Your review has been sent successfully

Duplicator Plugin (WordPress) Update

243
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

23 February, 2020

● High

2020-944

All

Description:

Wordfence has released security update to address a vulnerability in the following plugin:

  • Duplicator Plugin
    • prior to version 1.3.28
  • Duplicator Plugin Pro
    • prior to version 3.8.7.1

Threats:

Arbitrary file download vulnerability could allow a remote attacker could exploit this vulnerability by to accessing a site’s database credentials. With these credentials, an attacker can to create their own Administrator account.

Best practice and Recommendations:

The CERT team encourages users to review Wordfence security advisory and apply the necessary updates:

Last updated at 23 February, 2020

Rate the content

rate-icon
up icon