A vulnerability labeled as critical has been found in shabti Frontend Admin by DynamiApps Plugin up to 3.28.36 on WordPress. The affected element is the function feadmin_get_user_roles of the file wp-admin/post.php of the component Configuration Handler . Executing a manipulation of the argument role can lead to improper privilege management. This vulnerability is registered as CVE-2026-6228 . It is possible to launch the attack remotely. No exploit is available.