cleantalk
Vulnerabilities and Security Researches

Remove Duplicate Posts, CVE-2023-29237

CVE, Research URL

CVE-2023-29237

Home page URL

Security reports for Remove Duplicate Posts

Application

Remove Duplicate Posts

Published on
-
Research Description
The Remove Duplicate Posts plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rdp_ajax_process() and rdp_get_result() functions in versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete posts and retrieve duplicate post ids.
Affected versions
max 1.3.5.
Status
vulnerable
Previous vulnerability researches
Remove Duplicate Posts (1f5faa66dc6d492718ce5db9c3895b5840416340) , Jun 07, 2024
Remove Duplicate Posts (CVE-2023-29237) , Jun 10, 2024
New vulnerability
Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! (CVE-2026-22422) , Feb 27, 2026
WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce (CVE-2026-25316) , Feb 27, 2026
Autopost for X (formerly Autoshare for Twitter) (CVE-2026-25311) , Feb 27, 2026
Mopinion Feedback Form (CVE-2025-68856) , Feb 27, 2026
Country Blocker for AdSense (CVE-2025-13413) , Feb 27, 2026