Vulnerabilities and security researches forduplicate-post duplicate-post

Feb 27, 2026

CVE, Research URL: CVE-2019-25314
Home page URL: Security reports for Yoast Duplicate Post
Application: Yoast Duplicate Post
Date: Feb 11, 2026
Research Description: Yoast Duplicate-Post WordPress Plugin 3.2.3 contains a persistent cross-site scripting vulnerability in plugin settings parameters. Attackers can inject malicious scripts into title prefix, suffix, menu order, and blacklist fields to execute arbitrary JavaScript in admin interfaces.
Affected versions: max 3.2.3.
Status: vulnerable

Jul 25, 2024

PSC, Research URL: PSC-2024-64516
Home page URL: Security reports for Yoast Duplicate Post
Application: Yoast Duplicate Post
Date: Aug 05, 2025
Research Description: “Yoast Duplicate Post” plugin, has successfully obtained the Plugin Security Certification (PSC) from CleanTalk, demonstrating its commitment to providing a secure and reliable tool for duplicating posts and pages within WordPress environments.
Affected versions: Min 4.5, max 4.5.
Status: SAFE & CERTIFIED

Jun 07, 2024

CVE, Research URL: CVE-2014-10378
Home page URL: Security reports for Yoast Duplicate Post
Application: Yoast Duplicate Post
Date: Aug 22, 2019
Research Description: The duplicate-post plugin before 2.6 for WordPress has XSS.
Affected versions: max 3.0.
Status: vulnerable

CVE, Research URL: CVE-2014-10379
Home page URL: Security reports for Yoast Duplicate Post
Application: Yoast Duplicate Post
Date: Aug 22, 2019
Research Description: The duplicate-post plugin before 2.6 for WordPress has SQL injection.
Affected versions: max 2.6.
Status: vulnerable