A vulnerability was found in WP Media WP Rocket Plugin up to 3.19.4 on WordPress. It has been classified as problematic . Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2026-28044 . The attack can be initiated remotely. There is not any exploit available.