CVE-2026-12349 | octagonwebstudio Premium Addons for KingComposer Plugin up to 1.1.1 on WordPress AJAX add_custom_sidebar authorization

A vulnerability was found in octagonwebstudio Premium Addons for KingComposer Plugin up to 1.1.1 on WordPress. It has been classified as critical. This issue affects the function add_custom_sidebar of the component AJAX Handler. This manipulation causes missing authorization.

This vulnerability is registered as CVE-2026-12349. Remote exploitation of the attack is possible. No exploit is available.