EUVD-2014-9087

Malware in sbrugna...

WordPress Duplicator Plugin <= 1.5.9 is vulnerable to Full Path Disclosure (FPD)

Software Duplicator Type Plugin Vulnerable versions = 1.5.9 Fixed in 1.5.10 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6210 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d4d879d29752 Credits stealthcopter Required...

WordPress Duplicator Pro Plugin <= 4.5.11 is vulnerable to Cross Site Scripting (XSS)

Software Duplicator Pro Type Plugin Vulnerable versions = 4.5.11 Fixed in 4.5.11.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33309 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d61102a3e8cc Credits Rafie Muhammad...

WordPress Duplicator 1.4.7 Plugin - Information Disclosure Vulnerability

Exploit Title: WordPress Plugin Duplicator 1.4.7 - Information Disclosure Exploit Author: SecuriTrust Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: = 1.4.7 Tested on: Linux, Windows CVE : CVE-2022-2552 Reference: https://securitrust.fr...

Wordpress Plugin Duplicator Arbitrary File Read Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. An arbitrary file read vulnerability exists in the Wordpress plugin Duplicator. An attacker...

Wordpress Duplicator 1.3.26 Plugin - Unauthenticated Arbitrary File Read Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Duplicator File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in...

CVE-2020-11738

The Snap Creek Duplicator plugin before 1.3.28 for WordPress and Duplicator Pro before 3.8.7.1 allows Directory Traversal via ../ in the file parameter to duplicatordownload or duplicatorinit...

WordPress Duplicator Plugin Arbitrary File Download

An arbitrary file download vulnerability exists in WordPress Duplicator plugin. Successful exploitation of this vulnerability would allow a remote attacker to download arbitrary files from the affected system...

WordPress Duplicator plugin <=1.2.28 – Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress Duplicator plugin versions =1.2.28. The plugin is vulnerable due to incorrectly filtered values "urlnew" and "logging". Solution Update the WordPress Duplicator plugin to the latest available version at least...

WordPress Duplicator 0.4.4 Cross Site Scripting

No description provided by source. Advisory ID: HTB23162 Product: Duplicator WordPress Plugin Vendor: LifeInTheGrid Vulnerable Versions: 0.4.4 and probably prior Tested Version: 0.4.4 Vendor Notification: June 19, 2013 Vendor Patch: July 21, 2013 Public Disclosure: July 24, 2013 Vulnerability Typ...