A vulnerability categorized as problematic has been discovered in Mark O’Donnell MSTW League Manager Plugin up to 2.10 on WordPress. This impacts an unknown function. Executing a manipulation can lead to cross site scripting. This vulnerability is registered as CVE-2026-34890 . It is possible to launch the attack remotely. No exploit is available.