LeadLovers Forms Incorrect Access Control Puts Data at Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

5.3

LeadLovers Forms Incorrect Access Control Puts Data at Risk

CVE-2026-39657

Summary

The LeadLovers Forms application has a security flaw that allows unauthorized users to access sensitive data. This issue affects all versions of LeadLovers Forms up to and including 1.0.2. To fix this, update to a newer version of the software as soon as possible.

Original title

Missing Authorization vulnerability in leadlovers leadlovers forms leadlovers-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects leadlovers forms: from...

Original description

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/leadlovers-forms/vulnerability/...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026