A vulnerability has been found in dartiss Draft List Plugin 2.6.3 on WordPress and classified as problematic . This impacts an unknown function. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-9104 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.