A vulnerability classified as critical was found in Premmerce Dev Tools Plugin up to 2.0 on WordPress. This affects the function generatePluginHandler . Such manipulation of the argument premmerce_plugin_namespace leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2026-6933 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.