A vulnerability marked as critical has been reported in Syarif Mobile App Editor Plugin up to 1.3.1 on WordPress. Affected is an unknown function. This manipulation causes unrestricted upload. This vulnerability is handled as CVE-2026-27067 . The attack can be initiated remotely. There is not any exploit available.