Post Duplicator

Vulnerabilities 10Slug post-duplicatorLatest version 3.0.14WordPress.org →

Minimum safe version

3.0.11

Update to 3.0.11 or later to address 10 fixable vulnerabilities

Latest available3.0.14 ✓

N/A

2026-04-13< 3.0.11

Post Duplicator <= 3.0.10 - Authenticated (Contributor+) PHP Object Injection

N/A

2026-02-24< 3.0.9

Post Duplicator <= 3.0.8 - Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter

Medium 4.3

2025-01-24< 2.36

CVE-2025-24736

Medium 4.3

2025-01-11< 2.37

CVE-2024-12472

Medium 4.3

2024-12-09< 2.32

CVE-2023-49835

Medium 6.1

2023-02-20< 2.19

CVE-2016-15027

N/A

< 2.17

Post Duplicator <= 2.16 - Cross-Site Scripting (XSS)

N/A

2016-04-06< 2.17

Post Duplicator <= 2.16 - Reflected Cross-Site Scripting

N/A

2016-04-06< 2.17

WordPress Post Duplicator Plugin <= 2.16 - Cross Site Scripting (XSS)

Medium 5.4

2022-03-09< 2.27

CVE-2021-33852