Leadpages: Unauthorized Access to Accounts with Incorrect Security Settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Leadpages: Unauthorized Access to Accounts with Incorrect Security Settings

CVE-2025-68050

Summary

A mistake in Leadpages allows attackers to access accounts with security levels set incorrectly. This issue affects all Leadpages versions from n/a through 1.1.3. To fix this, update to a newer version of Leadpages or adjust your security settings to prevent unauthorized access.

Original title

Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through <= 1.1.3.

Original description

Missing Authorization vulnerability in Leadpages Leadpages leadpages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leadpages: from n/a through <= 1.1.3.

nvd CVSS3.1 6.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/leadpages/vulnerability/wordpre...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026