85 matches found
Duplicate Page WordPress - Stored Cross-Site Scripting
Duplicate Page WordPress plugin = 4.4.2 contains a stored cross-site scripting caused by unsanitized Duplicate Post Suffix settings in output, letting high privilege users execute malicious scripts, exploit requires high privilege user role. id: CVE-2021-24681 info: name: Duplicate Page WordPress...
CVE-2026-49046
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
CVE-2026-49046
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
EUVD-2026-32539
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
CVE-2026-49046 WordPress Duplicate Page and Post plugin <= 2.9.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
CVE-2026-49046 WordPress Duplicate Page and Post plugin <= 2.9.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
CVE-2026-49046
The CVE-2026-49046 entry concerns the WordPress plugin Duplicate Page and Post by Arjun Thakur, with an SQL Injection vulnerability caused by improper neutralization of special elements in SQL commands . Affected are plugin versions from unspecified earliest up to 2.9.5 . The CVSS 3.1 baseline sc...
WordPress Duplicate Page and Post plugin <= 2.9.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by timomangcut in WordPress Plugin Duplicate Page and Post versions = 2.9.5...
PT-2026-44024
Name of the Vulnerable Software and Affected Versions Duplicate Page and Post versions prior to 2.9.6 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return the...
WordPress plugin Duplicate Page and Post SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2025-14001
The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'duplicateBulkHandle' and 'duplicateBulkHandleHPOS' functions in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...
WordPress WP Duplicate Page plugin <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication vulnerability
Missing Authorization to Authenticated Contributor+ Arbitrary Post Duplication vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin WP Duplicate Page versions = 1.8...
CVE-2025-14001
CVE-2025-14001 relates to the WordPress plugin WP Duplicate Page (versions
CVE-2025-14001 WP Duplicate Page <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication
The WP Duplicate Page plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'duplicateBulkHandle' and 'duplicateBulkHandleHPOS' functions in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with...
WordPress plugin WP Duplicate Page 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin atec Duplicate Page & Post has an unspecified vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin atec Duplicate Page & Post 1.2.20 and earli...
CVE-2025-13404
The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post duplication due to missing authorization validation on the duplicatepost function in all versions up to, and including, 1.2.20. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-13404
CVE-2025-13404 concerns the WordPress plugin “atec Duplicate Page & Post” (versions up to and including 1.2.20). The root cause is missing authorization validation in the duplicate_post() function, allowing authenticated users with Contributor-level access or higher to duplicate arbitrary posts, ...
WordPress plugin atec Duplicate Page & Post 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin atec Duplicate Page & Post 1.2.20 and earli...
WordPress atec Duplicate Page & Post plugin <= 1.2.20 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication and Data Exposure vulnerability
Missing Authorization to Authenticated Contributor+ Arbitrary Post Duplication and Data Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin atec Duplicate Page & Post versions = 1.2.20...