CVE-2022-2552
N/A
N/A
Summary
The Duplicator WordPress plugin before 1.4.7 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Duplicator | 0 < 1.4.7 | affected |
Weaknesses
- CWE-862 Missing Authorization
- CWE-306 Missing Authentication for Critical Function
ADP Enrichment
CVE Program Container
Additional References
- https://wpscan.com/vulnerability/6b540712-fda5-4be6-ae4b-bd30a9d9d698
- https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2552
References
- https://wpscan.com/vulnerability/6b540712-fda5-4be6-ae4b-bd30a9d9d698
- https://github.com/SecuriTrust/CVEsLab/tree/main/CVE-2022-2552
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.