A vulnerability labeled as critical has been found in weDevs WP User Frontend Plugin up to 4.3.1 on WordPress. This affects an unknown function. Such manipulation leads to missing authorization. This vulnerability is traded as CVE-2026-42412 . The attack may be launched remotely. There is no exploit available.