VYPR

Remove Post Type Slug

by WordPress

Source repositories

CVEs (1)

  • CVE-2025-14167MedFeb 19, 2026
    risk 0.28cvss 4.3epss 0.00

    The Remove Post Type Slug plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to incorrect nonce validation logic that uses OR (||) instead of AND (&&), causing the validation to fail when the nonce field is…