score of 7.1.

What does CVE-2026-27088 affect?

CVE-2026-27088 affects the G5Theme Darna Framework plugin versions from n/a through 2.9.

What type of vulnerability is CVE-2026-27088?

CVE-2026-27088 is a Reflected Cross-Site Scripting (XSS) vulnerability.

How can I fix CVE-2026-27088?

To fix CVE-2026-27088, update the G5Theme Darna Framework plugin to the latest version.

What is the potential impact of CVE-2026-27088?