A vulnerability marked as critical has been reported in LA-Studio Element Kit Plugin up to 1.6.0 on WordPress. This affects an unknown part of the component User Registration. The manipulation leads to incorrect authorization.

This vulnerability is listed as CVE-2026-12276. The attack may be initiated remotely. There is no available exploit.