A vulnerability, which was classified as problematic, was found in shapedplugin Easy Accordion Plugin up to 3.1.6 on WordPress. This affects an unknown part. The manipulation of the argument align results in cross site scripting.

This vulnerability was named CVE-2026-15652. The attack may be performed from remote. There is no available exploit.