A vulnerability has been found in nocaredev Ad Short Plugin up to 2.0.1 on WordPress and classified as problematic . Affected is the function ad_func of the component Shortcode Handler . This manipulation causes cross site scripting. This vulnerability is registered as CVE-2026-4067 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.