CVE-2026-2893 Page and Post Clone <= 6.3 - Authenticated (Contributor+) SQL Injection via 'meta_key' Parameter

The Page and Post Clone plugin for WordPress is vulnerable to SQL Injection via the 'metakey' parameter in the contentclone function in all versions up to, and including, 6.3. This is due to insufficient escaping on the user-supplied metakey value and insufficient preparation on the existing SQL...

WordPress Page and Post Clone plugin <= 6.0 - Insecure Direct Object Reference to Authenticated (Author+) Sensitive Information Exposure vulnerability

Insecure Direct Object Reference to Authenticated Author+ Sensitive Information Exposure vulnerability discovered by Bassem Essam in WordPress Plugin Page and Post Clone versions = 6.0...

WordPress plugin Page and Post Clone security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-37257 · WordPress · Page/Post Clone

Name of the Vulnerable Software and Affected Versions: Page and Post Clone plugin for WordPress versions up to, and including, 6.0 Description: The issue allows authenticated attackers with Author-level access and above to clone and read private posts due to missing validation on a user-controlle...

CVE-2021-24733

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

CVE-2021-24733

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

Default credentials

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

CVE-2021-24733

CVE-2021-24733 pertains to the WordPress plugin WP Post Page Clone. Multiple sources confirm an access-control flaw in versions older than 1.2 that lets users with very low privileges (as low as Contributor) clone and view other users’ drafts and password‑protected posts that aren’t normally acce...

CVE-2021-24733 WP Post Page Clone < 1.2 - Unauthorised Post Access

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally...

WordPress plugin 访问控制错误漏洞

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. An access control error vulnerability exists in versions prior to Wordpress Plugin WP Post Page Clone...

Duplicate Page and Post < 2.5.7 & WP Post Page Clone < 1.1 - SQL Injections due to Duplicated Snippets

SQL Injections in the Duplicate Post, WP Post Page Clone, Duplicate Page and Post plugins, due to using the snippet piece of code. The issue in the duplicate-post was already added, at https://wpvulndb.com/vulnerabilities/9251...

WordPress WP Post Page Clone plugin <= 1.0 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability found by Antony Garand Sucuri in WordPress WP Post Page Clone plugin versions = 1.0. Solution Update the WordPress WP Post Page Clone plugin to the latest available version at least 1.1...