{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T16:07:17.082","vulnerabilities":[{"cve":{"id":"CVE-2026-1786","sourceIdentifier":"security@wordfence.com","published":"2026-02-11T09:15:51.690","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dg_tw_options' function in all versions up to, and including, 1.11.25. This makes it possible for unauthenticated attackers to update plugin settings including Twitter API credentials, post author, post status, and the capability required to access the plugin's admin menu."},{"lang":"es","value":"El plugin Twitter posts to Blog para WordPress es vulnerable a la modificación no autorizada de datos debido a una comprobación de capacidad faltante en la función dg_tw_options en todas las versiones hasta la 1.11.25, inclusive. Esto hace posible que atacantes no autenticados actualicen la configuración del plugin, incluyendo las credenciales de la API de Twitter, el autor de la publicación, el estado de la publicación y la capacidad requerida para acceder al menú de administración del plugin."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/twitter-posts-to-blog/trunk/functions.php#L426","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/abcbb84c-6c2d-40c1-8c64-7d4866fa9503?source=cve","source":"security@wordfence.com"}]}}]}