CVE-2026-5464 | smub ExactMetrics Plugin up to 9.1.2 on WordPress Google Analytics Dashboard connect-url onboarding_key File authorization

A vulnerability has been found in smub ExactMetrics Plugin up to 9.1.2 on WordPress and classified as problematic. This vulnerability affects the function onboarding_key of the file /wp-json/exactmetrics/v1/onboarding/connect-url of the component Google Analytics Dashboard. This manipulation of the argument File causes missing authorization.

This vulnerability is handled as CVE-2026-5464. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More