VYPR

Duplicator Pro

by WordPress

CVEs (2)

  • CVE-2023-6114HigDec 26, 2023
    risk 0.51cvss 7.5epss 0.31

    The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data.…

  • CVE-2023-33309HigMay 28, 2023
    risk 0.46cvss 7.1epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Awesome Motive Duplicator Pro plugin <= 4.5.11 versions.