A vulnerability was found in WP Directory Kit Plugin up to 1.5.0 on WordPress. It has been declared as critical. This affects an unknown part. The manipulation results in sql injection.
This vulnerability is known as CVE-2026-39531. It is possible to launch the attack remotely. No exploit is available.
