6 matches found
CVE-2026-14503
The pCloud WP Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.3 via the wp2pclajaxprocessrequestinner. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract force generation of a...
EUVD-2026-45132
The pCloud WP Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.3 via the wp2pclajaxprocessrequestinner. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract force generation of a...
CVE-2026-1104 FastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download
The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to unauthorized backup creation and download due to a missing capability check on REST API endpoints in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with...
CVE-2026-1104
CVE-2026-1104 affects the FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress. The vulnerability is due to a missing capability check on REST API endpoints across all versions up to and including 2.7.1, enabling authenticated attackers with Contributor-level access and above t...
CVE-2022-2551
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...
CVE-2022-2551
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...