CVE-2026-4852 | webzunft Image Source Control Lite Plugin up to 3.9.1 on WordPress Attachment Field cross site scripting

A vulnerability, which was classified as problematic, was found in webzunft Image Source Control Lite Plugin up to 3.9.1 on WordPress. Impacted is an unknown function of the component Attachment Field Handler. The manipulation of the argument Image Source results in cross site scripting.

This vulnerability is cataloged as CVE-2026-4852. The attack may be launched remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More