CVE-2026-49062

HIGH NVD

CVSS Score 8.8

Severity HIGH

Published Jun 15, 2026

Vendor unknown

Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue affects Faust.Js: from n/a through 1.8.7.

References

https://patchstack.com/database/wordpress/plugin/faustwp/vulnerability/wordpress-faust-js-plugin-1-8-7-broken-authentication-vulnerability?_s_id=cve