A vulnerability was found in spyrosvl Simple SEO Slideshow Plugin up to 1.2.8 on WordPress. It has been rated as problematic . Affected by this vulnerability is an unknown functionality of the component Shortcode Handler . This manipulation causes cross site scripting. This vulnerability is handled as CVE-2026-8900 . The attack can be initiated remotely. There is not any exploit available.