CVE-2020-11738

Related Files

WordPress Duplicator File Read

Posted Sep 1, 2024

Authored by Hoa Nguyen, Ramuel Gall | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress plugin Duplicator version 1.3.24-1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered.

tags | exploit, web, arbitrary

advisories | CVE-2020-11738

SHA-256 | 70e1c80a4666b4d2d1a2cbdb85a7139a6ae55e39380b9790128d79bb96845537

Download | Favorite | View

WordPress Duplicator 1.3.26 Arbitrary File Read

Posted Oct 18, 2021

Authored by nam3lum

WordPress Duplicator plugin version 1.3.26 suffers from an unauthenticated arbitrary file read vulnerability.

tags | exploit, arbitrary

advisories | CVE-2020-11738

SHA-256 | 1383137efd7098a45bbbd9bc17c62eb574f42061cee8906bc359dc7a056a140a

Download | Favorite | View

WordPress Duplicator 1.3.26 Directory Traversal / File Read

Posted Dec 18, 2020

Authored by Hoa Nguyen, Ramuel Gall | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered.

tags | exploit, web, arbitrary, file inclusion

advisories | CVE-2020-11738

SHA-256 | 4ea50cf867ab79c361dd72e12949f0f0d61e20bd60dd59c1e49252679fd3c7a8

Download | Favorite | View