A vulnerability identified as problematic has been detected in metaphorcreations Ditty Plugin up to 3.1.65 on WordPress. This issue affects the function init of the component AJAX Endpoint . The manipulation leads to missing authorization. This vulnerability is documented as CVE-2026-9011 . The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.