Vulnerability feed

Vulnerability

CVE-2020-11738

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-11738
Description:: The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
Last updated date:: 10/05/2022

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 07/23/2021
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 12/18/2020
Reference url to background: https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/27/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wp_duplicator_file_read.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/05/2022
Reference url to background: http://packetstormsecurity.com/files/160621/WordPress-Duplicator-1.3.26-Directory-Traversal-File-Read.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/05/2022
Reference url to background: http://packetstormsecurity.com/files/164533/WordPress-Duplicator-1.3.26-Arbitrary-File-Read.html

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |