A vulnerability was found in techjewel WP GDPR Cookie Consent Plugin up to 1.0.0 on WordPress. It has been classified as problematic . This affects the function handleAjaxCalls of the component Configuration Handler . The manipulation of the argument gdprConfig leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-8977 . The attack is possible to be carried out remotely. No exploit exists.