exploitDog

GHSA-795h-9vq2-6x3x

Опубликовано: 26 мар. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data

The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data

Ссылки

EPSS

Процентиль: 15%

0.0005

Низкий

5.3 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2026-1890

CVSS3: 5.3

nvd

19 дней назад

The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data

EPSS

Процентиль: 15%

0.0005

Низкий

5.3 Medium

CVSS3

CVE ID