Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-6114

CWE-552Files Accessible to External PartiesCWE-200Information Exposure5 documents5 sources
Severity
7.5HIGH
EPSS
61.3%
top 1.68%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Unknown DuplicatorUnknown Duplicator PROAwesomemotive Duplicator
Timeline
PublishedDec 26

Description

The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5unknown/duplicator< 1.5.7.1
CVEListV5unknown/duplicator_pro< 4.5.14.2
NVDawesomemotive/duplicator< 1.5.7.1+1

🔴Vulnerability Details

3
GHSA
GHSA-769q-5ww3-v8ww: The Duplicator WordPress plugin before 12023-12-26
CVEList
Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure2023-12-26
VulnCheck
awesomemotive duplicator Files or Directories Accessible to External Parties2023

💥Exploits & PoCs

1
Nuclei
Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure
CVE-2023-6114 (HIGH CVSS 7.5) | The Duplicator WordPress plugin bef | cvebase.io