Lucene search
K

93 matches found

NVD
NVD
added 2017/08/07 5:29 p.m.20 views

CVE-2014-9262

The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files...

8.2CVSS7.9AI score0.07486EPSS
Exploits2References1
Prion
Prion
added 2017/08/07 5:29 p.m.16 views

Design/Logic Flaw

The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files...

5.5CVSS6.8AI score0.07486EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2017/08/07 5:0 p.m.21 views

CVE-2014-9262

The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files...

7.9AI score0.07486EPSS
Exploits2References1
CVE
CVE
added 2017/08/07 5:0 p.m.48 views

CVE-2014-9262

The WordPress Duplicator plugin is affected: versions before 0.5.10 allow remote authenticated users to create and download backup files. This represents a privilege/permission issue that can expose site data. Impact is limited to authenticated users and backups; no mention of remote unauthentica...

8.2CVSS7.7AI score0.07486EPSS
Exploits2References1Affected Software1
CNVD
CNVD
added 2016/02/27 12:0 a.m.3 views

WordPress Duplicator plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language, which supports the hosting of personal blog sites on servers running PHP and MySQL.Duplicator is one of the extension plugins used to migrate/clone a site to another location. A cross-si...

6.8AI score
Exploits0References1
Patchstack
Patchstack
added 2016/02/11 12:0 a.m.9 views

WordPress Duplicator Plugin <= 1.1.3 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...

2.8AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/04/14 12:0 a.m.1 views

WordPress plugin Duplicator views/actions.php duplicator_delid parameter SQL injection vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Duplicator Plugin for WordPress is a plugin for WordPress. Duplicator Plugin for WordPress views/actions.php script handles a...

7.9AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/04/10 12:0 a.m.10 views

Duplicator <= 0.5.14 - SQL Injection & CSRF

An authorised user with "export" permission or a remote unauthenticated attacker could use this vulnerability to execute arbitrary SQL queries on the victim WordPress web site by enticing an authenticated admin CSRF. PoC http://www.example.com/wp-admin/admin-ajax.php?action=duplicatorpackagedelet...

1.9AI score
Exploits0References3Affected Software1
NVD
NVD
added 2013/08/09 9:55 p.m.46 views

CVE-2013-4625

Cross-site scripting XSS vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter...

4.3CVSS5.8AI score0.11102EPSS
Exploits2References7
Prion
Prion
added 2013/08/09 9:55 p.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter...

4.3CVSS6.2AI score0.11102EPSS
Exploits2References7Affected Software1
Cvelist
Cvelist
added 2013/08/09 9:0 p.m.49 views

CVE-2013-4625

Cross-site scripting XSS vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter...

5.8AI score0.11102EPSS
Exploits2References7
CVE
CVE
added 2013/08/09 9:0 p.m.72 views

CVE-2013-4625

The CVE-2013-4625 entry concerns WordPress Duplicator Plugin (vulnerable up to 0.4.4, fixed in 0.4.5). The vulnerability is an XSS in files/installer.cleanup.php where the package parameter is insufficiently sanitized, allowing remote attackers to inject arbitrary script/HTML. Evidence from multi...

4.3CVSS5.8AI score0.11102EPSS
Exploits2References7Affected Software1
seebug.org
seebug.org
added 2013/07/26 12:0 a.m.48 views

WordPress Duplicator 0.4.4 Cross Site Scripting

No description provided by source. Advisory ID: HTB23162 Product: Duplicator WordPress Plugin Vendor: LifeInTheGrid Vulnerable Versions: 0.4.4 and probably prior Tested Version: 0.4.4 Vendor Notification: June 19, 2013 Vendor Patch: July 21, 2013 Public Disclosure: July 24, 2013 Vulnerability Typ...

4.3CVSS6.6AI score0.11102EPSS
Exploits2
Rows per page
Query Builder