A vulnerability, which was classified as problematic, was found in figureone Insert Pages Plugin up to 3.11.4 on WordPress. Affected by this vulnerability is the function
the_meta of the component Insert Page. The manipulation of the argument key results in cross site scripting.
This vulnerability is cataloged as CVE-2026-10089. The attack may be launched remotely. There is no exploit available.
You should upgrade the affected component.