ByteOS Network

CVE Vulnerability Details :

CVE-2026-53736

PUBLISHED

More Info Official Page

Assigner-VulnCheck

Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10

Published At-10 Jun, 2026 | 20:39

Updated At-10 Jun, 2026 | 20:39

▼CVE Numbering Authority (CNA)

Easy Twitter Feeds before 1.2.13 Cross-Site Request Forgery via duplicate_post Action

Easy Twitter Feeds before 1.2.13 contains a cross-site request forgery vulnerability in the duplicate_post action handler that lacks nonce verification. Attackers can trick an authenticated user into visiting a crafted link that duplicates any post regardless of post type.

Affected Products

Vendor

bplugins

Product

Easy Twitter Feeds

Versions

Affected

From 0 before 1.2.13 (semver)

Problem Types

Type	CWE ID	Description
CWE	CWE-352	Cross-Site Request Forgery (CSRF)

Type: CWE

CWE ID: CWE-352

Description: Cross-Site Request Forgery (CSRF)

Metrics

Version	Base score	Base severity	Vector
4.0	5.1	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
3.1	4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Version: 4.0

Base score: 5.1

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Version: 3.1

Base score: 4.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Credits

finder

Scott Moore - VulnCheck

References

Hyperlink	Resource
https://wordpress.org/plugins/easy-twitter-feeds/	product
https://www.vulncheck.com/advisories/easy-twitter-feeds-before-cross-site-request-forgery-via-duplicate-post-action	third-party-advisory

Hyperlink: https://wordpress.org/plugins/easy-twitter-feeds/

Resource:

product

Hyperlink: https://www.vulncheck.com/advisories/easy-twitter-feeds-before-cross-site-request-forgery-via-duplicate-post-action

Resource:

third-party-advisory

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References