A vulnerability identified as problematic has been detected in stylemix Cost Calculator Builder Plugin up to 4.0.11 on WordPress. The affected element is an unknown function of the file template body of the component Global Settings. Performing a manipulation of the argument client_secret/secret key results in missing encryption of sensitive data.
This vulnerability is reported as CVE-2026-10865. The attack is possible to be carried out remotely. No exploit exists.