CVE-2026-10095 | opajaap WP Photo Album Plus Plugin up to 9.1.13.005 on WordPress Shortcode subtext cross site scripting

SecurityVulns

A vulnerability was found in opajaap WP Photo Album Plus Plugin up to 9.1.13.005 on WordPress. It has been declared as problematic. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation of the argument subtext results in cross site scripting.

This vulnerability is identified as CVE-2026-10095. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More