CVE-2026-1890
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Mar 26, 2026
Vendor
unknown
Description
The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data