Description
WordPress Plugin LeadConnector is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently delete arbitrary posts or pages. WordPress Plugin LeadConnector version 1.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.8 or latest
References
Related Vulnerabilities
WebLogic CVE-2022-21260 Vulnerability (CVE-2022-21260)
WordPress Plugin Polo Video Gallery-Best wordpress video gallery Cross-Site Scripting (1.2)
WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.27)
Jenkins Improper Input Validation Vulnerability (CVE-2021-21639)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1901)