A vulnerability marked as critical has been reported in Church Admin Plugin up to 5.0.28 on WordPress. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument audio_url results in server-side request forgery.
This vulnerability was named CVE-2026-0682. The attack may be initiated remotely. There is no available exploit.
