A vulnerability, which was classified as problematic , has been found in CodePeople Form Builder CP Plugin up to 1.2.46 on WordPress. Affected is an unknown function of the component Configuration Handler . Performing a manipulation results in cross site scripting. This vulnerability is known as CVE-2026-9278 . Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.