This issue affects Duplicate Page and Post: from n/a through 2.9.5.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 29 May 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Arjun Thakur
Arjun Thakur duplicate Page And Post Wordpress Wordpress wordpress |
|
| Vendors & Products |
Arjun Thakur
Arjun Thakur duplicate Page And Post Wordpress Wordpress wordpress |
Thu, 28 May 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 27 May 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5. | |
| Title | WordPress Duplicate Page and Post plugin <= 2.9.5 - SQL Injection vulnerability | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-05-28T15:25:29.625Z
Reserved: 2026-05-27T08:41:55.487Z
Link: CVE-2026-49046
Updated: 2026-05-28T15:25:14.955Z
Status : Deferred
Published: 2026-05-27T15:16:33.087
Modified: 2026-06-17T10:55:27.660
Link: CVE-2026-49046
No data.
OpenCVE Enrichment
Updated: 2026-05-29T15:50:38Z