CVE-2026-2489 Blast Radius

MEDIUM • CVSS 4.4The TP2WP Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Watched domains' textarea on the attachment importer set

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-2489.

Start Free Scan →← Back to CVE-2026-2489