CyberRota
← Ana sayfaya dön

CVE-2026-9676

MEDIUM · CVSS 4.3 EPSS %0.10

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-29T07:16:26.257 · Çekilme zamanı: 2026-06-30T18:36:58.821441+00:00

CyberRota Yorumu

Saldırganın giriş yapmış olması gerekebilir.

CVE
CVE-2026-9676
Severity
MEDIUM
CVSS
4.3
EPSS
%0.10
WordPress

Orijinal NVD Açıklaması

The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users with Subscriber-level access and above to modify the parent and menu order of arbitrary posts.