A vulnerability identified as problematic has been detected in joomunited WP Latest Posts Plugin up to 5.0.11 on WordPress. This issue affects the function field/loop of the component Post Content . Performing a manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2026-9620 . It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.