| CVE/PSC | Application | Date | Affected versions | Description | Details |
|---|---|---|---|---|---|
| Actual on: Feb 05, 2025, 15:02:56 | Entries count: 9 | ||||
|
vulnerable
|
Jun 07, 2024, 07:06:52 |
Min -
Max 1.1.3
|
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF. | ||
|
vulnerable
|
Jun 07, 2024, 02:06:27 |
Min -
Max 2.1
|
WP Quick Post Duplicator [wp-quick-post-duplicator] < 2.1 WP Quick Post Duplicator <= 2.0 - Missing Authorization The WP Quick Post Duplicator plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apj_duplicate_post_as_a_draft() function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with contributor-level access and above, to duplicate arbitrary posts that may have protected content. | ||
|
vulnerable
|
Jun 10, 2024, 12:06:26 |
Min -
Max 2.0
|
The WP Quick Post Duplicator plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apj_duplicate_post_as_a_draft() function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with contributor-level access and above, to duplicate arbitrary posts that may have protected content. | ||
| PSC-2024-64534 |
SAFE & CERTIFIED
|
Dec 17, 2024, 18:12:09 |
Min 2.35
Max 2.37
|
Post Duplicator is a powerful yet simple WordPress plugin designed to duplicate posts, pages, and custom post types with just a click. It offers seamless functionality, supporting custom taxonomies and custom fields, making it a must-have for developers and content managers. With its intuitive interface, users can easily create exact replicas of their posts directly from the WordPress dashboard. The plugin is particularly useful for developers working on new WordPress sites, as it allows for the creation o... | |
|
vulnerable
|
Jan 25, 2025, 21:01:15 |
Min -
Max 2.36
|
Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Post Duplicator: from n/a through 2.35. | ||
|
vulnerable
|
Jan 12, 2025, 00:01:38 |
Min -
Max 2.37
|
The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the mtphr_duplicate_post() due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to by duplicating the post. | ||
|
vulnerable
|
Jun 07, 2024, 06:06:28 |
Min -
Max 2.17
|
A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the "Duplicate Title" text box executes whenever the user opens the Settings Page of the Post Duplicator Plugin or the application root page after duplicating any of the existing posts. | ||
|
vulnerable
|
Jun 07, 2024, 06:06:28 |
Min -
Max 2.19
|
A vulnerability was found in meta4creations Post Duplicator Plugin 2.18 on WordPress. It has been classified as problematic. Affected is the function mtphr_post_duplicator_notice of the file includes/notices.php. The manipulation of the argument post-duplicated leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.19 is able to address this issue. The name of the patch is ca67c05e490c0cf93a1e9b2d93bfeff3dd96f594. It is recommended to upgrade the affected compone... | ||
|
vulnerable
|
Jun 10, 2024, 12:06:28 |
Min -
Max 2.32
|
Missing Authorization vulnerability in Metaphor Creations Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Duplicator: from n/a through 2.31. | ||