4 matches found
WordPress LeadConnector plugin < 3.0.22 - Unauthenticated Rest Call vulnerability
Unauthenticated Rest Call vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin LeadConnector versions 3.0.22...
CVE-2026-25441 WordPress LeadConnector plugin <= 3.0.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in varunvairavanlc LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a through = 3.0.21...
CVE-2025-30893 WordPress LeadConnector plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LeadConnector LeadConnector leadconnector allows DOM-Based XSS.This issue affects LeadConnector: from n/a through = 3.0.2...
WordPress LeadConnector Plugin <= 1.7 is vulnerable to Broken Access Control
Software LeadConnector Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1371 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2445a52c5c7c Credits Krzysztof Zając Required...