CVE-2026-4005 | Coachific Shortcode Plugin up to 1.0 on WordPress sanitize_text_field userhash cross site scripting

A vulnerability classified as problematic has been found in Coachific Shortcode Plugin up to 1.0 on WordPress. This impacts the function sanitize_text_field of the component Shortcode Handler. This manipulation of the argument userhash causes cross site scripting.

This vulnerability is registered as CVE-2026-4005. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More