A vulnerability was found in H5P Plugin up to 1.17.6 on WordPress. It has been rated as problematic . Affected by this issue is some unknown functionality. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2026-56006 . The attack can be initiated remotely. There is not any exploit available.