CVE-2026-9676 | F4 Post Tree Plugin up to 2.0.4 on WordPress AJAX Action authorization

Inserito da Angelo Barbosa | Giu 29, 2026 | CVE

A vulnerability has been found in F4 Post Tree Plugin up to 2.0.4 on WordPress and classified as critical. The impacted element is an unknown function of the component AJAX Action Handler. Performing a manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-9676. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-9676 | F4 Post Tree Plugin up to 2.0.4 on WordPress AJAX Action authorization

Post correlati

CVE-2025-14695 | SamuNatsu HaloBot up to 026b01d4a896d93eaaf9d5163a287dc9f267515b Inter-plugin API index.js html_renderer action dynamically-managed code resources

CVE-2025-8835 | JasPer up to 4.2.5 Image Color Space Conversion jas_image.c jas_image_chclrspc null pointer dereference (Issue 400)

CVE-2024-51428 | Espressif ESP-IDF 5.3.0 Channel Packet denial of service

CVE-2024-6348 | Nissan Altima 2022 Blind Spot Protection Sensor ECU random values