Leadrebel Leads to Unauthorized Access Due to Incorrect Security Levels

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

Leadrebel Leads to Unauthorized Access Due to Incorrect Security Levels

CVE-2026-39664

Summary

An incorrectly configured security setting in Leadrebel can allow unauthorized users to access sensitive information. This affects versions of Leadrebel from an unknown version up to 1.0.2. To stay secure, update to the latest version of Leadrebel.

Original title

Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.

Original description

Missing Authorization vulnerability in leadrebel Leadrebel leadrebel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadrebel: from n/a through <= 1.0.2.

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/leadrebel/vulnerability/wordpre...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026