CVE-2026-1273 | PostX Plugin up to 5.0.8 on WordPress REST API Endpoint starter_dummy_post server-side request forgery

Inserito da Angelo Barbosa | Mar 3, 2026 | CVE

A vulnerability described as critical has been identified in PostX Plugin up to 5.0.8 on WordPress. The impacted element is the function starter_dummy_post of the file /ultp/v3/starter_dummy_post/ of the component REST API Endpoint. Such manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-1273. The attack can be launched remotely. No exploit exists.

CVE-2026-1273 | PostX Plugin up to 5.0.8 on WordPress REST API Endpoint starter_dummy_post server-side request forgery

Post correlati

CVE-2023-49287 | cxong TinyDir up to 1.2.5 tinydir_file_open buffer overflow (GHSA-jf5r-wgf4-qhxf)

CVE-2024-31165 | Open Networking Foundation libfluid 0.1.0 unpack unchecked return value to null pointer dereference

CVE-2023-44853 | Cobham SAILOR VSAT Ku 164B019 sub_219C4 Privilege Escalation

CVE-2025-2905 | WSO2 API Manager up to 2.0.0 XML Parser xml external entity reference