CVE-2026-7502 | LinkStackOrg LinkStack up to 4.8.6 Management Endpoint UserController.php saveLink authorization (ID 975)

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability was found in LinkStackOrg LinkStack up to 4.8.6. It has been rated as critical. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Management Endpoint. The manipulation leads to authorization bypass.

This vulnerability is documented as CVE-2026-7502. The attack can be initiated remotely. Additionally, an exploit exists.

The pull request to fix this issue awaits acceptance.

CVE-2026-7502 | LinkStackOrg LinkStack up to 4.8.6 Management Endpoint UserController.php saveLink authorization (ID 975)

Post correlati

CVE-2024-3587 | Premium Portfolio Features for Phlox Theme up to 2.3.2 on WordPress Grid Portfolios cross site scripting

CVE-2024-44293 | Apple macOS up to 15.0 log file

CVE-2024-12408 | wpseahorse WP on AWS Plugin up to 5.2.1 on WordPress cross site scripting

CVE-2025-47268 | iputils up to 20240905 ping integer overflow