A vulnerability categorized as problematic has been discovered in aguilatechnologies WP Customer Area Plugin up to 8.3.5 on WordPress. This affects an unknown function of the component Shortcode Handler. Executing a manipulation of the argument Type can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-7640. The attack can be launched remotely. No exploit exists.