A vulnerability described as problematic has been identified in arraytics Eventin Plugin up to 4.1.15 on WordPress. This impacts an unknown function of the component FAQ Content Handler. Executing a manipulation of the argument etn_faq_content can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-12924. The attack can be launched remotely. No exploit exists.