ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Duplicator plugin <= 1.2.40 - Arbitrary Code Execution vulnerability

Product
Duplicator
Description
Arbitrary Code Execution vulnerability found in WordPress Duplicator plugin (versions <= 1.2.40).
Solution
Update the WordPress Duplicator plugin to the latest available version (at least 1.2.42).
Classification
Type Arbitrary Code Execution
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.2.40
Fixed In 1.2.42
Disclosure date
2018-09-05
Submitter
ThreatPress