CVE-2026-2554 | wclovers WCFM Plugin up to 6.7.25 on WordPress wcfm_delete_wcfm_customer authorization

A vulnerability labeled as critical has been found in wclovers WCFM Plugin up to 6.7.25 on WordPress. This affects the function wcfm_delete_wcfm_customer. The manipulation results in authorization bypass.

This vulnerability is identified as CVE-2026-2554. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More