A vulnerability was found in Stiofan GetPaid Plugin up to 2.8.49 on WordPress and classified as problematic . Affected by this vulnerability is an unknown functionality. The manipulation results in insertion of sensitive information into sent data. This vulnerability is known as CVE-2026-49064 . It is possible to launch the attack remotely. No exploit is available.