WordPress WP Clone <= 2.4.2 - Database Backup Exposure

Clone WordPress plugin 2.4.3 contains a buffer overflow caused by storing in-progress backup information in publicly accessible buffer files at a static file path, letting attackers access sensitive backup data, exploit requires no special privileges id: CVE-2023-6750 info: name: WordPress WP Clo...

EUVD-2008-6711

Malware in sbrugna...

WordPress plugin WP Clone any post type 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-2478

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

CVE-2025-2478

CVE-2025-2478 (Code Clone WordPress plugin) describes a time-based SQL Injection via the snippetId parameter in versions

CVE-2025-2478 Code Clone <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

WordPress Code Clone plugin <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter vulnerability

Authenticated Administrator+ SQL Injection via snippetId Parameter vulnerability discovered by Hoang Phuc Vo HrxKnight in WordPress Plugin Code Clone versions = 0.9...

CVE-2024-10913

The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursiveunserializedreplace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain i...

CVE-2023-25486

CVE-2023-25486 affects WordPress Clone Plugin

CVE-2023-25486 WordPress Clone plugin <= 2.3.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.3.7...

WordPress plugin Clone 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-10913

The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursiveunserializedreplace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain i...

CVE-2024-10913 Clone <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace'

The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursiveunserializedreplace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain i...

WordPress Clone plugin <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace' vulnerability

Unauthenticated PHP Object Injection via 'recursiveunserializedreplace' vulnerability discovered by Webbernaut in WordPress Plugin Clone versions = 2.4.6...

WordPress plugin Clone 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress Clone Plugin <= 2.4.6 is vulnerable to PHP Object Injection

Software Clone Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10913 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3676e7fb18ec Credits Webbernaut Required privilege Unauthenticated...

PT-2024-16638 · WordPress · Clone

Name of the Vulnerable Software and Affected Versions: The Clone plugin for WordPress versions up to, and including, 2.4.6 Description: The issue allows unauthenticated attackers to inject a PHP Object via deserialization of untrusted input in the recursive unserialized replace function. If a POP...

CVE-2024-43297 WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5...

CVE-2024-43298 WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5...

CVE-2024-43298 WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Migrate Clone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clone: from n/a through 2.4.5...