cleantalk
Vulnerabilities and Security Researches

Remove Duplicate Posts, CVE-2023-29237

CVE, Research URL

CVE-2023-29237

Home page URL

Security reports for Remove Duplicate Posts

Application

Remove Duplicate Posts

Published on
-
Research Description
The Remove Duplicate Posts plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rdp_ajax_process() and rdp_get_result() functions in versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete posts and retrieve duplicate post ids.
Affected versions
max 1.3.5.
Status
vulnerable
Previous vulnerability researches
Duplicate Page and Post (CVE-2025-31466) , Apr 02, 2025
Duplicate Page and Post (CVE-2025-31471) , Apr 02, 2025
Remove Duplicate Posts (1f5faa66dc6d492718ce5db9c3895b5840416340) , Jun 07, 2024
Remove Duplicate Posts (CVE-2023-29237) , Jun 10, 2024
Delete Duplicate Posts (CVE-2023-47754) , Jun 07, 2024
New vulnerability
WDV One Page Docs – Documentation Plugin for WordPress (CVE-2025-68896) , Feb 27, 2026
Recooty – Modern Applicant Tracking System for Growing Companies (CVE-2025-14616) , Feb 27, 2026
Timeline Event History (CVE-2025-69384) , Feb 27, 2026
SEO Plugin by Squirrly SEO (CVE-2025-14342) , Feb 27, 2026
SupportCandy – Helpdesk & Customer Support Ticket System (CVE-2026-25321) , Feb 27, 2026