WordPress Snap Creek Duplicator Plugin File Download Vulnerability

Added Nov. 3, 2021 • Due May 3, 2022 • CVE-2020-11738

Overdue WordPress / Snap Creek Duplicator Plugin CWE-22

Description

WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro.

Required Action

Apply updates per vendor instructions.

References

https://nvd.nist.gov/vuln/detail/CVE-2020-11738

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 6 months ago