The leading open source vulnerability database

Instantly mitigate vulnerabilities in WordPress websites with Patchstack.

See pricing

Rated 4.9

Total47,472

MitigationsMitigation rules15,257

No official patch12,884

In triage1,599

Published soon1

StatsWordPress stats

CVSS0

Mitigation available

Exploited

Affected software \| Vulnerability	Risk	Disclosed
Post Duplicator<= 3.0.10 PHP Object Injection vulnerability	8.8	13/04/2026
Post Duplicator<= 3.0.8 Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter vulnerability	4.3	24/02/2026
FastDup<= 2.7.1 WordPress FastDup - Fastest WordPress Migration & Duplicator plugin <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download vulnerability	8.8	12/02/2026
WP Quick Post Duplicator<= 2.1 Broken Access Control vulnerability	4.3	08/01/2026
MultiSite Clone Duplicator<= 1.5.3 Cross Site Scripting (XSS) vulnerability	7.1	29/08/2025
Easy Post Duplicator<= 1.0.1 Reflected Cross Site Scripting (XSS) vulnerability	7.1	09/04/2025
Easy Post Duplicator<= 1.0.1 SQL Injection vulnerability	8.5	09/04/2025
Theme Duplicator<= 1.1 Cross Site Request Forgery (CSRF) vulnerability	4.3	01/04/2025
Labinator Content Types Duplicator<= 1.1.3 Cross Site Request Forgery (CSRF) vulnerability	4.3	01/04/2025
Menu Duplicator<= 1.0 Broken Access Control vulnerability	4.3	24/03/2025
WP Bulk Post Duplicator<= 1.2 Cross Site Request Forgery (CSRF) vulnerability	4.3	11/03/2025
Theme File Duplicator<= 1.3 Arbitrary File Download vulnerability	6.5	21/02/2025
Theme File Duplicator<= 1.3 Arbitrary File Upload vulnerability	9.9	21/02/2025
Post Duplicator<= 2.35 Broken Access Control vulnerability	4.3	24/01/2025
Post Duplicator<= 2.36 Authenticated (Contributor+) Protected Post Disclosure vulnerability	5.3	10/01/2025
Duplicator<= 1.5.9 Full Path Disclosure vulnerability	5.3	11/07/2024
WP STAGING – Backup Duplicator & Migration< 3.5.0 Admin+ SSRF vulnerability	5.5	31/05/2024
WP STAGING – Backup Duplicator & Migration<= 3.4.3 Authenticated (Admin+) Arbitrary File Upload vulnerability	7.2	29/05/2024
WP STAGING – Backup Duplicator & Migration<= 3.4.3 Sensitive Information Exposure via Log File vulnerability	5.3	26/04/2024
WP STAGING – Backup Duplicator & Migration< 3.4.0 Admin+ Stored XSS vulnerability	5.9	17/04/2024