cleantalk

Vulnerabilities and Security Researches

Security report for CVE WP Quick Post Duplicator > CVE-2023-31214

CVE, Research URL

CVE-2023-31214

Home page URL

Security reports for WP Quick Post Duplicator

Application

WP Quick Post Duplicator

Published on
-
Research Description
The WP Quick Post Duplicator plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apj_duplicate_post_as_a_draft() function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with contributor-level access and above, to duplicate arbitrary posts that may have protected content.
Affected versions
Min -, max 2.0.
Status
vulnerable
Previous vulnerability researches
WP Quick Post Duplicator (8c412c0666baee67ae3ee0f0eb18d8d95123aee2) , Jun 07, 2024
WP Quick Post Duplicator (CVE-2023-31214) , Jun 10, 2024
New vulnerability
Bulk Categories Assign (CVE-2025-23582) , Feb 05, 2025
Songkick Concerts and Festivals (CVE-2025-25146) , Feb 05, 2025
Auto SEO (CVE-2025-25147) , Feb 05, 2025
Smart DoFollow (CVE-2025-25152) , Feb 05, 2025
WP Mailster (CVE-2025-24559) , Feb 05, 2025