Lucene search
K

123 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:30 a.m.5 views

CVE-2023-36526

Missing Authorization vulnerability in Inqsys Technology Duplicate Post Page Menu & Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Duplicate Post Page Menu & Custom Post Type: from n/a through 2.4.1...

5.4CVSS8.5AI score0.00452EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 a.m.8 views

CVE-2014-10379

The duplicate-post plugin before 2.6 for WordPress has SQL injection...

9.8CVSS7.8AI score0.01795EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 a.m.10 views

CVE-2014-10378

The duplicate-post plugin before 2.6 for WordPress has XSS...

6.1CVSS7.1AI score0.00913EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/28 12:50 p.m.3 views

WordPress Duplicate Page and Post plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Duplicate Page and Post versions = 1.0...

5.9CVSS6AI score0.00214EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/02/13 7:15 a.m.10 views

CVE-2025-0661

The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicatepost function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score0.00263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/11 12:0 a.m.10 views

PT-2025-1861 · WordPress · Post Duplicator

Name of the Vulnerable Software and Affected Versions: Post Duplicator plugin for WordPress version 2.36 and earlier Description: The issue is related to Information Exposure due to insufficient restrictions on which posts can be duplicated, making it possible for authenticated attackers with...

5.3CVSS7.1AI score0.00298EPSS
Exploits0References8
CVE
CVE
added 2025/01/07 3:21 a.m.44 views

CVE-2024-12538

CVE-2024-12538 (WordPress) affects the Duplicate Post, Page and Any Custom Post plugin. According to the provided sources, it exposes sensitive information from draft, scheduled (future), private, and password-protected posts via the dpp_duplicate_as_draft function. The issue requires authenticat...

4.3CVSS7.2AI score0.00316EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.5 views

WordPress plugin Duplicate Post, Page and Any Custom Post 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...

4.3CVSS7.6AI score0.00316EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/06 5:7 p.m.6 views

WordPress Duplicate Post, Page and Any Custom Post plugin <= 3.5.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication vulnerability

Authenticated Contributor+ Post Disclosure via Post Duplication vulnerability discovered by Webbernaut in WordPress Plugin Duplicate Post, Page and Any Custom Post versions = 3.5.5...

4.3CVSS6.8AI score0.00316EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/24 12:0 a.m.4 views

PT-2024-17411 · WordPress · Advanced Floating Content

Name of the Vulnerable Software and Affected Versions: Advanced Floating Content plugin for WordPress versions up to, and including, 3.8.2 Description: The issue arises from insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query in the...

6.5CVSS9.5AI score0.00425EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.16 views

PT-2024-17655 · WordPress · Button Block

Name of the Vulnerable Software and Affected Versions: Button Block plugin for WordPress versions up to, and including, 1.1.5 Description: The issue allows authenticated attackers with Contributor-level access and above to extract potentially sensitive data from draft, scheduled, private, and...

6.5CVSS9.4AI score0.00355EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2024/12/13 3:15 p.m.6 views

CVE-2023-36526

Missing Authorization vulnerability in Attinder Singh Duplicate Post Page Menu & Custom Post Type duplicate-post-page-menu-custom-post-type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Duplicate Post Page Menu & Custom Post Type: from n/a through =...

5.4CVSS5.8AI score0.00452EPSS
Exploits0References3
NVD
NVD
added 2024/12/13 3:15 p.m.9 views

CVE-2023-36526

Missing Authorization vulnerability in Inqsys Technology Duplicate Post Page Menu & Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Duplicate Post Page Menu & Custom Post Type: from n/a through 2.4.1...

5.4CVSS0.00452EPSS
Exploits0References1
CVE
CVE
added 2024/12/13 2:23 p.m.43 views

CVE-2023-36526

CVE-2023-36526 affects the WordPress plugin Duplicate Post Page Menu & Custom Post Type (versions

5.4CVSS8.5AI score0.00452EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.4 views

PT-2024-12569 · WordPress · Duplicate Post Page Menu & Custom Post Type

Name of the Vulnerable Software and Affected Versions: Duplicate Post Page Menu & Custom Post Type versions 2.3.1 through 2.4.1 Description: The issue affects the Duplicate Post Page Menu & Custom Post Type plugin, allowing for broken access control due to missing authorization. This enables...

5.4CVSS9.7AI score0.00452EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.3 views

WordPress plugin Duplicate Post Page Menu & Custom Post Type 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Duplica...

5.4CVSS8.1AI score0.00452EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 7:15 a.m.3 views

CVE-2024-8123

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.8 via the duplicatepost function due to missing validation on a user controlled key. This makes it possible for authenticated attackers...

5.4CVSS5.8AI score0.00309EPSS
Exploits0References3
CVE
CVE
added 2024/09/04 6:49 a.m.53 views

CVE-2024-8123

CVE-2024-8123 affects the WordPress plugin “The Ultimate WordPress Toolkit – WP Extended” (

5.4CVSS5.6AI score0.00309EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.10 views

PT-2024-38814 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Toolkit – WP Extended plugin for WordPress versions up to, and including, 3.0.8 Description: The issue allows authenticated attackers with Contributor-level access and above to duplicate posts written by other authors,...

5.4CVSS7.1AI score0.00309EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/04/29 9:16 a.m.19 views

CVE-2024-33595 WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on Duplicate Post vulnerability

Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1...

4.3CVSS5AI score0.00452EPSS
Exploits0References1
Rows per page
Query Builder