A vulnerability was found in Matteo Manna Simple User Avatar Plugin up to 4.9 on WordPress. It has been rated as problematic . Affected by this vulnerability is an unknown functionality. This manipulation causes authorization bypass. This vulnerability is registered as CVE-2026-57676 . Remote exploitation of the attack is possible. No exploit is available.