Link Whisper Free

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-1900 MEDIUM POC This Month

Unauthenticated attackers can modify plugin settings via a publicly accessible REST endpoint in Link Whisper Free WordPress plugin before version 0.9.1, enabling information disclosure and unauthorized configuration changes. The vulnerability has publicly available exploit code and affects all versions prior to 0.9.1. Although the CVSS score is 6.5 (medium), the EPSS score of 0.02% indicates very low real-world exploitation probability despite public POC availability.

WordPress PHP Authentication Bypass Link Whisper Free

NVD WPScan

CVSS 3.1

6.5

EPSS

0.0%

CVE-2026-1900

EPSS 0% CVSS 6.5

MEDIUM POC This Month

Unauthenticated attackers can modify plugin settings via a publicly accessible REST endpoint in Link Whisper Free WordPress plugin before version 0.9.1, enabling information disclosure and unauthorized configuration changes. The vulnerability has publicly available exploit code and affects all versions prior to 0.9.1. Although the CVSS score is 6.5 (medium), the EPSS score of 0.02% indicates very low real-world exploitation probability despite public POC availability.

WordPress PHP Authentication Bypass +1

NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy