A vulnerability labeled as problematic has been found in contrid Slideshow Gallery LITE Plugin up to 1.8.5 on WordPress. This issue affects some unknown processing of the component Shortcode Handler . Such manipulation of the argument alwaysauto leads to cross site scripting. This vulnerability is referenced as CVE-2026-2021 . It is possible to launch the attack remotely. No exploit is available.