Snapcreek Duplicator vulnerabilities
2 known vulnerabilities affecting snapcreek/duplicator.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-9262P3HIGHCVSS 8.2PoC≤ 0.5.82017-08-07
CVE-2014-9262 [HIGH] CWE-264 CVE-2014-9262: The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and dow
The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files.
nvd
CVE-2017-16815P4MEDIUMCVSS 6.1v1.2.282017-11-14
CVE-2017-16815 [MEDIUM] CWE-79 CVE-2017-16815: installer.php in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin before 1.2.30
installer.php in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin before 1.2.30 for WordPress has XSS because the values "url_new" (/wp-content/plugins/duplicator/installer/build/view.step4.php) and "logging" (wp-content/plugins/duplicator/installer/build/view.step2.php) are not filtered correctly.
nvd