CVE-2026-1900

CVSS Score & Metrics

Base Score

6.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N                                    

The Link Whisper Free WordPress plugin before 0.9.1 has a publicly accessible REST endpoint that allows unauthenticated settings updates.

Published Date

April 07, 2026

Last Modified

April 13, 2026

CWE ID

CWE-306

Source

NVD

Vendor

linkwhisper

Product

link_whisper