CVE-2026-2301 | Post Duplicator Plugin up to 3.0.8 on WordPress REST API Endpoint includes/api.php duplicate_post authorization

Inserito da Angelo Barbosa | Feb 24, 2026 | CVE

A vulnerability was found in Post Duplicator Plugin up to 3.0.8 on WordPress. It has been declared as critical. Impacted is the function duplicate_post of the file includes/api.php of the component REST API Endpoint. The manipulation results in missing authorization.

This vulnerability is reported as CVE-2026-2301. The attack can be launched remotely. No exploit exists.

CVE-2026-2301 | Post Duplicator Plugin up to 3.0.8 on WordPress REST API Endpoint includes/api.php duplicate_post authorization

Post correlati

CVE-2023-38380 | Siemens SIPLUS NET CP 1543-1 memory leak (ssa-693975)

CVE-2024-50341 | Symfony Security::login improper authentication

CVE-2024-51719 | Kevin Walker & Roman Peterhans Simplistic SEO Plugin up to 2.3.0 on WordPress cross site scripting

CVE-2024-6811 | IrfanView WSQ File Parser out-of-bounds write