CVE Catalog

CVE-2026-39474

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.43%

34th percentile - higher than 34% of all known CVEs

Summary

Post Duplicator versions up to 3.0.10 are vulnerable to PHP Object Injection, which may lead to unauthorized access or data manipulation.

Risk Assessment

Organizations using these versions may be exposed to attacks that could result in serious security breaches.

Recommendation

It is recommended to upgrade to the latest version of Post Duplicator to mitigate this vulnerability.

Original NVD description (English source)

Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS