2026-03-26 06:00:09
WPScan
PUBLISHED
The LeadConnector WordPress plugin before 3.0.22 does not have authorization in a REST route, allowing unauthenticated users to call it and overwrite existing data