cleantalk
Vulnerabilities and Security Researches

Duplicator – WordPress Migration & Backup Plugin, CVE-2013-4625

CVE, Research URL

CVE-2013-4625

Home page URL

Security reports for Duplicator – WordPress Migration & Backup Plugin

Application

Duplicator – WordPress Migration & Backup Plugin

Published on
Aug 10, 2013
Research Description
Cross-site scripting (XSS) vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter.
Affected versions
Min -, max 0.4.5.
Status
vulnerable
Previous vulnerability researches
Labinator Content Types Duplicator (CVE-2025-31809) , Apr 03, 2025
Theme Duplicator (CVE-2025-31845) , Apr 03, 2025
WP Bulk Post Duplicator (CVE-2025-28884) , Mar 13, 2025
Multisite Post Duplicator (CVE-2016-10944) , Jun 07, 2024
Theme File Duplicator (CVE-2025-27283) , Feb 27, 2025
New vulnerability
External image replace (CVE-2025-4279) , May 06, 2025
Absolute Links (CVE-2025-43833) , May 05, 2025
List Children (CVE-2025-4099) , May 05, 2025
Libro de Reclamaciones (CVE-2025-46446) , May 05, 2025
Enhanced Paypal Shortcodes (CVE-2025-46543) , May 05, 2025