A vulnerability marked as critical has been reported in Awesomemotive Envira Photo Gallery Plugin up to 1.12.5 on WordPress. Impacted is an unknown function. Performing a manipulation results in missing authorization. This vulnerability is reported as CVE-2026-54190 . The attack is possible to be carried out remotely. No exploit exists.