A vulnerability has been found in smub ExactMetrics Plugin up to 9.1.2 on WordPress and classified as problematic . This vulnerability affects the function onboarding_key of the file /wp-json/exactmetrics/v1/onboarding/connect-url of the component Google Analytics Dashboard . This manipulation of the argument File causes missing authorization. This vulnerability is handled as CVE-2026-5464 . The attack can be initiated remotely. There is not any exploit available. The affected component should b