A vulnerability, which was classified as critical , has been found in WP Engine Faust.js Plugin up to 1.8.7 on WordPress. This affects an unknown function. Performing a manipulation results in authentication bypass using alternate channel. This vulnerability is reported as CVE-2026-49062 . The attack is possible to be carried out remotely. No exploit exists.