Description
The Context Blog theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.5 via the context_blog_modal_popup. This makes it possible for unauthenticated attackers to extract the content of password-protected posts.
Published: 2026-07-11
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 11 Jul 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Postmagthemes
Postmagthemes context Blog
Wordpress
Wordpress wordpress
Vendors & Products Postmagthemes
Postmagthemes context Blog
Wordpress
Wordpress wordpress

Sat, 11 Jul 2026 06:30:00 +0000

Type Values Removed Values Added
Description The Context Blog theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.5 via the context_blog_modal_popup. This makes it possible for unauthenticated attackers to extract the content of password-protected posts.
Title Context Blog <= 1.3.5 - Unauthenticated Sensitive Information Exposure via 'postID' Parameter
Weaknesses CWE-200
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}


Subscriptions

Postmagthemes Context Blog
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-07-11T05:35:46.896Z

Reserved: 2026-04-21T14:48:11.329Z

Link: CVE-2026-6801

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-11T08:45:03Z

Weaknesses
  • CWE-200

    Exposure of Sensitive Information to an Unauthorized Actor