VYPR

Fastdup

by WordPress

Source repositories

CVEs (5)

  • CVE-2026-52703CriJun 15, 2026
    risk 0.62cvss 9.6epss 0.00

    Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.

  • CVE-2026-1104HigFeb 12, 2026
    risk 0.50cvss 8.8epss 0.00

    The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to unauthorized backup creation and download due to a missing capability check on REST API endpoints in all versions up to, and including, 2.7.1. This makes it possible for authenticated…

  • CVE-2026-0604MedJan 6, 2026
    risk 0.42cvss 6.5epss 0.00

    The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.7 via the 'dir_path' parameter in the 'njt-fastdup/v1/template/directory-tree' REST API endpoint. This makes it possible for…

  • CVE-2023-6592MedJan 16, 2024
    risk 0.35cvss 5.3epss 0.01

    The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export files.

  • CVE-2023-51406MedJan 8, 2024
    risk 0.34cvss 5.3epss 0.00

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through 2.1.7.