CVE-2026-4138 | nofearinc DX Unanswered Comments Plugin up to 1.7 on WordPress Setting dxuc-unanswered-comments-admin-page.php dxuc_authors_list cross-site request forgery

A vulnerability, which was classified as problematic, has been found in nofearinc DX Unanswered Comments Plugin up to 1.7 on WordPress. This impacts the function dxuc_authors_list of the file dxuc-unanswered-comments-admin-page.php of the component Setting Handler. This manipulation causes cross-site request forgery.

This vulnerability is tracked as CVE-2026-4138. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More