CVE-2026-1786 in Twitter Posts to Blog Plugininformación

Resumen

por MITRE • 2026-02-11

The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dg_tw_options' function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including Twitter API credentials, post author, post status, and the capability required to access the plugin's admin menu.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgación

2026-02-11

Moderación

aceptado

Artículo

VDB-345414

CPE

listo

CWE

CWE-862 (confirmado)

CVSS

6.5 (CNA)

EPSS

0.00042

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-1786
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-1786
CVE Details	https://www.cvedetails.com/cve/CVE-2026-1786/

◂ Anterior Visión De Conjunto Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!