Search the Community
Showing results for tags 'duplicator'.
-
Duplicator Pro version 1.3.14 and below suffer from a local information disclosure vulnerability. View the full article
-
- duplicator
- pro
-
(and 4 more)
Tagged with:
-
When the WordPress plugin Snap Creek Duplicator restores a backup, it leaves dangerous files in the filesystem such as installer.php and installer-backup.php. These files allow anyone to call a function that overwrite the wp-config.php file AND this function does not sanitize POST parameters before inserting them inside the wp-config.php file, leading to arbitrary PHP code execution. WARNING: This exploit WILL break the wp-config.php file. If possible try to restore backups of the configuration after the exploit to make the WordPress site work again. View the full article