CVE-2026-39474

Published: Giu 15, 2026 Last Modified: Giu 15, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

AI Translation Available

Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions.

502

Draft

Abstraction: Base Structure: Simple

Security Scopes Affected:

Integrity Availability Other

Potential Impacts:

Modify Application Data Unexpected State Dos: Resource Consumption (Cpu) Varies By Context

Languages: Java, Ruby, PHP, Python, JavaScript

Technologies: Not Technology-Specific, ICS/OT, AI/ML

Likelihood of Exploit: Medium

https://patchstack.com/database/wordpress/plugin/post-duplicator/vulnerability/…