Vulnerability CVE-2022-2552


Published: 2022-08-22

Description:
The Duplicator WordPress plugin before 1.4.7.1 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
WordPress Duplicator 1.4.7 Information Disclosure
SecuriTrust
02.08.2022
Low
WordPress Plugin Duplicator 1.4.7 Information Disclosure
SecuriTrust
03.09.2022

Type:

CWE-200

(Information Exposure)

 References:
https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2552
https://wpscan.com/vulnerability/6b540712-fda5-4be6-ae4b-bd30a9d9d698

Copyright 2022, cxsecurity.com

 

Back to Top