A vulnerability identified as critical has been detected in A WP Life Webenvo Plugin up to 0.0.6 on WordPress. The affected element is an unknown function. This manipulation causes unrestricted upload. This vulnerability is registered as CVE-2026-39589 . Remote exploitation of the attack is possible. No exploit is available.