CVE-2026-27540 | Wholesale Lead Capture Plugin up to 1.17.8 on WordPress unrestricted upload

Inserito da Angelo Barbosa | Feb 25, 2026 | CVE

A vulnerability marked as critical has been reported in Wholesale Lead Capture Plugin up to 1.17.8 on WordPress. This issue affects some unknown processing. The manipulation leads to unrestricted upload.

This vulnerability is listed as CVE-2026-27540. The attack may be initiated remotely. There is no available exploit.

CVE-2026-27540 | Wholesale Lead Capture Plugin up to 1.17.8 on WordPress unrestricted upload

Post correlati

CVE-2023-32858 | MediaTek MT8788 GZ information disclosure (ALPS07806008)

CVE-2024-8412 | LinuxOSsk Shakal-NG up to 1.3.3 comments/views.py next redirect (Issue 202)

CVE-2024-56311 | REDCap up to 15.0.0 Notes Section cross-site request forgery

CVE-2024-13775 | vanquish WooCommerce Support Ticket System Plugin up to 17.8 on WordPress authorization