cleantalk
Vulnerabilities and Security Researches

Duplicate Page and Post, CVE-2026-49046

CVE, Research URL

CVE-2026-49046

Home page URL

Security reports for Duplicate Page and Post

Application

Duplicate Page and Post

Published on
May 27, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5.
Affected versions
max 2.9.5.
Status
vulnerable
Previous vulnerability researches
Content Slideshow (CVE-2026-8873) , May 29, 2026
New vulnerability
WCFM Membership – WooCommerce Memberships for Multivendor Marketplace (CVE-2026-42753) , May 29, 2026
Backup and Staging by WP Time Capsule (CVE-2026-42760) , May 29, 2026
Disable Comments for Any Post Types (Remove comments) (CVE-2026-42749) , May 29, 2026
Rank Math SEO with AI SEO Tools (CVE-2025-12714) , May 29, 2026
WP Contact Form 7 DB Handler (CVE-2026-6455) , May 29, 2026