← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-11738 — Actively Exploited: Snap Creek Duplicator Plugin (WordPress)

WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro.

CVE IDCVE-2020-11738
VendorWordPress
ProductSnap Creek Duplicator Plugin
Vulnerability nameWordPress Snap Creek Duplicator Plugin File Download Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionWordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress dashboard. This vulnerability affects Duplicator and Dulplicator Pro.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →