Critical exposure
CVE-2026-4882 The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file upload...
- CVSS 9.8
- Internet-facing CMS deployments affected
New critical disclosure (CVSS 9.8) — high severity with a short public awareness window before exploit material typically surfaces.