Medium 5.3
2024-07-11< 1.5.10
CVE-2024-6210
Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & More
Minimum safe version
1.5.10
Update to 1.5.10 or later to address 25 fixable vulnerabilities
Latest available1.5.16 ✓
Critical 9.8
2024-01-08< 1.3.0
CVE-2018-25095
Medium 6.5
2024-12-27< 1.5.7.1
WordPress Duplicator Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)
High 7.5
2023-12-26< 1.5.7.1
CVE-2023-6114
N/A
2015-04-10< 0.5.16
Duplicator <= 0.5.14 - SQL Injection
N/A
2015-08-15< 0.5.28
Duplicator <= 0.5.26 - Authenticated (Admin+) Cross-Site Scripting
N/A
2016-02-09< 1.1.4
Duplicator < 1.1.4 - Cross-Site Request Forgery
N/A
< 0.5.16
Duplicator <= 0.5.14 - SQL Injection & CSRF
N/A
< 0.5.28
Duplicator <= 0.5.26 - Authenticated Cross-Site Scripting (XSS)
N/A
< 1.1.4
wpscan.com
N/A
< 1.2.42
Duplicator <= 1.2.40 - Unauthenticated Arbitrary Code Execution
High 7.5
2022-08-22< 1.4.7.1
CVE-2022-2551
Medium 5.3
2022-08-22< 1.4.7.1
CVE-2022-2552
N/A
2015-04-13< 0.5.15
WordPress Duplicator Plugin <= 0.5.14 - SQL Injection and CSRF
N/A
2013-07-24< 0.4.5
WordPress Duplicator Plugin - Cross Site Scripting
N/A
2015-11-22< 0.5.28
WordPress Duplicator Plugin <= 0.5.26 - Cross Site Scripting
N/A
2016-02-11< 1.1.4
WordPress Duplicator Plugin <= 1.1.3 - Cross Site Request Forgery
N/A
2018-09-05< 1.2.42
WordPress Duplicator plugin <= 1.2.40 - Arbitrary Code Execution vulnerability
N/A
2020-02-20< 1.3.28
WordPress Duplicator plugin <= 1.3.26 - Unauthenticated Arbitrary File Download vulnerability
Critical 9.8
2018-09-19< 1.2.42
CVE-2018-17207
N/A
2014-08-01< 0.4.5
Duplicator – WordPress Migration Plugin <= 0.4.4 - Cross-Site Scripting
High 8.2
2017-08-07< 0.5.10
CVE-2014-9262
Medium 6.1
2017-11-20< 1.2.30
WordPress Duplicator plugin <=1.2.28 – Stored Cross-Site Scripting (XSS) vulnerability
Medium 6.1
2018-03-28< 1.2.33
WordPress Duplicator plugin <=1.2.32 - Cross-Site Scripting (XSS) vulnerability
KEV
2020-04-13< 1.3.28
CVE-2020-11738