If you are using WordPress Duplicator plugin, it is better to check your system if any vulnerability exists.
domain
Yes
Yes
Yes
30
If you are using WordPress Duplicator plugin, it is better to check your system if any vulnerability exists.
On February 12, Snap Creek, makers of the popular WordPress plugin Duplicator, released version 1.3.28 and Duplicator Pro version 3.8.7.1 to address a serious vulnerability.
According to researchers at Wordfence, an unauthenticated arbitrary file download vulnerability exists in Duplicator versions 1.3.26 and Duplicator Pro versions 3.8.7.
Snap Creek addressed this vulnerability in Duplicator version 1.3.28 and Duplicator Pro version 3.8.7.1 on February 12. Duplicator and Duplicator Pro users are strongly encouraged to upgrade to versions 1.3.28 and 3.8.7.1 or greater as soon as possible.
Additionally, review HTTP logs for requests that include the following query strings:
The most reliable indicator is whether the request contains the file parameter, as that is required to exploit this vulnerability.