Lucene search
HistoryFeb 28, 2024 - 5:15 p.m.
CVE-2023-51681
cve-2023-51681
csrf
duplicator
wordpress
migration
backup
plugin
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
Cross-Site Request Forgery (CSRF) vulnerability in Duplicator Duplicator – WordPress Migration & Backup Plugin.This issue affects Duplicator – WordPress Migration & Backup Plugin: from n/a through 1.5.7.
Affected configurations
Node
duplicatorezp_maintenance_modeRange≤1.5.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| duplicator | ezp_maintenance_mode | * | cpe:2.3:a:duplicator:ezp_maintenance_mode:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "duplicator",
"product": "Duplicator – WordPress Migration & Backup Plugin",
"vendor": "Duplicator",
"versions": [
{
"changes": [
{
"at": "1.5.7.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.5.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Duplicator < 1.5.7.1 - Settings Removal via CSRF
2024-01-04 00:00:00
prion
prion
Cross site request forgery (csrf)
2024-02-28 17:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-51681
2024-02-28 17:15:07
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2023-51681