A vulnerability classified as problematic has been found in vinod-dalvi Ivory Search Plugin up to 5.5.15 on WordPress. This vulnerability affects unknown code of the component Setting Handler . This manipulation of the argument menu_magnifier_color causes cross site scripting. This vulnerability appears as CVE-2026-11356 . The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.