| ID | CVE-2026-1890 | ||||||
| Sažetak | The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | ||||||
| Zadnje važnije ažuriranje | 26-03-2026 - 15:13 | ||||||
| Objavljeno | 26-03-2026 - 07:16 |
