A vulnerability has been found in wpchill Kali Forms Plugin up to 2.4.18 on WordPress and classified as problematic. This affects an unknown function of the component shortcode Handler. The manipulation of the argument digitalSignature leads to cross site scripting.

This vulnerability is traded as CVE-2026-15395. It is possible to initiate the attack remotely. There is no exploit available.