Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Duplicate Page Or Post Security Vulnerabilities

cve
cve

CVE-2023-4792

The Duplicate Post Page Menu & Custom Post Type plugin for WordPress is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicate_ppmc_post_as_draft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers...

4.3CVSS

5.2AI Score

0.001EPSS

2023-09-07 02:15 AM
11
cve
cve

CVE-2021-25075

The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings, or perform such...

3.5CVSS

4AI Score

0.001EPSS

2022-02-21 11:15 AM
69
cve
cve

CVE-2021-24681

The Duplicate Page WordPress plugin through 4.4.2 does not sanitise or escape the Duplicate Post Suffix settings before outputting it, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is...

4.8CVSS

4.8AI Score

0.001EPSS

2021-10-11 11:15 AM
21