4 matches found
CVE-2024-12472
The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the mtphrduplicatepost function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-12472
creationtimestamp| type| source ---|---|--- 2025-01-11 02:43:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113807419180725614 2025-01-11 03:04:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1263 2025-01-11 03:15:57+00:00| seen|...
CVE-2024-12472 Post Duplicator <= 2.36 - Authenticated (Contributor+) Protected Post Disclosure
The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the mtphrduplicatepost function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-12472
CVE-2024-12472 affects the WordPress Post Duplicator plugin. Reports indicate information exposure via mtphr_duplicate_post() in all versions up to 2.36, enabling authenticated attackers with Contributor+ rights to duplicate posts and access data from password‑protected, private, or draft posts. ...