logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Duplicator – WordPress Migration Plugin wordpress-logolabel

2020-02-19

Duplicator 1.3.24 & 1.3.26 - Unauthenticated Arbitrary File Download

fixed in version 1.3.28

2018-09-05

Duplicator <= 1.2.40 - Unauthenticated Arbitrary Code Execution

fixed in version 1.2.42

2018-03-15

Duplicator <= 1.2.32 - Cross-Site Scripting (XSS)

fixed in version 1.2.33

2017-11-07

Duplicator <= 1.2.28 – Unauthenticated Stored Cross-Site Scripting (XSS)

fixed in version 1.2.29

2016-02-10

Duplicator <= 1.1.3 - Cross-Site Request Forgery (CSRF)

fixed in version 1.1.4

2015-08-15

Duplicator <= 0.5.26 - Authenticated Cross-Site Scripting (XSS)

fixed in version 0.5.28

2015-04-10

Duplicator <= 0.5.14 - SQL Injection & CSRF

fixed in version 0.5.16

2015-02-19

Duplicator 0.5.8 - Privilege Escalation

fixed in version 0.5.10

2014-08-01

Duplicator - installer.cleanup.php package Parameter XSS

fixed in version 0.4.5

Is this your WordPress plugin?

We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.