4 matches found
WordPress WP Duplicate Page plugin <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication vulnerability
Missing Authorization to Authenticated Contributor+ Arbitrary Post Duplication vulnerability discovered by Sarawut Poolkhet MisterHelloz in WordPress Plugin WP Duplicate Page versions = 1.8...
CVE-2022-2093
The WP Duplicate Page WordPress plugin before 1.3 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-2093
The WP Duplicate Page WordPress plugin before 1.3 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2022-2093
CVE-2022-2093 affects the WordPress WP Duplicate Page plugin prior to version 1.3. The issue is a failure to sanitize/escape certain settings, which can allow high-privilege users (e.g., admins) to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. Documented in multipl...