A vulnerability classified as problematic was found in wupsales AI Chatbot & Workflow Automation by AIWU Plugin up to 1.4.14 on WordPress. Affected by this vulnerability is an unknown functionality of the component Header Handler . Such manipulation of the argument X-Forwarded-For leads to cross site scripting. This vulnerability is documented as CVE-2026-2955 . The attack can be executed remotely. There is not any exploit available.