A vulnerability, which was classified as critical , has been found in tigroumeow Meow Gallery Plugin up to 5.4.4 on WordPress. This impacts an unknown function of the component REST API Endpoint . This manipulation causes authorization bypass. The identification of this vulnerability is CVE-2026-1291 . It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.