CVE-2026-4278 | specialk Simple Download Counter Plugin up to 2.3 on WordPress Shortcode text/cat cross site scripting

A vulnerability has been found in specialk Simple Download Counter Plugin up to 2.3 on WordPress and classified as problematic. Impacted is an unknown function of the component Shortcode Handler. This manipulation of the argument text/cat causes cross site scripting.

This vulnerability is registered as CVE-2026-4278. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More