A vulnerability classified as critical has been found in Wishlist Member Plugin up to 3.30.1 on WordPress. This affects the function Team_Accounts of the component REST API . Performing a manipulation results in improper privilege management. This vulnerability is identified as CVE-2026-6897 . The attack can be initiated remotely. There is not any exploit available.