CVE-2026-11589: WordPress Plugin File Upload Validation Bypass Leading to XSS — Casky — Casky