A vulnerability was found in EM Cost Calculator Plugin up to 2.3.1 on WordPress. It has been rated as problematic. This affects an unknown part. This manipulation of the argument customer_name causes cross site scripting.
This vulnerability is tracked as CVE-2026-2506. The attack is possible to be carried out remotely. No exploit exists.
