434 matches found
CVE-2018-17207
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files installer.php and installer-backup.php, an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution...
CVE-2016-10944
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF...
CVE-2017-16815
installer.php in the Snap Creek Duplicator WordPress Site Migration & Backup plugin before 1.2.30 for WordPress has XSS because the values "urlnew" /wp-content/plugins/duplicator/installer/build/view.step4.php and "logging" wp-content/plugins/duplicator/installer/build/view.step2.php are not...
CVE-2018-25095
The Duplicator WordPress plugin before 1.3.0 does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server...
CVE-2025-27283
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Path Traversal.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27282
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Using Malicious Files.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27282
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Using Malicious Files.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27283
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Path Traversal.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27282 WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Using Malicious Files.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27282 WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Using Malicious Files.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27282
CVE-2025-27282 : WordPress plugin Theme File Duplicator (rockgod100)
CVE-2025-27283 WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Path Traversal.This issue affects Theme File Duplicator: from n/a through = 1.3...
CVE-2025-27283
CVE-2025-27283 affects the WordPress plugin Theme File Duplicator (rockgod100 Theme File Duplicator). The issue is due to an improper limitation of a pathname to a restricted directory, enabling path traversal and an Arbitrary File Download vulnerability in Theme File Duplicator versions 1.3 and ...
CVE-2025-27283 WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Path Traversal.This issue affects Theme File Duplicator: from n/a through = 1.3...
WordPress plugin Theme File Duplicator 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...
PT-2025-17050 · Unknown · Theme File Duplicator
Name of the Vulnerable Software and Affected Versions: Theme File Duplicator versions 1.3 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows an attacker to traverse the file system and access...
WordPress plugin Theme File Duplicator 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...
PT-2025-17049 · Unknown · Theme File Duplicator
Name of the Vulnerable Software and Affected Versions: Theme File Duplicator versions 1.3 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the use of malicious files. Recommendations: For Theme File Duplicator versions 1.3 and earlier,...
CVE-2025-32538
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dev02ali Easy Post Duplicator easy-post-duplicator allows Reflected XSS.This issue affects Easy Post Duplicator: from n/a through = 1.0.1...
CVE-2025-32567
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in dev02ali Easy Post Duplicator easy-post-duplicator allows SQL Injection.This issue affects Easy Post Duplicator: from n/a through = 1.0.1...