EUVD-2026-12812

Missing Authorization vulnerability in WebberZone Contextual Related Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a before 4.2.2...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to missing capability checks in the clonebulkactionhandler and republishrequest functions. An attacker can duplicate or overwrite posts, including those they should not have access to, by sending crafted reques...

GHSA-G9W4-M5FX-X3WV Yoast Duplicate Post has an Authenticated (Contributor+) Missing Authorization to Arbitrary Post Duplication and Overwrite

The Yoast Duplicate Post plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clonebulkactionhandler and republishrequest functions in all versions up to, and including, 4.5. This makes it possible for authenticated attackers, with...

CVE-2026-32565

Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through 4.2.2...

CVE-2026-32565

Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through 4.2.2...

CVE-2026-32565

CVE-2026-32565 concerns the WordPress plugin Contextual Related Posts (versions before 4.2.2). The issue is a Missing Authorization vulnerability arising from broken access control, allowing exploitation under unauthenticated conditions (per CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N; base score 5...

CVE-2026-32565 WordPress Contextual Related Posts plugin < 4.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through 4.2.2...

CVE-2026-32565 WordPress Contextual Related Posts plugin < 4.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ajay Contextual Related Posts contextual-related-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a through 4.2.2...

WordPress Contextual Related Posts plugin < 4.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Contextual Related Posts versions 4.2.2...

CVE-2026-1217

The Yoast Duplicate Post plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clonebulkactionhandler and republishrequest functions in all versions up to, and including, 4.5. This makes it possible for authenticated attackers, with...

CVE-2026-1217

The CVE-2026-1217 issue affects the WordPress plugin Yoast Duplicate Post, where a missing capability check in clone_bulk_action_handler() and republish_request() enables authenticated attackers (Contributor level and above) to duplicate any post, including private/draft/trashed posts. Additional...

PT-2026-26041

Name of the Vulnerable Software and Affected Versions WebberZone Contextual Related Posts versions prior to 4.2.2 Description An authorization issue exists in WebberZone Contextual Related Posts due to incorrectly configured access control security levels. This allows for unauthorized access...

WordPress Plugin Contextual Related Posts 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

CVE-2026-25770

creationtimestamp| type| source ---|---|--- 2026-03-17 21:02:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbunjfvy62k 2026-03-17 21:02:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbuocmang26 2026-03-19 18:20:09+00:00| seen|...

CVE-2026-33166

creationtimestamp| type| source ---|---|--- 2026-03-17 19:33:39+00:00| published-proof-of-concept| https://github.com/allure-framework/allure2/security/advisories/GHSA-64hm-gfwq-jppw 2026-03-20 22:17:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhjkayru3c2f 2026-03-20...

CVE-2026-3888

creationtimestamp| type| source ---|---|--- 2026-03-17 19:24:31+00:00| seen| https://t.me/ctinow/247297 2026-03-17 20:01:23+00:00| seen| https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mhbrae5mtr62 2026-03-17 20:33:25+00:00| seen|...

CVE-2026-32295

creationtimestamp| type| source ---|---|--- 2026-03-17 19:00:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnsu3ucx2f 2026-03-17 19:01:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnuzm64r2c 2026-03-18 17:04:14+00:00| seen|...

CVE-2026-32292

creationtimestamp| type| source ---|---|--- 2026-03-17 18:59:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnqtshit2c 2026-03-17 18:59:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnrugfpz2c 2026-03-18 07:30:29+00:00| seen|...

CVE-2026-32298

creationtimestamp| type| source ---|---|--- 2026-03-17 18:58:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnqr745s2u 2026-03-17 18:59:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnrnn7yv25 2026-03-17 19:00:01+00:00| seen|...

CVE-2026-32297

creationtimestamp| type| source ---|---|--- 2026-03-17 18:58:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnqkje7s2k 2026-03-17 18:59:21+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbnrh2ehj2c 2026-03-17 18:59:54+00:00| seen|...