A vulnerability marked as critical has been reported in Vitepos Plugin up to 3.4.1 on WordPress. This affects an unknown part of the component REST API Endpoint . This manipulation causes improper privilege management. The identification of this vulnerability is CVE-2026-8157 . It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.