Directory Traversal vulnerability in Snap Creek Duplicator plugin - CVE-2020-11738ID: oval:org.secpod.oval:def:78328 | Date: (C)2022-03-18 (M)2022-10-13 |
Class: VULNERABILITY | Family: unix |
The host is installed with Snap Creek Duplicator plugin for WordPress before 1.3.28 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to properly handle ../ in the file parameter to duplicator_download or duplicator_init. Successful exploitation allows Directory Traversal.
Product: |
Snap Creek Duplicator Plugin for WordPress |