CVE-2026-6696 | Zingaya Click-to-Call Plugin up to 1.0 on WordPress first_name/last_name/phone cross site scripting
A vulnerability categorized as problematic has been discovered in Zingaya Click-to-Call Plugin up to 1.0 on WordPress. Affected is an unknown function. Executing a manipulation of the argument first_name/last_name/phone can lead to cross site scripting.
This vulnerability is handled as CVE-2026-6696. The attack can be executed remotely. There is not any exploit available.