Untriaged
Permalink
CVE-2023-51681
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
WordPress Duplicator Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) vulnerability in Duplicator Duplicator – WordPress Migration & Backup Plugin.This issue affects Duplicator – WordPress Migration & Backup Plugin: from n/a through 1.5.7.
References
- https://https://patchstack.com/database/vulnerability/duplicator/wordpress-dupl… vdb-entry
- https://https://patchstack.com/database/vulnerability/duplicator/wordpress-dupl… vdb-entry
- https://https://patchstack.com/database/vulnerability/duplicator/wordpress-dupl… vdb-entry x_transferred
- https://https://patchstack.com/database/vulnerability/duplicator/wordpress-dupl… vdb-entry
- https://https://patchstack.com/database/vulnerability/duplicator/wordpress-dupl… vdb-entry x_transferred
Affected products
duplicator
- =<1.5.7
Matching in nixpkgs
pkgs.signal-backup-deduplicator
Generate chunked backups for Signal messages
-
nixos-unstable -
- nixpkgs-unstable 0-unstable-2024-05-24
Package maintainers
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>