Vulnerabilities and security researches fordelete-duplicate-posts delete-duplicate-posts

Nov 15, 2024

CVE, Research URL: CVE-2022-4974
Home page URL: Security reports for Delete Duplicate Posts
Application: Delete Duplicate Posts
Date: Oct 16, 2024
Research Description: The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions: max 4.7.5.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2023-47754
Home page URL: Security reports for Delete Duplicate Posts
Application: Delete Duplicate Posts
Date: Dec 19, 2023
Research Description: Missing Authorization vulnerability in Clever plugins Delete Duplicate Posts allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Delete Duplicate Posts: from n/a through 4.8.9.
Affected versions: max 4.9.
Status: vulnerable

CVE, Research URL: 167bca9447242c797f094adbfdc57a724b3dce50
Home page URL: Security reports for Delete Duplicate Posts
Application: Delete Duplicate Posts
Date: Feb 28, 2022
Research Description: Delete Duplicate Posts [delete-duplicate-posts] < 4.9 WordPress Delete Duplicate Posts plugin < 4.7.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Delete Duplicate Posts plugin (versions < 4.7.6).
Affected versions: max 4.9.
Status: vulnerable