A vulnerability was found in SALESmanago & Leadoo Plugin up to 3.11.2 on WordPress and classified as critical . Impacted is an unknown function. Such manipulation leads to sql injection. This vulnerability is documented as CVE-2026-10835 . The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.