A vulnerability identified as problematic has been detected in the_champ Social Share, Social Login and Social Comments Plugin Plugin up to 7.14.5. Impacted is an unknown function of the component Mastodon Share Handler. This manipulation of the argument heateor_mastodon_share causes cross site scripting.

This vulnerability is tracked as CVE-2026-11798. The attack is possible to be carried out remotely. No exploit exists.