Product
awesomemotive duplicator
12 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2018-25095
CVE-2023-6114
CVE-2023-33309
CVE-2023-23682
CVE-2022-2552
CVE-2022-2551
CVE-2020-11738
CVE-2018-17207
CVE-2018-7543
CVE-2017-16815
CVE-2014-9262
CVE-2013-4625
< 1.3.0
The Duplicator WordPress plugin before 1.3.0 does not properly escape values when its installer script replaces values in WordPres
< 1.5.7.1
The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `bac
< 4.5.11.1
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Awesome Motive Duplicator Pro plugin <= 4.5.11 versions.
<= 1.0.1
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Maintenance Mode plugin <= 1.0.1 versio
< 1.4.7.1
The Duplicator WordPress plugin before 1.4.7 does not authenticate or authorize visitors before displaying information about the s
< 1.4.7
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated visitors accessing the main inst
< 1.3.28
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ..
< 1.2.42
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer
all versions
Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress
all versions
installer.php in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin before 1.2.30 for WordPress has XSS because
<= 0.5.8
The Duplicator plugin in Wordpress before 0.5.10 allows remote authenticated users to create and download backup files.
<= 0.4.4
Cross-site scripting (XSS) vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows