{"id":28841,"date":"2022-08-01T20:38:49","date_gmt":"2022-08-01T16:38:49","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/167896\/wpduplicator146-disclose.txt"},"modified":"2022-08-02T08:36:52","modified_gmt":"2022-08-02T04:06:52","slug":"wordpress-duplicator-1-4-6-backup-disclosure","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/wordpress-duplicator-1-4-6-backup-disclosure\/","title":{"rendered":"WordPress Duplicator 1.4.6 Backup Disclosure"},"content":{"rendered":"<pre dir=\"ltr\"><code># Exploit Title: WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download\r\n# Google Dork: N\/A\r\n# Date: 07.27.2022\r\n# Exploit Author: SecuriTrust\r\n# Vendor Homepage: https:\/\/snapcreek.com\/\r\n# Software Link: https:\/\/wordpress.org\/plugins\/duplicator\/\r\n# Version: &lt; 1.4.7\r\n# Tested on: Linux, Windows\r\n# CVE : CVE-2022-2551\r\n# Reference: https:\/\/securitrust.fr\r\n# Reference: https:\/\/github.com\/SecuriTrust\/CVEsLab\/CVE-2022-2551<\/code><\/pre>\n<p dir=\"ltr\">#Product:<br \/>\nWordPress Plugin Duplicator &lt; 1.4.7<\/p>\n<pre dir=\"ltr\"><code><\/code><\/pre>\n<p dir=\"ltr\">#Vulnerability:<br \/>\n1-It allows an attacker to download the backup file.<\/p>\n<pre dir=\"ltr\"><code><\/code><\/pre>\n<p dir=\"ltr\">#Proof-Of-Concept:<br \/>\n1-Backup download.<br \/>\nThe backup file can be downloaded using the &#8220;is_daws&#8221; parameter.<br \/>\nhttp:\/\/[PATH]\/backups-dup-lite\/dup-installer\/main.installer.php<\/p>\n<pre dir=\"ltr\"><code><\/code><\/pre>\n<p dir=\"ltr\">\n<pre dir=\"ltr\"><code><\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p># Exploit Title: WordPress Plugin Duplicator 1.4.6 &#8211; Unauthenticated Backup Download # Google Dork: N\/A # Date: 07.27.2022 # Exploit Author: SecuriTrust # Vendor Homepage: https:\/\/snapcreek.com\/ # Software Link: https:\/\/wordpress.org\/plugins\/duplicator\/ # Version: &lt; 1.4.7 # Tested on: Linux, Windows # CVE : CVE-2022-2551 # Reference: https:\/\/securitrust.fr # Reference: https:\/\/github.com\/SecuriTrust\/CVEsLab\/CVE-2022-2551 #Product: WordPress Plugin Duplicator &lt; 1.4.7 &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-28841","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/28841","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=28841"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/28841\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=28841"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=28841"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=28841"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}