A vulnerability labeled as problematic has been found in pattihis Add Custom Fields to Media Plugin up to 2.0.3 on WordPress. The affected element is the function update_option . Executing a manipulation can lead to cross-site request forgery. This vulnerability is handled as CVE-2026-4068 . The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.