Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories, with AI-generated Chinese analysis, references, and POCs.

Vendor: publishpress

CVE IDTitleCVSSSeverityPublished
CVE-2025-14718 Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.3 - Missing Authorization to Authenticated (Contributor+) Workflow Manipulation CWE-862 5.4 Medium2026-01-09
CVE-2025-13741 Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.2 - Missing Authorization to Authenticated (Contributor+) Authors' Emails Exposure CWE-862 4.3 Medium2025-12-16
CVE-2025-13149 Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.1 - Authenticated (Author+) Missing Authorization to Post/Page Status Modification CWE-862 4.3 Medium2025-11-21

All 3 known CVE vulnerabilities affecting Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories with full Chinese analysis, references, and POCs where available.