A vulnerability described as critical has been identified in MacCMS Pro up to 2022.1000.3005. Impacted is the function step5 of the file application/install/controller/Index.php of the component Installation Module. The manipulation results in authorization bypass.

This vulnerability is cataloged as CVE-2026-15516. The attack may be launched remotely. Furthermore, there is an exploit available.

Upgrading the affected component is recommended.