Lucene search
K

4 matches found

CVE
CVE
added 2026/02/12 2:25 p.m.17 views

CVE-2026-1104

CVE-2026-1104 affects the FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress. The vulnerability is due to a missing capability check on REST API endpoints across all versions up to and including 2.7.1, enabling authenticated attackers with Contributor-level access and above t...

8.8CVSS5.5AI score0.00266EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/12 2:25 p.m.30 views

CVE-2026-1104 FastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download

The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to unauthorized backup creation and download due to a missing capability check on REST API endpoints in all versions up to, and including, 2.7.1. This makes it possible for authenticated attackers, with...

8.8CVSS0.00266EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/22 3:15 p.m.2 views

CVE-2022-2551

The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...

7.5CVSS6.8AI score0.12485EPSS
Exploits5References4
NVD
NVD
added 2022/08/22 3:15 p.m.48 views

CVE-2022-2551

The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main installer endpoint of the plugin, if the installer script has been run once by an administrator, allowing download of the full site backup without authenticating...

7.5CVSS0.12485EPSS
Exploits5References2
Rows per page
Query Builder