A vulnerability was found in Word Count and Social Shares Plugin up to 1.0 on WordPress. It has been declared as critical. Affected by this issue is some unknown functionality of the component File Path. The manipulation of the argument file path results in file inclusion.
This vulnerability was named CVE-2026-11563. The attack may be performed from remote. There is no available exploit.