cleantalk
Vulnerabilities and Security Researches

Link Whisper Free, CVE-2026-1900

CVE, Research URL

CVE-2026-1900

Home page URL

Security reports for Link Whisper Free

Application

Link Whisper Free

Published on
Apr 07, 2026
Research Description
The Link Whisper Free WordPress plugin before 0.9.1 has a publicly accessible REST endpoint that allows unauthenticated settings updates.
Affected versions
max 0.9.1.
Status
vulnerable
Previous vulnerability researches
Easy FancyBox – WordPress Lightbox Plugin (CVE-2024-5020) , Dec 06, 2024
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-5035) , Apr 26, 2026
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-52707) , Jun 30, 2025
Easy FancyBox – WordPress Lightbox Plugin , Jul 24, 2024
Easy FancyBox – WordPress Lightbox Plugin (CVE-2024-50460) , Oct 27, 2024
New vulnerability
WordPress Classifieds Plugin – Ad Directory & Listings by AWP Classifieds (CVE-2026-39533) , Apr 27, 2026
Projectopia – WordPress Project Management Plugin (CVE-2025-59133) , Apr 27, 2026
Link Whisper Free (CVE-2026-1900) , Apr 27, 2026
Easy FancyBox – WordPress Lightbox Plugin (CVE-2025-5035) , Apr 26, 2026
Elementor Header & Footer Builder (CVE-2025-9703) , Apr 26, 2026