A vulnerability labeled as critical has been found in Jetimpex JetEngine Plugin up to 3.8.9.1 on WordPress. Affected is an unknown function. Executing a manipulation can lead to sql injection. This vulnerability is registered as CVE-2026-49076 . It is possible to launch the attack remotely. No exploit is available.