CVE Catalog
CVE-2026-39474
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk0.43%
34th percentile - higher than 34% of all known CVEs
Summary
Post Duplicator versions up to 3.0.10 are vulnerable to PHP Object Injection, which may lead to unauthorized access or data manipulation.
Risk Assessment
Organizations using these versions may be exposed to attacks that could result in serious security breaches.
Recommendation
It is recommended to upgrade to the latest version of Post Duplicator to mitigate this vulnerability.
Original NVD description (English source)
Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions.

