A vulnerability was found in spacetime Ad Inserter Plugin up to 2.8.15 on WordPress and classified as problematic . This affects an unknown function of the component Iframe Mode . Executing a manipulation can lead to cross site scripting. This vulnerability appears as CVE-2026-9280 . The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.