Approved changes feed: RSS · Atom

cpe:2.3:a:alexkar:ark_related_posts:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAlexkar (e9cf77be-6b39-59a5-a0e0-a55c5715848e)
ProductArk Related Posts (3b6c9dca-7ec8-5b27-a069-1de827762251)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-13684 vulnerable 2026-06-08 07:06:32.489124 ARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings Update
MEDIUM (4.3)
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2.19. This is due to missing or incorrect nonce validation on the ark_rp_options_page function. This makes it possible for unauthenticated attackers to modify the plugin's configuration settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2025-12-05T07:26:17.419Z
Updated: 2026-04-08T17:03:13.105Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.