A vulnerability was found in Kali Forms Plugin up to 2.4.16 on WordPress. It has been rated as problematic. Impacted is an unknown function of the component AJAX Action. Performing a manipulation results in authorization bypass.

This vulnerability is reported as CVE-2026-11580. The attack is possible to be carried out remotely. No exploit exists.