A vulnerability identified as critical has been detected in Villame GIFT4U Plugin up to 1.0.10 on WordPress. This vulnerability affects unknown code. Performing a manipulation results in sql injection. This vulnerability is known as CVE-2026-54809 . Remote exploitation of the attack is possible. No exploit is available.