A vulnerability classified as critical has been found in wpgmaps WP Go Maps Plugin up to 10.1.01 on WordPress. This impacts the function CRUD-backed of the component Database Table Handler . This manipulation of the argument phpClass causes missing authorization. The identification of this vulnerability is CVE-2026-12238 . It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.