WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Duplicator <= 1.2.28 – Unauthenticated Stored Cross-Site Scripting (XSS)

Description

The Duplicator – WordPress Migration Plugin WordPress plugin was affected by   security vulnerability.

Affects Plugins

duplicator
Fixed in version 1.2.29

References

CVE
CVE-2017-16815
URL
https://snapcreek.com/duplicator/docs/changelog
URL
https://plugins.trac.wordpress.org/changeset/1760546/duplicator
URL
https://packetstormsecurity.com/files/144914/

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
bbd7a36c-4d09-480e-9171-b3a0d76911d3

Timeline

Publicly Published

2017-11-07 (about 4 years ago)

Added

2017-11-15 (about 4 years ago)

Last Updated

2020-09-22 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin