A vulnerability, which was classified as critical, was found in rainafarai Notification for Telegram Plugin up to 3.5.1 on WordPress. Affected is an unknown function of the component Authorization Verification. Such manipulation leads to authorization bypass.
This vulnerability is referenced as CVE-2026-7620. It is possible to launch the attack remotely. No exploit is available.