CVE-2026-1890
LeadConnector < 3.0.22 - Unauthenticated Rest Call
The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Productos afectados
Unknown · LeadConnector¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →