Vulnerabilities

CVE-2026-1890

by Fred · 26/03/2026

The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data

More information : https://wpscan.com/vulnerability/9b88be70-b5cc-4a3f-a871-64d61cb02076/

Similar

Tags: Cybersecurity Alert