CVE-2026-1900 | Spencer Haws Link Whisper Free Plugin up to 0.9.0 on WordPress REST Endpoint authorization

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in Spencer Haws Link Whisper Free Plugin up to 0.9.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the component REST Endpoint. Performing a manipulation results in missing authorization.

This vulnerability is cataloged as CVE-2026-1900. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-1900 | Spencer Haws Link Whisper Free Plugin up to 0.9.0 on WordPress REST Endpoint authorization

Post correlati

CVE-2025-10765 | SeriaWei ZKEACMS up to 4.3 SEOSuggestions ZKEACMS.SEOSuggestions.dll CheckPage/Suggestions server-side request forgery

CVE-2024-0953 | Mozilla Firefox on iOS QR Code unknown vulnerability

CVE-2024-12411 | onetarek WP Ad Guru Plugin up to 2.5.4 on WordPress page cross site scripting

Mozilla Firefox javascript URL Remote Code Execution