CVE-2016-10938

The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location.
Source: NIST
CVE-2016-10938