Duplica – Duplicate Posts, Pages, Custom Posts Or Users
Approved changes feed: RSS · Atom
cpe:2.3:a:codexpert:duplica_–_duplicate_posts,_pages,_custom_posts_or_users:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Codexpert (0c2ba2de-ce31-503b-a308-74d647d1457a) |
|---|---|
| Product | Duplica – Duplicate Posts, Pages, Custom Posts Or Users (f088298c-e1b9-5b5c-91ee-df23f0696b15) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-5997 |
vulnerable | 2026-06-08 06:58:17.147123 |
Duplica <= 0.6 - Authenticated (Subscriber+) Missing Authorization to Users/Posts Duplicates Creation
MEDIUM (4.3)
The Duplica – Duplicate Posts, Pages, Custom Posts or Users plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the duplicate_user and duplicate_post functions in all versions up to, and including, 0.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create duplicates of users and posts/pages.
Published: 2024-07-18T21:32:36.184Z
Updated: 2026-04-08T16:56:36.624Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.