A vulnerability was found in Simple Basic Contact Form Plugin up to 20250114 on WordPress. It has been declared as problematic . Affected by this issue is some unknown functionality of the component Link Handler . Executing a manipulation can lead to cross site scripting. This vulnerability appears as CVE-2026-8172 . The attack may be performed from remote. There is no available exploit. It is advisable to implement a patch to correct this issue.