A vulnerability has been found in Events Listing Widget Plugin up to 1.3.4 on WordPress and classified as problematic. This affects an unknown function. The manipulation of the argument Event URL leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2026-1252. The attack is possible to be carried out remotely. No exploit exists.
