Duplicator WordPress Plugin Vulnerability

Details of a vulnerability in SnapCreek's Duplicator WordPress plugin have been disclosed by a group of security researchers.

Threat ID:: CC-2666
Category:
Threat Severity:: Low
Threat Vector:
Published:: 12 September 2018 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

Details of a vulnerability in SnapCreek's Duplicator WordPress plugin have been disclosed by a group of security researchers.

Affected platforms

The following platforms are known to be affected:

SnapCreek Duplicator

SnapCreek Duplicator - Versions prior to 1.2.42

Threat details

They claim that a remote unathenticated attacker could exploit this vulnerability to take control of affected WordPress sites.

Remediation steps

Type	Step
	SnapCreek have addressed this vulnerability in the latest version of Duplicator. Users are encouraged to apply this update immediately

Last edited: 17 February 2020 12:42 pm