A vulnerability classified as problematic was found in mr2p Meta Field Block Plugin up to 1.5.2 on WordPress. Affected is an unknown function of the component Block Attribute Handler . The manipulation of the argument tagName results in cross site scripting. This vulnerability is identified as CVE-2026-6252 . The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.