Lucene search
+L

434 matches found

nvd
nvd
added 2026/02/25 10:16 a.m.13 views

CVE-2026-2301

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicatepost function in includes/api.php using $wpdb-insert directly to the wppostmeta table instead of WordPress's...

4.3CVSS0.00211EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/02/25 9:26 a.m.4 views

CVE-2026-2301 Post Duplicator <= 3.0.8 - Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicatepost function in includes/api.php using $wpdb-insert directly to the wppostmeta table instead of WordPress's...

4.3CVSS5.5AI score0.00211EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/02/25 9:26 a.m.5 views

CVE-2026-2301

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicatepost function in includes/api.php using $wpdb-insert directly to the wppostmeta table instead of WordPress's...

4.3CVSS5.5AI score0.00211EPSS
Exploits0References5
cvelist
cvelist
added 2026/02/25 9:26 a.m.33 views

CVE-2026-2301 Post Duplicator <= 3.0.8 - Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicatepost function in includes/api.php using $wpdb-insert directly to the wppostmeta table instead of WordPress's...

4.3CVSS0.00211EPSS
Exploits0References4
cve
cve
added 2026/02/25 9:26 a.m.20 views

CVE-2026-2301

CVE-2026-2301 (Post Duplicator, WordPress): Wordfence and related sources confirm a protected post meta insertion vulnerability in Post Duplicator

4.3CVSS5.5AI score0.00211EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/02/25 12:0 a.m.11 views

PT-2026-21893

The Post Duplicator plugin for WordPress is vulnerable to unauthorized arbitrary protected post meta insertion in all versions up to, and including, 3.0.8. This is due to the duplicate post function in includes/api.php using $wpdb-insert directly to the wp postmeta table instead of WordPress's...

4.3CVSS5.5AI score0.00211EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/02/25 12:0 a.m.13 views

WordPress plugin Post Duplicator 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.9AI score0.00211EPSS
Exploits0References4
patchstack
patchstack
added 2026/02/24 11:37 p.m.8 views

WordPress Post Duplicator plugin <= 3.0.8 - Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter vulnerability

Missing Authorization to Authenticated Contributor+ Protected Post Meta Insertion via 'customMetaData' Parameter vulnerability discovered by Nguyen Ba Hung bashu - KCSC in WordPress Plugin Post Duplicator versions = 3.0.8...

4.3CVSS5.4AI score0.00211EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/01/23 9:15 p.m.6 views

CVE-2026-24387

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.11 views

CVE-2026-24387

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS0.00218EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/22 4:52 p.m.3 views

CVE-2026-24387

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS5.3AI score0.00218EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/01/22 4:52 p.m.4 views

CVE-2026-24387 WordPress WP Quick Post Duplicator plugin <= 2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/22 4:52 p.m.28 views

CVE-2026-24387 WordPress WP Quick Post Duplicator plugin <= 2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

4.3CVSS0.00218EPSS
Exploits0References1
cve
cve
added 2026/01/22 4:52 p.m.24 views

CVE-2026-24387

CVE-2026-24387 is a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin WP Quick Post Duplicator. The issue arises from incorrectly configured access control security levels, potentially allowing unauthorized actions on WP Quick Post Duplicator versions up to and i...

4.3CVSS5.4AI score0.00218EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/01/22 12:0 a.m.14 views

PT-2026-4270

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator wp-quick-post-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through = 2.1...

5.4AI score0.00218EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/01/22 12:0 a.m.9 views

WordPress plugin WP Quick Post Duplicator has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:26 a.m.10 views

CVE-2021-33852

A cross-site scripting XSS attack can cause arbitrary code JavaScript to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the "Duplicate Title" text box executes whenever the user opens the Settings Page of the Post Duplicator Plugin or th...

5.4CVSS5.6AI score0.00627EPSS
Exploits2References1
redhatcve
redhatcve
added 2026/01/09 9:26 a.m.4 views

CVE-2023-31214

Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through 2.0...

5.4CVSS8.5AI score0.00282EPSS
Exploits0References1
patchstack
patchstack
added 2026/01/08 2:6 p.m.6 views

WordPress WP Quick Post Duplicator plugin <= 2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WP Quick Post Duplicator versions = 2.1...

4.3CVSS5.4AI score0.00218EPSS
Exploits0Affected Software1
euvd
euvd
added 2025/10/22 3:31 p.m.5 views

EUVD-2025-35476

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Globalis MultiSite Clone Duplicator multisite-clone-duplicator allows Reflected XSS.This issue affects MultiSite Clone Duplicator: from n/a through = 1.5.3...

5.9AI score0.0023EPSS
Exploits0References2
Rows per page
Query Builder